ultrasurfing.com Open in urlscan Pro
2606:4700:e4::ac40:a70f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rebrand.ly/r56fmau
Effective URL:
http://ultrasurfing.com/
Submission: On January 13 via manual (January 13th 2023, 10:04:51 am UTC) from IN — Scanned from DE

Summary HTTP 385 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 95 IPs in 10 countries across 62 domains to perform 385 HTTP transactions. The main IP is 2606:4700:e4::ac40:a70f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultrasurfing.com. The Cisco Umbrella rank of the primary domain is 286631.

This is the only time ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.208.31.55 54.208.31.55	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.17.238.34 3.17.238.34	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700:e4:... 2606:4700:e4::ac40:a70f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	8.248.147.250 8.248.147.250	3356 (LEVEL3) (LEVEL3)
2	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:17e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	68.183.18.251 68.183.18.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6822	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.21.65.105 52.21.65.105	14618 (AMAZON-AES) (AMAZON-AES)
69	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	143.204.215.108 143.204.215.108	16509 (AMAZON-02) (AMAZON-02)
1	23.206.210.112 23.206.210.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2	13.32.28.235 13.32.28.235	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.125 13.32.27.125	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.34.39.251 63.34.39.251	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	35.157.198.68 35.157.198.68	16509 (AMAZON-02) (AMAZON-02)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
6 10	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.201.81.14 34.201.81.14	14618 (AMAZON-AES) (AMAZON-AES)
1	146.190.197.183 146.190.197.183	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	52.57.191.85 52.57.191.85	16509 (AMAZON-02) (AMAZON-02)
3	52.6.251.183 52.6.251.183	14618 (AMAZON-AES) (AMAZON-AES)
3	2a02:26f0:350... 2a02:26f0:3500:58c::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	3.234.22.15 3.234.22.15	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.247.10.3 34.247.10.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::2fb3	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	34.233.111.211 34.233.111.211	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
16	3.67.96.91 3.67.96.91	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	44.240.138.76 44.240.138.76	16509 (AMAZON-02) (AMAZON-02)
7	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.231.246.225 34.231.246.225	14618 (AMAZON-AES) (AMAZON-AES)
1	54.171.141.116 54.171.141.116	16509 (AMAZON-02) (AMAZON-02)
1	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 3	20.73.234.141 20.73.234.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
12 23	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:612... 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394	14618 (AMAZON-AES) (AMAZON-AES)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	52.58.228.255 52.58.228.255	16509 (AMAZON-02) (AMAZON-02)
1 1	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	40.85.112.191 40.85.112.191	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:4379:fd12:b154:f230	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.201.198 142.250.201.198	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 2	34.246.29.69 34.246.29.69	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:9c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.32 185.86.138.32	201081 (SMARTADSE...) (SMARTADSERVER)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	213.254.244.23 213.254.244.23	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
25	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2 4	52.50.218.77 52.50.218.77	16509 (AMAZON-02) (AMAZON-02)
2	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	141.226.230.50 141.226.230.50	200478 (TABOOLA-AS) (TABOOLA-AS)
385	95

1 54.208.31.55 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-31-55.compute-1.amazonaws.com

rebrand.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.17.238.34 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-17-238-34.us-east-2.compute.amazonaws.com

perzua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:e4::ac40:a70f (United States)

ASN13335 (CLOUDFLARENET, US)

ultrasurfing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.248.147.250 (United States)

ASN3356 (LEVEL3, US)

cdn.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:17e (United States)

ASN13335 (CLOUDFLARENET, US)

increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.18.251 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture2.analytics.hbwrapper

cat2.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:c::5c7b:6822 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.21.65.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-65-105.compute-1.amazonaws.com

servt.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-108.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.28.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-235.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-125.fra56.r.cloudfront.net

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.39.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-39-251.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.198.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-198-68.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 37.252.171.53 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.201.81.14 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-81-14.compute-1.amazonaws.com

brightcombid.marphezis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.190.197.183 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

rt.nanoook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.191.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-191-85.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.6.251.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-251-183.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

c.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.22.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-22-15.compute-1.amazonaws.com

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.10.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-10-3.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::2fb3 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.111.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-111-211.compute-1.amazonaws.com

serv.vidcrunch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.67.96.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.138.76 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-138-76.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.246.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-246-225.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.141.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-141-116.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.73.234.141 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tra.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.neodatagroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.186.34 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.228.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-228-255.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.85.112.191 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.youronlinechoices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.125.22 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:4379:fd12:b154:f230 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.29.69 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-29-69.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

taboola-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.23 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.50.218.77 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-218-77.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.72 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.141 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 893 trc.taboola.com — Cisco Umbrella Rank: 641 trc-events.taboola.com — Cisco Umbrella Rank: 1285 vidstat.taboola.com — Cisco Umbrella Rank: 2631 am-trc-events.taboola.com — Cisco Umbrella Rank: 18034 images.taboola.com — Cisco Umbrella Rank: 1604 imprammp.taboola.com — Cisco Umbrella Rank: 13078 am-match.taboola.com — Cisco Umbrella Rank: 12806 wf.taboola.com — Cisco Umbrella Rank: 2678 am-vid-events.taboola.com — Cisco Umbrella Rank: 12660 vidstatb.taboola.com — Cisco Umbrella Rank: 4529 pips.taboola.com — Cisco Umbrella Rank: 1510 cds.taboola.com — Cisco Umbrella Rank: 1580	5 MB
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 156	369 KB
36	doubleclick.net 13 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 ad.doubleclick.net — Cisco Umbrella Rank: 192 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	281 KB
25	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	496 KB
16	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 911	2 KB
16	ultrasurfing.com ultrasurfing.com — Cisco Umbrella Rank: 286631	157 KB
13	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 450 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 840 eus.rubiconproject.com — Cisco Umbrella Rank: 532 pixel.rubiconproject.com — Cisco Umbrella Rank: 306 token.rubiconproject.com — Cisco Umbrella Rank: 551	15 KB
13	casalemedia.com 6 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 487 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	9 KB
13	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 293 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 960 s.amazon-adsystem.com — Cisco Umbrella Rank: 279	148 KB
13	vidcrunch.com cdn.vidcrunch.com — Cisco Umbrella Rank: 56126 servt.vidcrunch.com — Cisco Umbrella Rank: 61978 serv.vidcrunch.com — Cisco Umbrella Rank: 100622	3 MB
11	google.com cse.google.com — Cisco Umbrella Rank: 2622 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 424 adservice.google.com — Cisco Umbrella Rank: 70	406 KB
10	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 207	10 KB
7	yahoo.com 1 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 821 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417	1 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 385 mug.criteo.com — Cisco Umbrella Rank: 2848	2 KB
5	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 7983 track1.avplayer.com — Cisco Umbrella Rank: 8535	219 KB
4	demdex.net 2 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 95265	4 KB
4	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 711 static.adsafeprotected.com — Cisco Umbrella Rank: 633	1 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 501 tps.doubleverify.com — Cisco Umbrella Rank: 541 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 13795	112 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 301	1 KB
4	neodatagroup.com 1 redirects c.neodatagroup.com — Cisco Umbrella Rank: 25110 tra.neodatagroup.com — Cisco Umbrella Rank: 21454 tracker.neodatagroup.com — Cisco Umbrella Rank: 24689	13 KB
4	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 938 id5-sync.com — Cisco Umbrella Rank: 393	19 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	145 KB
3	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3183	547 B
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1057 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1305	1 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 4188 a.ad.gt — Cisco Umbrella Rank: 3382	4 KB
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 1709	188 KB
3	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 845 x.bidswitch.net — Cisco Umbrella Rank: 276	531 B
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1039 bcp.crwdcntrl.net — Cisco Umbrella Rank: 904 id.crwdcntrl.net — Cisco Umbrella Rank: 1411	10 KB
3	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 113 cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	44 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	152 KB
2	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 3926	804 B
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 10884	3 KB
2	openx.net taboola-d.openx.net — Cisco Umbrella Rank: 8137	551 B
2	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1585	674 B
2	google.de www.google.de — Cisco Umbrella Rank: 5983 adservice.google.de — Cisco Umbrella Rank: 8470	1 KB
2	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 25 imasdk.googleapis.com — Cisco Umbrella Rank: 427	124 KB
2	gcprivacy.com p.gcprivacy.com — Cisco Umbrella Rank: 20759 p2.gcprivacy.com — Cisco Umbrella Rank: 10891	10 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 158	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 373	710 B
1	youronlinechoices.com www.youronlinechoices.com — Cisco Umbrella Rank: 41525
1	teads.tv at.teads.tv — Cisco Umbrella Rank: 4778	338 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2117	313 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1696	250 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 506	555 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5843	1 KB
1	nanoook.com rt.nanoook.com — Cisco Umbrella Rank: 16034	110 B
1	marphezis.com 1 redirects brightcombid.marphezis.com — Cisco Umbrella Rank: 8631	136 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1038	1 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 838	275 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 691	363 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 625	225 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1316	163 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 595	402 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 3006	11 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1201	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 357	2 KB
1	hbwrapper.com cat2.hbwrapper.com — Cisco Umbrella Rank: 24515	260 B
1	increaserev.com increaserev.com — Cisco Umbrella Rank: 95084	167 KB
1	perzua.com 1 redirects perzua.com	385 B
1	rebrand.ly 1 redirects rebrand.ly — Cisco Umbrella Rank: 46598	263 B
0	rlcdn.com Failed api.rlcdn.com Failed
385	62

	Domain	Requested by
52	images.taboola.com
41	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
25	s0.2mdn.net	ultrasurfing.com s0.2mdn.net
17	cm.g.doubleclick.net	12 redirects imprammp.taboola.com googleads.g.doubleclick.net
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com s0.2mdn.net
16	btlr.sharethrough.com	player.aniview.com
16	ultrasurfing.com	ultrasurfing.com
15	cdn.taboola.com	ultrasurfing.com cdn.taboola.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	ib.adnxs.com	6 redirects increaserev.com googleads.g.doubleclick.net
8	cdn.vidcrunch.com	ultrasurfing.com
7	www.google.com	cse.google.com www.google.com tpc.googlesyndication.com
7	c.amazon-adsystem.com	increaserev.com c.amazon-adsystem.com player.aniview.com
6	googleads4.g.doubleclick.net	ultrasurfing.com
6	googleads.g.doubleclick.net	b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com pagead2.googlesyndication.com
6	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
6	c2shb.pubgw.yahoo.com	increaserev.com
5	trc.taboola.com	cdn.taboola.com
4	skydeutschland.demdex.net	2 redirects b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
4	token.rubiconproject.com	4 redirects
4	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
4	b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	gum.criteo.com	2 redirects
4	servt.vidcrunch.com	player.aniview.com
4	securepubads.g.doubleclick.net	increaserev.com securepubads.g.doubleclick.net
3	www.googletagservices.com	b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
3	pixel.rubiconproject.com	eus.rubiconproject.com imprammp.taboola.com
3	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
3	id5-sync.com	cdn.id5-sync.com increaserev.com
3	player.aniview.com	player.avplayer.com player.aniview.com
3	track1.avplayer.com
3	fastlane.rubiconproject.com	increaserev.com
3	www.googletagmanager.com	ultrasurfing.com increaserev.com
2	cdnjs.cloudflare.com	s0.2mdn.net
2	track.adform.net	1 redirects b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
2	m.exactag.com	b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
2	taboola-d.openx.net	vidstat.taboola.com
2	prg.smartadserver.com	vidstat.taboola.com
2	static.adsafeprotected.com	b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	2 redirects
2	ad.doubleclick.net	1 redirects
2	cdn.doubleverify.com	cdn.taboola.com ultrasurfing.com
2	am-vid-events.taboola.com	vidstat.taboola.com
2	s.amazon-adsystem.com	1 redirects
2	aax-eu.amazon-adsystem.com	1 redirects imprammp.taboola.com
2	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com
2	x.bidswitch.net	am-match.taboola.com
2	tra.neodatagroup.com	1 redirects
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	mug.criteo.com
2	am-trc-events.taboola.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com increaserev.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
2	sb.scorecardresearch.com	cdn.taboola.com
2	player.avplayer.com	cdn.vidcrunch.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	ultrasurfing.com www.google.com
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	vidstatb.taboola.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	imprammp.taboola.com
1	www.youronlinechoices.com
1	secure-assets.rubiconproject.com	1 redirects
1	tracker.neodatagroup.com
1	imprammp.taboola.com	vidstat.taboola.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	at.teads.tv	increaserev.com
1	id.crwdcntrl.net	increaserev.com
1	idx.liadm.com	increaserev.com
1	lexicon.33across.com	increaserev.com
1	a.ad.gt	cdn.hadronid.net
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	serv.vidcrunch.com	player.aniview.com
1	imasdk.googleapis.com	player.aniview.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	clients1.google.com
1	www.googleapis.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	p2.gcprivacy.com	p.gcprivacy.com
1	trc-events.taboola.com
1	c.neodatagroup.com	ultrasurfing.com
1	tlx.3lift.com	increaserev.com
1	ghb.adtelligent.com	increaserev.com
1	rt.nanoook.com
1	brightcombid.marphezis.com	1 redirects
1	prebid.media.net	increaserev.com
1	prebid.a-mo.net	increaserev.com
1	grid.bidswitch.net	increaserev.com
1	onetag-sys.com	increaserev.com
1	ads.yieldmo.com	increaserev.com
1	htlb.casalemedia.com	increaserev.com
1	tag.1rx.io	increaserev.com
1	ap.lijit.com	increaserev.com
1	p.gcprivacy.com	increaserev.com
1	cdn.id5-sync.com
1	cdn.hadronid.net	ultrasurfing.com
1	tags.crwdcntrl.net	ultrasurfing.com
1	secure.cdn.fastclick.net	ultrasurfing.com
1	cdn.jsdelivr.net	increaserev.com
1	cloudflare.com	increaserev.com
1	cat2.hbwrapper.com	increaserev.com
1	increaserev.com	ultrasurfing.com
1	perzua.com	1 redirects
1	rebrand.ly	1 redirects
0	api.rlcdn.com Failed	increaserev.com
385	112

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
chrome.google.com
ultrasurf.us
vidcrunch.com
ad.doubleclick.net
popup.taboola.com
www.deutsche-solarberatung.net
fragebogen.geers.de
lp.empire.goodgamestudios.com
trc.taboola.com
abo.faz.net
xcraft.net
www.gutes-hoeren.de
usagco.org
om.forgeofempires.com
www.enpal.de
das-immo-portal.de
www.mdm.de
rogiestemelugin.com
www.immobilienscout24.de
www.bereit-zu-reisen.de
www.stiftung-verbraucher.de
breariancounstone.com
www.merkur24.com
deebcards-themier.com
safesly.com
track.webgains.com
www.hallopkv.de
www.combatsiege.com

Subject Issuer	Validity	Valid
*.vidcrunch.com Go Daddy Secure Certificate Authority - G2	`2022-03-16` - `2023-03-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
cat2.hbwrapper.com R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2022-12-11` - `2023-12-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
outstreamedia.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2022-12-14` - `2023-03-14`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.gcprivacy.com Amazon	`2022-12-03` - `2024-01-01`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.a-mo.net R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
teads.tv R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
youronlinechoices.com Go Daddy Secure Certificate Authority - G2	`2022-07-02` - `2023-08-03`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh

This page contains 25 frames:

Primary Page: http://ultrasurfing.com/
Frame ID: 231471B25D981110F5EEB0D08DE36423
Requests: 224 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Frame ID: 96A931A92295104B8A23158E37133695
Requests: 6 HTTP requests in this frame

Frame: http://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 6BEEDA2121DE66F1028E310DE55D404A
Requests: 4 HTTP requests in this frame

Frame: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C298EEE5FD5F7D0B0183D8747CDCA9F8
Requests: 1 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 27E413961B8A4B506B8FD642A0F969BE
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 40CC01382D4E58E855476FEB5D6CD6A6
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 0504C417F4C67DC6422960ED62F22B59
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B6D0BF009FCF5D6B8D1A520AF4B5D74
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08F54076FBA1E9A4D9AA5885FE43B582
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D35577FA7E2BF10F37E6385AC9394B1B
Requests: 4 HTTP requests in this frame

Frame: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 592D4832134EEABEDFEBFF3EC8FD2CB2
Requests: 22 HTTP requests in this frame

Frame: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C79ABC5BDF6D18D3D0EACC86C882FC0
Requests: 20 HTTP requests in this frame

Frame: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 600DA09FC025F20108FE4FF5902D5EFA
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ3HstwBMAE&v=APEucNUJoU8VLH4yyNSedp5o-wPSqs_2tabQer8qJdBUvh7miE08h_IJufEdHN_5R1fKr65H6uTVOq_4WAAXxnaujpMiMUiPJEl_kwPLcV7e1xlj5l5at7SFj9e5_jCI8JE0kAjPxS-5bK4bJIlBFxwFf0551lVYEVDHOkEpjQpGA1Z8mBqkASeMRvAfho2w_9QKjj6HTTfX6qN3NEgZk46fhY3gXDprdQ
Frame ID: A2ADE4D2AB6E5F455DE5C58E10F55082
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYk5feswEwAQ&v=APEucNXqLjNdsJyFPQqw692ggWtUEM1Zo3GocqyXIhLXmPvyrTcGLfue5oJVdPC47bpu64IgcLoQA7-ugfDx3tzY4mAh8UToOGixWaPu7bLexFRvZX8qT8l5CE4O2BvASDKtuBp4t0b49NjEgKHIZP5d5cQaNdC2hRiDqenZBUy_jVTZki0rZRnkhl4eLBHL9Fyl-rHqB2310TJJhKzpVLUagi1YZM6Cxg
Frame ID: 1A1F86C62DB4BF82A3ABE39F39C7E87F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKrHstwBMAE&v=APEucNVNZ3BIxvElKgBk5mSz94umDgl70NXv_r_6A3QjicPo_rKcHXw_FP8f8sxTEYdjId8UigWoQP-RZyW_F6SgFn0fhuGFwdnz5ZVRGrIy-HNKTxUdYsCdtpHt6ilcocbDtbx37XU-IFbR70JKCubORkb8P7nygaCByHxhDA3hwQ_rUe-MRadjafoFAmzddleyE3j8QCJU_EN0gqH7wU09RopM79brRQ
Frame ID: D0FE1DD8FA5C95D6F5229B792A9C8343
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3398.js
Frame ID: C15B04D93B5717E550BDD21DE6E71644
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9E88A6AB3D6587176A6F08073CE213D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247
Frame ID: F1DB365AB1A8AFD6E1C1771A9F280A68
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80D9C825410827D797DDDADC8D55A2ED
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
Frame ID: FEE0C2E6C38980957A39A4CD54509302
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247
Frame ID: 34BD18029AD87AE783C83485A03D1B39
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7D4F06C8491BCC87E9A0098B9D9867EB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 00C8F2B1ED749F114BC8D466591C29F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
Frame ID: 36DBA4CEA190ED9C9AFC4B50EA403355
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ultrasurfing.com/ suchen

Page URL History Show full URLs

http://rebrand.ly/r56fmau HTTP 301
https://perzua.com/wp-admin/network/wp-raw/?news HTTP 302
http://ultrasurfing.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

385
Requests

81 %
HTTPS

39 %
IPv6

62
Domains

112
Subdomains

95
IPs

10
Countries

11739 kB
Transfer

19160 kB
Size

42
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/us/app/ultrasurf-vpn/id1563051300
Title: Ultrasurf iOS VPN

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.ultrasurf.mobile.ultrasurf
Title: Ultrasurf Android VPN

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/ultrasurf-security-privac/mjnbclmflcpookeapghfhapeffmpodij
Title: Ultrasurf Chrome Extenstion

Search URL Search Domain Scan URL

URL: https://ultrasurf.us/download/usf.exe
Title: Ultrasurf Windows Client

Search URL Search Domain Scan URL

URL: https://vidcrunch.com/

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N9166.3001245TABOOLADE/B28592042.346555983;dc_trk_aid=538212364;dc_trk_cid=178151941;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCR_Voo5IHu4oeolslX#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCR_Voo5IHu4oeolslX
Title: Ford

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-b-delta:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.deutsche-solarberatung.net/photovoltaik-jahresueberblick?utm_source=dsb_taboola&utm_medium=referral&utm_campaign=22132301&utm_site_t=ultrasurf-ultrasurf&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F095e8c1de419b1c494b1867004880d2b.png&utm_title_t=Bayern%3A+Darum+lohnt+sich+Solar+f%C3%BCr+Hausbesitzer+in+2023&utm_time_t=2023-01-13+10%3A04%3A43&utm_term=Desktop&utm_content=3594440353&utm_site-id_t=1110515&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDIp1UotM6w6Oyz7OkH#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDIp1UotM6w6Oyz7OkH
Title: Deutsche Solarberatung

Search URL Search Domain Scan URL

URL: https://fragebogen.geers.de/hoergeraete-testen-sta/?utm_source=taboola&utm_medium=display&utm_campaign=BLUECHIPSTSA_DE_GEE_ACQ_DIS_TAB_DES_STSA01_IMG_NOV5W&utm_content=3586505857&utm_term=ultrasurf-ultrasurf&utm_title=Rothenburg+Ob+Der+Tauber%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1972+geboren&tb_click_id=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCDkFIo3q21trLA5NEU&_ad_placement=ultrasurf-ultrasurf&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCDkFIo3q21trLA5NEU#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCDkFIo3q21trLA5NEU
Title: GEERS

Search URL Search Domain Scan URL

URL: https://lp.empire.goodgamestudios.com/?pid=7039&cid=1110515&tid=3556379391&gci=14414&ad_click_id=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDHpEEow6Oj-Pjd9qu7AQ&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDHpEEow6Oj-Pjd9qu7AQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDHpEEow6Oj-Pjd9qu7AQ
Title: Goodgame Empire

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=e3b9f7ef77cad0171f13dbe9f50e7bcd&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&it=text&ii=~~V1~~-7430718743109166015~~l2siXHClyWS7bsV3WwU6Db_UV0G8zQtaf9P67CUFYbv6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xImn8tE8v15zFeJb11AdzPHzkDa5rciIoCgHERXB3hc7mwP_hhAk5qifxbFXi0lQzS2NM-UhdkgIGSaW_b35j0kjYTIa30RsRaeCery_-LBHDvohrRRL2n_Mr0aylFgMUlw&pt=home&li=rbox-h2v&sig=9c5666f5645b2b8b46216c26b895b531cd7c9e6c1f9f&redir=https%3A%2F%2Flp.empire.goodgamestudios.com%2F%3Fpid%3D7039%26cid%3D1110515%26tid%3D3556379391%26gci%3D14414%26ad_click_id%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDHpEEow6Oj-Pjd9qu7AQ%26tblci%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDHpEEow6Oj-Pjd9qu7AQ%23tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDHpEEow6Oj-Pjd9qu7AQ&vi=1673604283060&p=ggs-empire-sc1&r=47&lti=deflated&ppb=COkC&cpb=EhIyMDIzMDExMi04LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAzNzQ4gLbWzgtAm-MJSIKKEFDcytkDWP___________wFjCNA3EP5KGDBkYwijNRDjRhgyZGMI3f__________ARDd__________8BGCNkYwi8FxDqIBgkZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwjqKhCdORgJZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAa2FwOUBkAEcmAGc99rU2jA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://abo.faz.net/aktionsseite/fazfas-probe.html?affiliate=IP23165&pac=IP23165&campID=DIS_NTVAds_PERF_PAY_FAZ-FAS_PRT-DGT_ABO_MO-SO_PRO_2-WO_NO_standard-taboola-desktop-blocklist_IP23165&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDrvUUoyJDihL6QqZcB#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDrvUUoyJDihL6QqZcB
Title: Frankfurter Allgemeine Zeitung

Search URL Search Domain Scan URL

URL: https://xcraft.net/registration/?utm_source=clickfrog_tbl&utm_medium=cpc&utm_content=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCIqVQouZjv4t_Ri-2iAQ&utm_campaign=9938843&utm_term=1110515&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCIqVQouZjv4t_Ri-2iAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCIqVQouZjv4t_Ri-2iAQ
Title: XCraft

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.gutes-hoeren.de/unsichtbares-hoergeraet-testen/?utm_source=taboola&utm_medium=display&utm_campaign=NEUTRAL_DE_GEE_ACQ_DIS_TAB_DES_STEMRE_IMG_JAN1W23&utm_content=3599239412&utm_term=ultrasurf-ultrasurf&utm_title=Vorsatz+2023%3A+Besser+h%C3%B6ren+%E2%80%93+aktiver+leben.+So+gelingt%27s%21&tb_click_id=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCDkFIozqCP3e-jn7QJ&_ad_placement=ultrasurf-ultrasurf&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCDkFIozqCP3e-jn7QJ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCDkFIozqCP3e-jn7QJ
Title: Gutes Hören

Search URL Search Domain Scan URL

URL: https://usagco.org/landing/register-11?lang=de&utm_source=taboola&utm_medium=discovery&utm_campaign=Germany_DSK_V11_+MAX&utm_item_id=3583165764&utm_publisher=ultrasurf-ultrasurf&utm_campaign_id=21973730&utm_tci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCBukMoz6fhnPTN8J4Q&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCBukMoz6fhnPTN8J4Q#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCBukMoz6fhnPTN8J4Q
Title: USAGCO

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de22&&external_param=3582137393&pid=ultrasurf-ultrasurf&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d106f6c8729ca44649d076581d85be2.jpeg&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDJqD8o7dKE3Irm9-MB#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDJqD8o7dKE3Irm9-MB
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=c3a8cd6452ac9e606af3203e49e90a82&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&it=text&ii=~~V1~~-3777507665029452624~~POTRxsm6MYiFeDmC8vYrYdHu_EX5RlNlQu72-K6hSj_6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIlw1356C2_dHxf63w7BHC9GTFCQzQP4do6qksYHsLItyAl61QTtkWma3GHjkxuQC4BtM0BwoYSk626HSt4J1kWPj7cuNvF1X4I3Pjp4xHlxgaf0tIoPO8OZTld0MnEtzBE&pt=home&li=rbox-h2v&sig=0367c39482e46470be88ec5bed4635e22dc5670b1587&redir=https%3A%2F%2Fom.forgeofempires.com%2Ffoe%2Fde%2F%3Fref%3Dtab_de_de22%26%26external_param%3D3582137393%26pid%3Dultrasurf-ultrasurf%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F1d106f6c8729ca44649d076581d85be2.jpeg%26tblci%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDJqD8o7dKE3Irm9-MB%23tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDJqD8o7dKE3Irm9-MB&vi=1673604283060&p=innogamesforgeofempiressc&r=13&lti=deflated&ppb=CNwE&cpb=EhIyMDIzMDExMi04LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNTk4gLbWzgtAm-MJSIKKEFDcytkDWP___________wFjCNA3EP5KGDBkYwijNRDjRhgyZGMI3f__________ARDd__________8BGCNkYwi8FxDqIBgkZGMIlhQQmBwYGGRjCNIDEOAGGAhkYwjqKhCdORgJZGMIpCcQgzUYL2RjCPQUEJ4dGB9keAGAAQKIAa2FwOUBkAEcmAG6-9rU2jA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel2/die-solaranlage-die-alles-kann-bekannt-aus-tv?utm_source=taboola2.0&utm_medium=referral&utm_campaign=10884016&utm_site_t=ultrasurf-ultrasurf&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1e9b6f0c36512acd33cf7b7ea529ede8.jpg&utm_title_t=Rechnet+sich+eine+Solaranlage+mit+Speicher+in+2023%3F&utm_time_t=2023-01-13+10%3A04%3A44&utm_term=Desktop&utm_content=3597608048&utm_site-id_t=1110515&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCc01Mo1eetzc74kISsAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCc01Mo1eetzc74kISsAQ
Title: Enpal

Search URL Search Domain Scan URL

URL: https://das-immo-portal.de/hausverkauf-2022-10-26/?s2=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCu2EsozryOxN-cwJp8&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCu2EsozryOxN-cwJp8#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCu2EsozryOxN-cwJp8
Title: Immo-Portal

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=d63ec082c01fa181331916ff7690c187&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&it=text&ii=~~V1~~8886436641304384029~~RYs40-p4L0qJ-jyXVcdOaUHnRTUHzd2ZSR7KHY_2PMv6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xInUsrI8gK6ErHBSEIWOOhT4zjsHpdT2Oq4YYftT42OisYTFU8O9VKbixYlqJZLaJ_4ZlHRjrqvqNTCVex9uD8tZYTIa30RsRaeCery_-LBHDvohrRRL2n_Mr0aylFgMUlw&pt=home&li=rbox-h2v&sig=fffc0a6220494ccc7b68e0ddc9707ecbc972f15891f1&redir=https%3A%2F%2Fdas-immo-portal.de%2Fhausverkauf-2022-10-26%2F%3Fs2%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCu2EsozryOxN-cwJp8%26tblci%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCu2EsozryOxN-cwJp8%23tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCu2EsozryOxN-cwJp8&vi=1673604283060&p=cooperadvertising-sc&r=42&lti=deflated&ppb=CN4H&cpb=EhIyMDIzMDExMi04LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNTk4gLbWzgtAm-MJSIKKEFDcytkDWP___________wFjCNA3EP5KGDBkYwijNRDjRhgyZGMI3f__________ARDd__________8BGCNkYwi8FxDqIBgkZGMIlhQQmBwYGGRjCNIDEOAGGAhkYwjqKhCdORgJZGMIpCcQgzUYL2RjCPQUEJ4dGB9keAGAAQKIAa2FwOUBkAEcmAG6-9rU2jA&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.mdm.de/dop?sku=19425/004&wk=2071721&campaign=Dis/taboola/sk/2071721&utm_source=taboola&utm_medium=display&utm_campaign=sk&utm_source=taboola&utm_medium=referral#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDBrUYo8sfFzNHT39OTAQ
Title: MDM Deutsche Münze

Search URL Search Domain Scan URL

URL: https://rogiestemelugin.com/0b01d45e-6d27-4f56-ae4d-96baa5e2dfc1?site=ultrasurf-ultrasurf&site_id=1110515&title=Spezialist+r%C3%A4t%3A+Verkaufen+Sie+Ihr+Haus+erst+nachdem+Sie+das+gelesen+haben&platform=Desktop&campaign_id=21112369&campaign_item_id=3591388115&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fb01c096a69a28bc3f5704d1c3438dd95.jpg&click_id=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDAqFEo55nC3JC5lYiUAQ&utm_source=taboola&utm_medium=referral&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDAqFEo55nC3JC5lYiUAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDAqFEo55nC3JC5lYiUAQ
Title: Verkaufe deine Immobilie

Search URL Search Domain Scan URL

URL: https://www.enpal.de/artikel/grosskonzerne-erschuettert-solar-guenstiger-als-strom?hl=Deutsche%20Erfindung%20macht%20Hausbesitzer%20sprachlos%3A%20Solaranlage%20endlich%20g%C3%BCnstiger%20als%20Strom&utm_source=taboola_lifestyle&utm_medium=referral&utm_campaign=12033662&utm_site_t=ultrasurf-ultrasurf&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6a37609fe73f162515152f36670aadcd.png&utm_title_t=Bayern%3A+Deutsche+Erfindung+macht+Hausbesitzer+sprachlos&utm_time_t=2023-01-13+10%3A04%3A44&utm_term=Desktop&utm_content=3598002412&utm_site-id_t=1110515&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCezVUoxsbnr6emmqQ4#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCezVUoxsbnr6emmqQ4
Title: Enpal

Search URL Search Domain Scan URL

URL: https://www.immobilienscout24.de/lp/kostenlose-immobilienbewertung-v3.html?utm_source=taboola&utm_medium=display&utm_campaign=de_rle_pros_leads_region_ab_desk_2023_22749957&utm_term=ultrasurf-ultrasurf_1110515&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F2b7f742ffc4dadfa6aac0764e2a76224.jpg&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDh50MonK6c77WT8s6SAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDh50MonK6c77WT8s6SAQ
Title: ImmoScout24

Search URL Search Domain Scan URL

URL: https://www.bereit-zu-reisen.de/?utm_source=taboola&utm_medium=cpc&utm_campaign=Twinrix_bereit-zu-reisen&utm_content=%C3%84gypten-Urlaub+geplant%3F+Wichtige+Reiseimpfungen+im+%C3%9Cberblick.&utm_term=ultrasurf-ultrasurf&cc=de_cpc_oth_np-de-tvx-advt-210001_59608&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCF3Vco_9rntpWas9wk#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCF3Vco_9rntpWas9wk
Title: Bereit-zu-Reisen.de

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=a6ba5ca79769989e1b8213845784911e&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&it=text&ii=~~V1~~3312264268954859909~~LlUu5XVFBC1nMMVsr02EniPu_gf0gCX1sZlmv2YaSon6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb2ts44XCbvufHdfBPVXT-vSTRbHzdArzq5GfmaFogO41pclR-7YL8dc0NOG5BR7BE7Oxoxi2KYSqxPSiPBR8BmABMOeOShvv0YDOIsO32A6Fp_S0ig87w5lOV3QycS3MEQ&pt=home&li=rbox-h2v&sig=ebc37890c6c586277bc4cebcd98a645621cff01390f3&redir=https%3A%2F%2Fwww.bereit-zu-reisen.de%2F%3Futm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_campaign%3DTwinrix_bereit-zu-reisen%26utm_content%3D%25C3%2584gypten-Urlaub%2Bgeplant%253F%2BWichtige%2BReiseimpfungen%2Bim%2B%25C3%259Cberblick.%26utm_term%3Dultrasurf-ultrasurf%26cc%3Dde_cpc_oth_np-de-tvx-advt-210001_59608%26tblci%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCF3Vco_9rntpWas9wk%23tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCF3Vco_9rntpWas9wk&vi=1673604283060&p=gskde-twinrixbereit-zu-reisentwinrixsc-sc&r=29&lti=deflated&ppb=CMwE&cpb=EhIyMDIzMDExMi04LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNTk4gLbWzgtAm-MJSIKKEFDcytkDWP___________wFjCNA3EP5KGDBkYwijNRDjRhgyZGMI3f__________ARDd__________8BGCNkYwi8FxDqIBgkZGMIlhQQmBwYGGRjCNIDEOAGGAhkYwjqKhCdORgJZGMIpCcQgzUYL2RjCPQUEJ4dGB9keAGAAQKIAa2FwOUBkAEcmAG6-9rU2jA&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://www.stiftung-verbraucher.de/artikel-welche-zahnzusatzversicherung?utm_source=taboola&utm_medium=display&utm_campaign=22563692&utm_content=3593536528&source=tab_comparearticle_content&utm_term=1110515&tbclid=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDn7FAom-Dh1pH9nKePAQ&title=Diese+5+Zahnzusatzversicherungen+halten%2C+was+sie+versprechen&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDn7FAom-Dh1pH9nKePAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDn7FAom-Dh1pH9nKePAQ
Title: dentolo

Search URL Search Domain Scan URL

URL: https://breariancounstone.com/1f01a89a-934a-4e03-a0b0-0413b0e7f47a?site=ultrasurf-ultrasurf&site_id=1110515&title=M%C3%A4nner+%C3%BCber+45+sind+verr%C3%BCckt+nach+diesem+kostenlosen+Spielautomaten&platform=Desktop&campaign_id=20064943&campaign_item_id=3461042544&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Febe34cda8115467cefbce4b5ccf7075e.png&click_id=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDw31AosICeyuTFk-zUAQ&utm_source=taboola&utm_medium=referral&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDw31AosICeyuTFk-zUAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDw31AosICeyuTFk-zUAQ
Title: Lounge 777

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=a191bb1aae785094c777e2f5f14aa468&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&it=text&ii=~~V1~~-8578214607803923679~~ZgQOnnDrIAzKC1ErVGJb2D53WrzIaZfhLQ3dWEEPDkb6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIl7w6RHce2viGeqdQVCFi9OzjsHpdT2Oq4YYftT42OisfznhRHHGzObV3Dh1szYaUhPeg4S8t15bxlrJ_zZhKvpYTIa30RsRaeCery_-LBHDvohrRRL2n_Mr0aylFgMUlw&pt=home&li=rbox-h2v&sig=a0d31244dc1af4b26dbe1ed63e9db3a076cf374be3b3&redir=https%3A%2F%2Fbreariancounstone.com%2F1f01a89a-934a-4e03-a0b0-0413b0e7f47a%3Fsite%3Dultrasurf-ultrasurf%26site_id%3D1110515%26title%3DM%25C3%25A4nner%2B%25C3%25BCber%2B45%2Bsind%2Bverr%25C3%25BCckt%2Bnach%2Bdiesem%2Bkostenlosen%2BSpielautomaten%26platform%3DDesktop%26campaign_id%3D20064943%26campaign_item_id%3D3461042544%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Febe34cda8115467cefbce4b5ccf7075e.png%26click_id%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDw31AosICeyuTFk-zUAQ%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDw31AosICeyuTFk-zUAQ%23tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDw31AosICeyuTFk-zUAQ&vi=1673604283060&p=veisemedia-bitflyer-sc&r=58&lti=deflated&ppb=CLgG&cpb=EhIyMDIzMDExMi04LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNTk4gLbWzgtAm-MJSIKKEFDcytkDWP___________wFjCNA3EP5KGDBkYwijNRDjRhgyZGMI3f__________ARDd__________8BGCNkYwi8FxDqIBgkZGMIlhQQmBwYGGRjCNIDEOAGGAhkYwjqKhCdORgJZGMIpCcQgzUYL2RjCPQUEJ4dGB9keAGAAQKIAa2FwOUBkAEcmAG6-9rU2jA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://www.merkur24.com/de/lp/slotgames9gbonus-de?aid=whow-m24-tbl-de&utm_source=ultrasurf-ultrasurf&utm_medium=native&utm_campaign=DE_1121&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fff5b43531a037cac13e572fe25a53588.jpg&utm_term=3051123974&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyC8rVIo_er51Zadq8AU#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyC8rVIo_er51Zadq8AU
Title: Merkur24

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Thumbnails%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://deebcards-themier.com/edb1ae35-c7f2-4a15-a388-018ac0d97190?site=ultrasurf-ultrasurf&site_id=1110515&thumb=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8dd8e93d18f4e417f2ee8ae136ca1d53.jpg&title=Das+offizielle+State+of+Suvival+Spiel+ist+endlich+hier%21+Und+ja%2C+es+ist+gro%C3%9Fartig&campaign_id=22621025&campaign_item_id=3594404969&ntk=50&click_id=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCW_VoolenWh77pj9avAQ&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCW_VoolenWh77pj9avAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCW_VoolenWh77pj9avAQ
Title: State of Survival

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=96acafeba4fbe3ac32e26968d6a6ef25&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&it=text&ii=~~V1~~-4728437470334546759~~nqIMP7TLbNLPRm7QaSKT6hi65_uIrcVBxrAzNs2cPP36nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQW0OKu3VbaFI1uOBK2OWbXOhlo6TqWritVMGNgX6wrCus8nkvilqDooLAe1HKDwTL8eF7DlpaKqURSZ8EWZlZVwTfYGrgdt89DcQmKRCk85FGZXnBLdkpoU8zPydmJKWpiRwsk181ERuDa9LEQKQzu8dTTBdF0q90xYiI8voQOSDATTj5U3IdklQLQE46-ji1PAHBtXOrHmoNACP6x9PQOTpHy-OQVt1JITzG3hwwnjA&pt=home&li=rbox-h2v&sig=f999c169c06ba74de54210fe4555e93afa0de6cf16e0&redir=https%3A%2F%2Fdeebcards-themier.com%2Fedb1ae35-c7f2-4a15-a388-018ac0d97190%3Fsite%3Dultrasurf-ultrasurf%26site_id%3D1110515%26thumb%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F8dd8e93d18f4e417f2ee8ae136ca1d53.jpg%26title%3DDas%2Boffizielle%2BState%2Bof%2BSuvival%2BSpiel%2Bist%2Bendlich%2Bhier%2521%2BUnd%2Bja%252C%2Bes%2Bist%2Bgro%25C3%259Fartig%26campaign_id%3D22621025%26campaign_item_id%3D3594404969%26ntk%3D50%26click_id%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCW_VoolenWh77pj9avAQ%26tblci%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCW_VoolenWh77pj9avAQ%23tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCW_VoolenWh77pj9avAQ&vi=1673604283060&p=pwngames-sosron-sc&r=32&lti=deflated&ppb=CMgC&cpb=EhIyMDIzMDExMi04LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNTk4gLbWzgtAm-MJSIKKEFDcytkDWP___________wFjCNA3EP5KGDBkYwijNRDjRhgyZGMI3f__________ARDd__________8BGCNkYwi8FxDqIBgkZGMIlhQQmBwYGGRjCNIDEOAGGAhkYwjqKhCdORgJZGMIpCcQgzUYL2RjCPQUEJ4dGB9keAGAAQKIAa2FwOUBkAEcmAG6-9rU2jA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://safesly.com/3caf8cfa-bce1-4e14-a4e2-803ff1b8d2fa?site=ultrasurf-ultrasurf&title=Solar-Boom+2023%3A+Staat+gibt+jetzt+unfassbaren+Anreiz&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F4334f49a9779be4eb38937223665ce8f.jpg&campaign=6H_DE_Desktop_Solaranlagen_v3&utm_content=3595804353&conversionname=6H&click_id=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD4o08olZT2qZ79uL_8AQ&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD4o08olZT2qZ79uL_8AQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD4o08olZT2qZ79uL_8AQ
Title: Vergleich Profis24

Search URL Search Domain Scan URL

URL: https://track.webgains.com/click.html?wgcampaignid=137375&wgprogramid=274615&wgtarget=https://www.11teamsports.com/de-de/fifa-world-cup-qatar-2022/dfb/%20&utm_source=taboola&utm_medium=affiliate&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD5vlso_M2ws-eW39pv#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD5vlso_M2ws-eW39pv
Title: 11teamsports

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/click?pi=%2F&ri=96acafeba4fbe3ac32e26968d6a6ef25&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&it=text&ii=~~V1~~5672299847326151584~~LAlMkN8kR5PfF9Ds_zV-1ET1nvpgNE1y_huTSlBYr6z6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GWyqPyYAJiLv4Bwf13D6xIn3FtqPG62DuOPzOYwO8y_N1dgUDHIF69JrJ5n6w-pM1Bgo0Gvttb55cYxk60mAvGyPF8C2yPvlmbo_NIFLjI3JoCz99O8VTmk2iixePHAvqg&pt=home&li=rbox-h2v&sig=be6448d64228ec8975d85fc6b8f954076537e4330c33&redir=https%3A%2F%2Ftrack.webgains.com%2Fclick.html%3Fwgcampaignid%3D137375%26wgprogramid%3D274615%26wgtarget%3Dhttps%3A%2F%2Fwww.11teamsports.com%2Fde-de%2Ffifa-world-cup-qatar-2022%2Fdfb%2F%2520%26utm_source%3Dtaboola%26utm_medium%3Daffiliate%26tblci%3DGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD5vlso_M2ws-eW39pv%23tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD5vlso_M2ws-eW39pv&vi=1673604283060&p=eleventeamsportsgmbh-sc&r=81&lti=deflated&ppb=CMgC&cpb=EhIyMDIzMDExMi04LVJFTEVBU0UYuuaowAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNTk4gLbWzgtAm-MJSIKKEFDcytkDWP___________wFjCNA3EP5KGDBkYwijNRDjRhgyZGMI3f__________ARDd__________8BGCNkYwi8FxDqIBgkZGMIlhQQmBwYGGRjCNIDEOAGGAhkYwjqKhCdORgJZGMIpCcQgzUYL2RjCPQUEJ4dGB9keAGAAQKIAa2FwOUBkAEcmAG6-9rU2jA&cta=true
Title: Weiterlesen

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbnails-1x3:Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.deutsche-solarberatung.net/steuer-hammer-ab-2023-deshalb-lohnt-sich-solar-wie-nie-zuvor?utm_source=dsb_taboola&utm_medium=referral&utm_campaign=22832207&utm_site_t=ultrasurf-ultrasurf&utm_thumbnail_t=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8874c52a695d58513c01143ce1131205.jpg&utm_title_t=Bayern%3A+So+kriegen+Hausbesitzer+mit+Solar+g%C3%BCnstigen+Strom&utm_time_t=2023-01-13+10%3A04%3A43&utm_term=Desktop&utm_content=3598350530&utm_site-id_t=1110515&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDIp1UohYPlhIy_hq9R#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyDIp1UohYPlhIy_hq9R
Title: Deutsche Solarberatung

Search URL Search Domain Scan URL

URL: https://www.hallopkv.de/beitrag/zu-hohe-versicherungsbeitrage-in-der-privaten-krankenversicherung?utm_source=taboola&utm_medium=intern&utm_campaign=hallopkv_desktop&utm_content=ultrasurfing.com&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCrn1Uovev744Gvztf0AQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCrn1Uovev744Gvztf0AQ
Title: HalloPKV

Search URL Search Domain Scan URL

URL: https://www.combatsiege.com/?r=tabcs1deb&clickid=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD8gFso49fwuo_-tqidAQ&utm_source=taboola-ultrasurf-ultrasurf&utm_medium=tabcs1deb&utm_term=Du+wirst+deinen+Computer+nie+wieder+ausschalten.+Kein+Install.+Gratis+spielen.&tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD8gFso49fwuo_-tqidAQ#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyD8gFso49fwuo_-tqidAQ
Title: CombatSiege

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N9166.3001245TABOOLADE/B28592042.346555983;dc_trk_aid=538212364;dc_trk_cid=178151941;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?tblci=GiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCR_Vooh8j_-4y39elL#tblciGiCdY3tiqTy1YXFAmOwtNIp9n1q1MPgu9eAWdcZnRcP_RyCR_Vooh8j_-4y39elL
Title: Ford

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=blend-next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rebrand.ly/r56fmau HTTP 301
https://perzua.com/wp-admin/network/wp-raw/?news HTTP 302
http://ultrasurfing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
https://cdn.id5-sync.com/api/1.0/id5-api.js

Request Chain 62

https://brightcombid.marphezis.com/hb HTTP 307
https://rt.nanoook.com/hb

Request Chain 77

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS HTTP 302
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Request Chain 149

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-eMTynxUR3Zxb1FQa2Z5NFRPM041cUlMakltSEZNdEFNMkREVWtMVzV3Ykkvcjk5YXZSOVpDSEcxU251c2Zlak9YR1hSN1FCelk2bXVGajZCQmN0RkxvdGp3T2svRkpXYnhQRzBsbFIyMzRFenYvTEVyVDRoL2h1UVNRUHpCNUw2OG92VGFGdWYvcjlNVEkvSjV2S05kSU5tNVF6cEp6QUt3R2FwVzlTVlp5STNsU2haVXV0SVJyaE92WWlWT1dMYmtGR1VCQThzZTZjaGV3Z05mZElubmZJd3VqRm5Bc2JCZDRrZG1xTmovQlkrcGhzPXw&cppv=2

Request Chain 171

https://tra.neodatagroup.com/pv?sid=2033&rnd=282433994428&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&ids=e97bdabb-86f9-43d5-b877-10a384eabade;pubcid;PublisherCommonId&pbs=true HTTP 302
https://tra.neodatagroup.com/pv?sid=2033&rnd=282433994428&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&ids=e97bdabb-86f9-43d5-b877-10a384eabade;pubcid;PublisherCommonId&pbs=true&neoid=30b552d7edc0593

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=282433994428 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=282433994428&google_tc= HTTP 302
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=282433994428&google_gid=CAESEGRrqFq7wF99tU_icAEscpU&google_cver=1

Request Chain 178

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 188

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCUCS1CR-F-HYY8&gdpr=1&us_privacy=1---

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP0TuF8P_c2ObkwjTQap-xM&google_cver=1

Request Chain 190

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 191

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/MS1N9y1Lq5R4V7rCIEiZnA?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dqxxOWBE2oJc288l.wdvcCBsEi5OoUpc7Hv66Q--~A

Request Chain 192

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlOTk0NGM0NTU0NjNhNjE5ZmQwZDA0MTdjODhiZTE3ZGEwZjIyYw&gdpr=1&us_privacy=1---

Request Chain 193

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQ1MxQ1ItRi1IWVk4&gdpr=1&us_privacy=1---

Request Chain 194

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 224

https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B28592042.346555983;dc_trk_aid=538212364;dc_trk_cid=178151941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B28592042.346555983;dc_pre=CMeSluelxPwCFY6SdwodYQUNaQ;dc_trk_aid=538212364;dc_trk_cid=178151941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com

Request Chain 229

https://pixel.adsafeprotected.com/rfw/st/1291789/67949523/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1010229247&ias_pubId=pub-1062972861553303&ias_chanId=1&ias_placementId=19267639401&bidurl=http://ultrasurfing.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jp_7QhpDmYGdUyKPkFe_aa HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=

Request Chain 244

https://pixel.adsafeprotected.com/rfw/st/1291789/67949529/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1010229247&ias_pubId=pub-1062972861553303&ias_chanId=1&ias_placementId=19267639401&bidurl=http://ultrasurfing.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h8glYag86Be_O8AekJyawa HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1

Request Chain 274

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8EsvW39OM.WPrIXM-V5LAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

Request Chain 276

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1

Request Chain 278

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8EsvW39OM.WPrIXM-V5LAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2

Request Chain 279

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

Request Chain 280

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1

Request Chain 282

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8EsvW39OM.WPrIXM-V5LAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

Request Chain 284

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

Request Chain 310

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=354993420&d_campaign=29111912&d_bust=2741893067&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=354993420&d_campaign=29111912&d_bust=2741893067&gdpr=&gdpr_consent=

Request Chain 315

https://track.adform.net/adfserve/?bn=52774350;1x1inv=1;srctype=3;ord=2729624672 HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=52774350;1x1inv=1;srctype=3;ord=2729624672

Request Chain 318

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=354999691&d_campaign=29111912&d_bust=2053205118&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=354999691&d_campaign=29111912&d_bust=2053205118&gdpr=&gdpr_consent=

385 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ultrasurfing.com/
Redirect Chain

http://rebrand.ly/r56fmau
https://perzua.com/wp-admin/network/wp-raw/?news
http://ultrasurfing.com/

10 KB
4 KB

341ms
318ms

Document
text/html

2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed2d6e6992f596765b9ef95a2deebe7a9cf2afb748e9aa5b40987c596b051462

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 788d4f296fce9a0c-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 13 Jan 2023 10:04:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d1vFN91aOiAL8zK%2FxMRlCQ3XyIyYsZMg5mv56QR2s901ciSTW4yZtQR8o7BDLZhJ8LoS2yWtxu1C%2FV1vxtlSDjCMIWoGDt7x%2FB8VziXOONB7bTE0sB28Y1fTVJ9k4ecV1%2Bb9ES5zo%2FJnmHlvGnT"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 13 Jan 2023 10:04:41 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: http://ultrasurfing.com
Pragma: no-cache
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK reset.css
ultrasurfing.com/css/ 773 B
1 KB 23ms
22ms Stylesheet
text/css 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/css/reset.css
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4211
Cf-Polished: origSize=1050
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: W/"5f9a61f5-41a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsd%2BnCmEaaGcIUbdwpR7eqsy7vDjYSQABrDSCpZfMagMLlBdBN7LlEoCSq1z0u7BuHSL3goa25WSVqYa7zGS9vV19On9Ct3YIWetmYjTV0mr3Zd%2BPskaaCGXH%2FVgURxq%2FbG7bkX8RVgT7BitLoAL"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
CF-RAY: 788d4f2b8b729a0c-FRA

GET
H/1.1 200
OK style6.css
ultrasurfing.com/css/ 11 KB
4 KB 44ms
29ms Stylesheet
text/css 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://ultrasurfing.com/css/style6.css
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5757
Cf-Polished: origSize=19201
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Mon, 20 Dec 2021 04:00:21 GMT
Server: cloudflare
ETag: W/"61bfffd5-4b01"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGXsaqjiAD3ToobNTaFX6s2a9si4x7YBe91xqFfbbSAb%2BWQr9XdysFg8BlxlVsl4M08vm8ZfdIgiKm1SM9%2Fm862HKaC1pRYoEC7Of7iRkpSM85y3u8dxzbGEphJHzqJqZMItHu%2ByRJbJORjNQcMI"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
CF-RAY: 788d4f2b9b0b9b58-FRA

GET
H/1.1 200
OK ed0bf71d_photo0_610.jpg
ultrasurfing.com/images/ 68 KB
69 KB 21ms
21ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/ed0bf71d_photo0_610.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb8457c6a6b0c1c904c8d4d4eafdf48e9d5e79210cc16bbde6c9da18913b4a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1071
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 69514
Cf-Bgj: h2pri
Last-Modified: Fri, 13 Jan 2023 09:45:02 GMT
Server: cloudflare
ETag: "63c1281e-10f8a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri%2Fx1Piw9pKd5y40tJ8i0vpC4T76ThpcT%2B4yQmBXsuJsb4oTO7MQL1jYjgTEeA%2FyVJdxh5FQwVUN93DTCkZKwWYe35vL%2FCVU7ljaU9weKDbWQGFCEr517VL%2Fs04diiWrIhyUvOILkqhMTfG7PlNO"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2bcbe69a0c-FRA
Expires: Sat, 13 Jan 2024 09:46:52 GMT

GET
H/1.1 200
OK 1e75629d_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
7 KB 312ms
310ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/1e75629d_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c004cd108fbe07488bed216ec6a06b852a5f245e3e6b8d8ce796a3d3868746

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6446
Last-Modified: Fri, 13 Jan 2023 10:03:06 GMT
Server: cloudflare
ETag: "63c12c5a-192e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg7mF69nkHCy6T9x%2Fnm2LwwF6T3dhad%2BrROZXqbV8M%2BNJkDgC%2B%2FzPTyPhKc7%2FLnNsflUGqOqfQrmcmGNnqvx2avOI79U6Q%2FQ50t55za%2FTb9y0WCrDhDEiIjJkM7o93G1HJLisLeLq0yQDt2ByijQ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2bcb6a9b58-FRA
Expires: Sat, 13 Jan 2024 10:04:43 GMT

GET
H/1.1 200
OK 8796cac3_photo0_190.jpg
ultrasurfing.com/images/ 7 KB
8 KB 23ms
16ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/8796cac3_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 164bfdc8f24653e4dc3ae0089d8478da02a14c793a58e88608a0f24f59140c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 23604
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7319
Cf-Bgj: h2pri
Last-Modified: Fri, 13 Jan 2023 03:30:06 GMT
Server: cloudflare
ETag: "63c0d03e-1c97"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjeQl0hSsZGC5lwyC%2Badbrb%2FucnTpbZXd%2B%2BHYkmAZXeiUobCqkmjbqbrfurzFrI6bEo76kvwzF9FPCLkb3uAdls9jch79nZBTqVn7nXqME6BsjQovsqP1CHdc60xRPnFlM5GeMSlHJVicnbQH74z"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2bdaac913c-FRA
Expires: Sat, 13 Jan 2024 03:31:18 GMT

GET
H/1.1 200
OK ed0bf71d_photo0_190.jpg
ultrasurfing.com/images/ 10 KB
11 KB 319ms
312ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/ed0bf71d_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229c8c25f954a6b55c9520ce23dc578cd7693c6f9e65cb8a9345a532f14b62c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9976
Last-Modified: Fri, 13 Jan 2023 10:03:02 GMT
Server: cloudflare
ETag: "63c12c56-26f8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKWEiztbh9Sc7cTM1pI71Iy1mi0ieeqEyLSaa4iAcCZzJA0amx6xZXkbqSmUNTI9jp%2F8vZOa62BNOmEB4%2BUaEnyf3A5XcDqKll8jhWErQALzJFHH3aTr2MmD%2BryCHvHwzpBLK91fB5PtEpHI4tZc"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2bdfb69268-FRA
Expires: Sat, 13 Jan 2024 10:04:43 GMT

GET
H/1.1 200
OK 624dd311_photo0_190.jpg
ultrasurfing.com/images/ 9 KB
10 KB 98ms
37ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/624dd311_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88264ca8685f257c330793cbeec0ded2b8041d3b8cf7b20a16fbacd3f12749e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3997
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9399
Cf-Bgj: h2pri
Last-Modified: Fri, 13 Jan 2023 08:57:03 GMT
Server: cloudflare
ETag: "63c11cdf-24b7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DboxPsXJvpQA20JjD%2B6pmZMNUSmiAOkRoem6TYiVo8CxzS2agBODkO4dXM2lu0G%2BaUtnMDvtqumcjx%2BE0N9vmyupT%2FVVALaaAiecrXnR0bGMDbufY0ZqPmMBcWf5rio7ouOVfEcqEECmbiqKtN9u"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2c2cf59a0c-FRA
Expires: Sat, 13 Jan 2024 08:58:06 GMT

GET
H/1.1 200
OK f60903f4_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
7 KB 83ms
21ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/f60903f4_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b874d9e2188a03080bf7363156b49d6384f320e851d60f80fed69c6f7bdcc9cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 22345
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6472
Cf-Bgj: h2pri
Last-Modified: Fri, 13 Jan 2023 03:51:01 GMT
Server: cloudflare
ETag: "63c0d525-1948"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NKqnctyeYx12KJx%2Bq%2B7PZ0DI80iEw%2B%2B4vBnBR9EXGRqJeDNb%2B9OjFtoVYBCtZbSoNaGpFdQd3xO9YX1bYxwSlBCk0XephBYyzQJ%2B4Y5C6cvj3FQB4vNT13xsR8LkCEW15hijTf%2Bt1AvZRMBqjrl"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2c2f475b32-FRA
Expires: Sat, 13 Jan 2024 03:52:17 GMT

GET
H/1.1 200
OK d48127fe_photo0_190.jpg
ultrasurfing.com/images/ 4 KB
5 KB 365ms
314ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/d48127fe_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb7047c070184de27786497fc9be581ae23f3d0e94b503a278960c6129bac97

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4407
Last-Modified: Fri, 13 Jan 2023 10:03:03 GMT
Server: cloudflare
ETag: "63c12c57-1137"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAjZNPb4Sp9UWxr%2BySIaGmcSjD478jK3uG5Qsspl9IH1gbqpZOy6lYSLo58W4Rb458kwGs2sMNbPbLv8EqanZ50rRRjGFFyyRzM67t1eohPa8i%2BaPzYG5sqvt6g0gpKVkE%2FSBmHkhCbAZbsc5YxC"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2c2cf3bbe5-FRA
Expires: Sat, 13 Jan 2024 10:04:43 GMT

GET
H/1.1 200
OK bd546507_photo0_190.jpg
ultrasurfing.com/images/ 6 KB
7 KB 320ms
303ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/bd546507_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fdf9682702b4c3c32938c5cc157c0ab6de91d53e8845743a9131a98f63a76a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6264
Last-Modified: Fri, 13 Jan 2023 10:03:03 GMT
Server: cloudflare
ETag: "63c12c57-1878"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJKiVGy2dYyQs21Ab7%2BU2%2BG1PtMKwb%2BqJD0CTfXgfx6uVgn323xh8WNyw2nNN%2FIRX48BZt%2FdTht0EanTIvjx1tmnFIa2raObTlSqoFIjNr9yyHJRSSRsmCRG4Axvfj2neMa3F6yU3xxVPS7Lmh%2BM"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2bead0913c-FRA
Expires: Sat, 13 Jan 2024 10:04:43 GMT

GET
H/1.1 200
OK fcb067d_photo0_190.jpg
ultrasurfing.com/images/ 9 KB
10 KB 55ms
21ms Image
image/jpeg 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/images/fcb067d_photo0_190.jpg
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f4f7abc075685b0640b41b4028e011d18961af0f7382732140570334779f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 8355
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9083
Cf-Bgj: h2pri
Last-Modified: Fri, 13 Jan 2023 07:45:03 GMT
Server: cloudflare
ETag: "63c10bff-237b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgTVaKpRHo5G2OCydHWrQoNnScnTy64qS%2F9k%2BKOezaMMGkN8MKFXO7ZheySd1rPE4u4XNNna2rIya89%2F2XjOevi3qNdwfz9PLK6gej%2B7ZZW41pNgsg%2FGbCfmzl8f5U4S7FslCGSr6RlfB8UadycO"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2c0ed95b32-FRA
Expires: Sat, 13 Jan 2024 07:45:28 GMT

GET
H/1.1 200
OK rocket-loader.min.js Show response
ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 16ms
16ms Script
application/javascript 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

HTTP/1.1

Server

2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 10:27:05 GMT
Server: cloudflare
ETag: W/"63bd3d79-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G0zfbmDpDbluICfwXKOLbYju9Sb1c9BeuPclXDryeM9jtFscb3odPKXPpe70z78I%2BzRp1tTP%2FRWqMRaezhm%2FkScSvJgh%2BuMVS247JFTABReX%2FOHZozT80XylYWmszqtUVKsJuP%2FFYqboUMbGPsD"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 788d4f2c4f755b32-FRA
Expires: Sun, 15 Jan 2023 10:04:42 GMT

GET
H/1.1 200
OK bg_header.png
ultrasurfing.com/img/ 230 B
1 KB 51ms
44ms Image
image/png 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/bg_header.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 548750
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 230
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-e6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuIXEvDFDeGqbGe6k5u5Bbgo4oT1cXIk00RlO53zXpiYwluj27unkOSiiNxhtt1fU0Xh7a6y637wR7wR599kuzM%2B2Rtuw53zt73U2nQrN0Hw4I%2FbZS1qP4S80aPnFNlpadspOeiX%2F8D3JsqaCuZW"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2bdc70bbe5-FRA
Expires: Sun, 07 Jan 2024 01:38:52 GMT

GET
H/1.1 200
OK logo-new.png
ultrasurfing.com/img/ 7 KB
8 KB 52ms
24ms Image
image/png 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/logo-new.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 17400642
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7316
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-1c94"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HJQdXjvxxcs7%2BQATYdNiDcya%2BUfDRrx1XJimAI%2FWtlib4pRfD%2F2%2BXbCGqpfZLFY7Rdsr8%2B1j5gnP62exZ5LLp1NnynDEJM0Cm9ZvENJE1GeTMkjo3G7lUVrLcd8FVfXCA6S6jBVuNpzM%2BisHA2O"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2c0c609a0c-FRA
Expires: Mon, 26 Jun 2023 00:34:00 GMT

GET
H/1.1 200
OK bg_nav.png
ultrasurfing.com/img/ 175 B
987 B 34ms
27ms Image
image/png 2606:4700:e4::ac40:a70f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ultrasurfing.com/img/bg_nav.png
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/css/style6.css
Protocol: HTTP/1.1
Server: 2606:4700:e4::ac40:a70f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/css/style6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 639875
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 175
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: cloudflare
ETag: "5f9a61f5-af"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0kY5cF9I%2Fh3H4UQ2KmaCh4nf8VitO4VIZdZLj32dqwjBa8mnrst%2BnoH6ivqg1o3gpJRIzexb63FpfoffPNIExv17ubfwWpji8%2FIF9B7MxFmTZZC3vsdADM71uZBPIHZVzfjtPCW4jTzU0Eswpi6"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
CF-RAY: 788d4f2bdeaa5b32-FRA
Expires: Sat, 06 Jan 2024 00:20:08 GMT

GET
H2 200 Ultrasurfing.com_Responsive_ICF_260722.js Show response
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/ 31 KB
9 KB 52ms
8ms Script
application/octet-stream 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/Ultrasurfing.com_Responsive_ICF_260722.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7adcb55d6c44e946b0de735cc6a3e2cc7c4441d7e99a6c6f9fd0b9650e89ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: gzip
x-cdn: Lumen
x-amz-request-id: NYQX7WXV2FG9B216
age: 71264
content-length: 8957
x-amz-id-2: R+4ohSItnMDFFsi4p2+EHpg0j/kU9/SrUeTBHyzKGPturwZ7R9ZRsbnfXDJ9jhzJZ1eVfreziU0=
last-modified: Thu, 12 Jan 2023 14:15:43 GMT
server: AmazonS3
etag: W/"958928a6734a7e4fee4900f090b362a9"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: must-revalidate, max-age=0
accept-ranges: bytes
expires: Thu, 12 Jan 2023 14:16:58 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
4 KB 211ms
95ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

b4de61a022748c27fefb0b30a3175cd1e85f99fa89f084aa2a4425ca7d2e51a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2871
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
expires: Fri, 13 Jan 2023 10:04:42 GMT

GET
H2 200 aaw.ultrasurfing.js Show response
increaserev.com/ads/ob/tage/ 586 KB
167 KB 76ms
35ms Script
application/javascript 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adf7145f1926c01c729e14e440f05b0ac8dd601c6334304781cab462db43e312

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 11 Jan 2023 14:28:18 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgN8sao%2BjTuYIxxhzKCYH4E214QC2EO7ssIe2Q8rvikK0L3em%2BhtBIW9Rd0twylnwMUZIm3aU2w68o9ovRH8DTttqFhBQxRmMrstZAK1WdC15PBsB94LNWx6Ta22rp9nHnzZm4kYExVQ7rbJLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 788d4f2ca86c92c5-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
44 KB 136ms
52ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105623949-1

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

620d60ef4234245c75c86066dc3f4a3226e02f59e04ff35fbcc3ad0227ad1054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44196
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Jan 2023 10:04:42 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 344 KB
30 KB 18ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f074718599bf34f5103586ec36cb32499b2cd3f313bb837a63ae956da2564668

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: pqfSjjc9VH6TzvX4Od2ykDO2TqTIxff3
Content-Encoding: gzip
Via: 1.1 varnish
Date: Fri, 13 Jan 2023 10:04:42 GMT
x-amz-request-id: W1D6XY6T3N6BQW8Y
Age: 3284
X-Cache: HIT
Connection: keep-alive
Content-Length: 30264
x-amz-id-2: HgsQFmoE0zZ6I5mNvVYeWcQVa/pg85ba2DlhkTDYdMpp1Mu3cqlKBzWQVxj2dPbMfWVRGa+/fyI=
X-Served-By: cache-hhn-etou8220035-HHN
Last-Modified: Fri, 13 Jan 2023 09:09:56 GMT
Server: AmazonS3
X-Timer: S1673604283.595562,VS0,VE0
ETag: "bf6599018e0704086651c8e81f637a06"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
abp: 81
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
X-Cache-Hits: 21

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
66 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MG7Z28F

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

375afb6a3c2719f1a86bd2dfe8dca46f101e834f2a7f4661db0c2425cbbf7a9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67238
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Jan 2023 10:04:42 GMT

POST
H/1.1 200
OK / Show response
cat2.hbwrapper.com/ 15 B
260 B 295ms
95ms XHR
text/html 68.183.18.251
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat2.hbwrapper.com/
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.18.251 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture2.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://ultrasurfing.com
Date: Fri, 13 Jan 2023 10:04:42 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 306 B
448 B 35ms
11ms XHR
text/plain 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc00bc1d6d00f49fbb4a55bc78eb5c2ca2f19b22df05770f7d671d389d96035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 788d4f2e69fa927a-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 163ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b41947d8ae9cd7eda97d79a9484ee4b7137353df9be94e4faa92d04e92c7a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1450 / 477 of 1000 / last-modified: 1673564958"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 13 Jan 2023 10:04:42 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 179 KB
45 KB 32ms
7ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b809ae8b76cc613028f1b689c184045b1b9b954c5b6dd43c3ba0f20dc876332

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:38:45 GMT
content-encoding: gzip
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 17:04:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 1558
etag: W/"b4e70c35848150e2f856a03d773347a2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: HKhyEpizjveOnLCeTIrB5TDlEcFy8eMi4GAhnfFhJPgIaW4_gVpWBQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 163ms
47ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105623949-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 08:21:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6168
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 13 Jan 2023 10:21:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
43 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c196d056187fc1361d384c515c63643091d40949d8b0975556e9830468674c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43433
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Jan 2023 10:04:42 GMT

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ 179 KB
45 KB 14ms
7ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b809ae8b76cc613028f1b689c184045b1b9b954c5b6dd43c3ba0f20dc876332

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 09:38:45 GMT
Content-Encoding: gzip
Via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1, FRA56-C2
Age: 1558
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 17:04:03 GMT
Server: AmazonS3
ETag: W/"b4e70c35848150e2f856a03d773347a2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: -BR6hke4S8ptUkUuFPkDcC-h2V3P8hxpzGGMc_bNitzsr75IhCo3sA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 61ms
22ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933cae93ea528eac796f1595c228942593a262046126019a2833b485c9e7ab51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15656
x-jsd-version: 1.0.1585
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA, cache-yyz4574-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"633-CO+h07mD1HMQBI59Up6vGH8UH+Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qucVZigRR9Dt%2BPPen%2BdwXRRD2pzT%2F%2Ftbj16GmU9Rv3wBmLkvAJizq7DzU%2FREghvHHkYwOc%2BhcA%2BLNZVrCgyqtvEgcB1EQEQGcTnUr2nwoZwrdSAvbCPt4iRa%2FI8Ve4cSCOo9LcjiU8WC0yCUiUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 788d4f2e9ceb2bf2-FRA

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/c20e9fb0a344f1f9/ 303 KB
304 KB 166ms
84ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__de.js?usqp=CAM%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b779b101713a30c179e06ebbd8d604cf0ecd0d1ee9fac8c93d66d239a2d9bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:44:17 GMT
x-content-type-options: nosniff
age: 480025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 310713
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 16:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 07 Jan 2024 20:44:17 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/c20e9fb0a344f1f9/ 41 KB
41 KB 116ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 17:27:02 GMT
x-content-type-options: nosniff
age: 578260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41765
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 16:34:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 06 Jan 2024 17:27:02 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 164ms
83ms Stylesheet
text/css 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7ad2abf139d1cf804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 13 Jan 2023 10:50:29 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8/v/ 695 KB
184 KB 51ms
7ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6822
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8/v/avcplayer.js
Requested by: Host: cdn.vidcrunch.com
URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/Ultrasurfing.com_Responsive_ICF_260722.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9d83d4dbe0b8672cc931faba52f00710d9bd06031eb8aba02688984ef83f15b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtW0G_p0osOrEwtj6e3UA7M3L21t-IIJdF7xPH4NCsC8Zr3w9InML0sCqEepqXwc5RaK2XJcDwqr6jozTuhzodejA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 187055
last-modified: Wed, 11 Jan 2023 14:13:24 GMT
server: UploadServer
etag: "5daebbce09f74eb705536457b6437c15"
vary: Accept-Encoding
x-goog-generation: 1673446404788683
x-goog-hash: crc32c=LwtIsw==, md5=Xa67zgn3TrcFU2RXtkN8FQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 187055
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 13 Jan 2023 10:09:42 GMT

GET
H2 200 track
servt.vidcrunch.com/ 0
71 B 360ms
108ms Image
text/plain 52.21.65.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.vidcrunch.com/track?pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&cb=1673604282637&r=ultrasurfing.com&stagid=&stplid=&d35=&d65=&d66=8&e=playerLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.65.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-65-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 impl.20230112-8-RELEASE.js Show response
cdn.taboola.com/libtrc/ 723 KB
151 KB 43ms
25ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9e3efd08dba0217aa3e2159eaa10635cea1ea363d6dd3f610b8ce9d5c4f18ab9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: k8CAnyiVquZNCX9xDOsO_..fu6rxR3UF
content-encoding: br
via: 1.1 varnish
date: Fri, 13 Jan 2023 10:04:42 GMT
x-amz-request-id: W21QT41936D2ZJZM
age: 486
x-cache: HIT
content-length: 154045
x-amz-id-2: Yz7ER6o4Y+DdXNx5GnCB7QSOAElEK1G391Eobk+9yiF/wt0x0eSp0Dh4tyXu2r+NJQa0GNp7rV8=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Thu, 12 Jan 2023 09:53:47 GMT
server: AmazonS3-br
x-timer: S1673604283.692151,VS0,VE0
etag: "584cf6b1f9c40b934011497fbdbe347c"
vary: Accept-Encoding
content-type: application/javascript
abp: 42
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2588

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 39ms
9ms Script
application/javascript 143.204.215.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-108.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 00:57:24 GMT
content-encoding: gzip
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 32839
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: SLwDDhcnTpBiDPedNcMr43FupO5prTPjjzsaD7S13FUWZKF98pqxTA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 12ms
10ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 07:44:27 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 8414
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1960
x-amz-cf-id: CZEZRF2ysKANfcxFcZXZDBvqxMJBxQS2mGrvHYpNtbSRQm62GvaHGA==

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 18ms
10ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 14:01:02 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
Content-Encoding: gzip
Via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
Age: 72221
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 01:05:48 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: yP705W53f4-CSf46d5iHRzlF7k-WG0Gp6_gHbaeq_k5Qk6eNJqcnRA==

GET
H/1.1 200
OK pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 40ms
7ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Oct 2022 18:14:48 GMT
Server: Apache
ETag: "d4ed-5eaee7c12df48-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17131
Expires: Fri, 13 Jan 2023 10:19:42 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 32 KB
10 KB 36ms
7ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 08:18:13 GMT
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6390
x-amz-server-side-encryption: AES256
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: J7CWRxivDa26bXHK3TCbprvJopvlLiuctmQ57ay29wV9LsiteES-ig==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
11 KB 65ms
45ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1FMDSR4MXMKQFK3D
age: 979
x-amz-id-2: W+eRAXDBZlFLyZUYXh0wZL9LxdDqAjBSV2sC7TpO6R44qZ7WrH2sZCuYcsr5ODvabnqX1a90fTM=
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2QvqbpPyNuwY%2Falk%2BesFQh3DPB4Sv1XGHDj4PWhZVcBBpPmtILNEKGRMJ7nE%2FzwAnyopnFD%2B%2BFkPoJRjp8we8jQzTATIFYRuGpHu7EzXknUdrUIRoRHigCXZK3LZBh0j9zaADR2F0b8P8VwR4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 788d4f2ef86a9b43-FRA

GET
H2

200

id5-api.js Show response
cdn.id5-sync.com/api/1.0/
Redirect Chain

http://cdn.id5-sync.com/api/1.0/id5-api.js
https://cdn.id5-sync.com/api/1.0/id5-api.js

57 KB
17 KB

99ms
47ms

Script
text/javascript

2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: 1NVMKK1BBM9ZT45J
age: 1464
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 788d4f313a835b74-FRA
x-amz-id-2: tdUk6Et9OPSzOQ9Oq18jtd8w3lzSYaYgDEQjnUGw4XzWRK0nOIIl+WDtBhEdmcBuMyWN6vGNXV8=

Redirect headers

Location: https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 63ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://ultrasurfing.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 13 Jan 2023 10:04:42 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 62ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://ultrasurfing.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 13 Jan 2023 10:04:42 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 63ms
10ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: http://ultrasurfing.com
access-control-max-age: 600
age: 0
content-length: 0
date: Fri, 13 Jan 2023 10:04:42 GMT
server: ATS/9.1.10.25

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
463 B 96ms
48ms XHR
text/javascript 13.32.28.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=JpRN0vgq3JwnR&cb=0&ws=1600x1200&v=23.105.2110&t=2000&slots=%5B%7B%22sd%22%3A%22b639fdbd-b3bc-499b-8793-432ebda0d47e%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%7D%2C%7B%22sd%22%3A%22262dc733-9367-42b8-a74d-0e4e630ac0ce%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x124%22%2C%22970x90%22%2C%22970x100%22%2C%22970x124%22%2C%221200x100%22%2C%221200x124%22%2C%221520x100%22%2C%221520x124%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%7D%2C%7B%22sd%22%3A%22998c6127-4f41-4500-a626-1cf831dbb312%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs2017%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.28.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-28-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: RB1FCWJGZR9WFADQJD7M
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: MZhqcIu8hd5PunXMoMJHIjEzJh-NI-8db1tMiv6IHFLtEtRcg1wMBw==

GET
H2 200 gcid_s.min.js Show response
p.gcprivacy.com/t/ 9 KB
10 KB 33ms
6ms Script
application/javascript 13.32.27.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:38:16 GMT
x-amz-version-id: sbZKwqqxtvM50Otwl3WJaXFYTCAIgKPH
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
last-modified: Fri, 06 Jan 2023 15:37:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 66386
etag: "dac6676675972d00f4ec994de0578005"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9500
x-amz-cf-id: hEKccNJ0VSPO1QNuWI0s7TCBJLkjgyTDaMHtXXZzkV_p1Ha0STEMwg==

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
402 B 60ms
18ms XHR
application/json 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.28.0
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 04ac05ff740a33f2b36e77b2231d65dcf8947b15dbd68e717385233c1f63deb1

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: http://ultrasurfing.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 mvo Show response
tag.1rx.io/rmp/252875/0/ 0
163 B 60ms
19ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/252875/0/mvo?z=1r&hbv=7.28,2.1
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
568 B 73ms
35ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=930331
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4caf64c71b5db98ec08e7c0f7321eab4cdd0f6684b4d98a7b2a30c3a07fe174

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdR%2B2lXGSQgNlbN36YGLTf2Hv7yrYNr032jGYqwwTIEGlz8fb17M%2F35pD3HDu4G%2FVpJWQNwO2HGPokocO1ULwssPkrV9B%2BsUdcvivhJvdtkTn%2FNhrqfTSVAEeD18oX8xKRLDZkHS"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 788d4f2f5c7b6973-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 125ms
37ms XHR
text/plain 63.34.39.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.28.0&p=%5B%7B%22placement_id%22%3A%22b639fdbd-b3bc-499b-8793-432ebda0d47e%22%2C%22callback_id%22%3A%222614e989d09182f%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_left_sticky_rail%22%2C%22tid%22%3A%221371c5ca-79a1-43a8-9d77-cafd4e93d2fd%22%2C%22auctionId%22%3A%22434c7aa6-99bb-4f73-bd5f-699ab1f696d4%22%7D%2C%7B%22placement_id%22%3A%22262dc733-9367-42b8-a74d-0e4e630ac0ce%22%2C%22callback_id%22%3A%22277a7e000e0434b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B728%2C124%5D%2C%5B970%2C90%5D%2C%5B970%2C100%5D%2C%5B970%2C124%5D%2C%5B1200%2C100%5D%2C%5B1200%2C124%5D%2C%5B1520%2C100%5D%2C%5B1520%2C124%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_footer%22%2C%22tid%22%3A%227f603ba2-ec42-4815-a867-d8b5155189bc%22%2C%22auctionId%22%3A%22434c7aa6-99bb-4f73-bd5f-699ab1f696d4%22%7D%2C%7B%22placement_id%22%3A%22998c6127-4f41-4500-a626-1cf831dbb312%22%2C%22callback_id%22%3A%2228c2f8c758def3a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%223111770412678062735%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F22181265%2Fultrasurfing_sticky_rail%22%2C%22tid%22%3A%228543c79d-4756-4fdd-8db0-f3fae03b1d88%22%2C%22auctionId%22%3A%22434c7aa6-99bb-4f73-bd5f-699ab1f696d4%22%7D%5D&page_url=http%3A%2F%2Fultrasurfing.com%2F&bust=1673604282732&dnt=false&description=AFP%20journalists%20cover%20wars%2C%20conflicts%2C%20politics%2C%20science%2C%20health%2C%20the%20environment%2C%20technology%2C%20fashion%2C%20entertainment%2C%20the%20offbeat%2C%20sports%20and%20a%20whole%20lot%20more%20in%20text%2C%20photographs%2C%20video%2C%20graphics%20and%20online.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=ultrasurfing.com%2F&w=1600&h=1200&pubcid=e97bdabb-86f9-43d5-b877-10a384eabade&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s2017%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e97bdabb-86f9-43d5-b877-10a384eabade%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.39.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-39-251.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 30ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 174ms
17ms XHR
application/json 35.157.198.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.198.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-198-68.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 55be7604acc1e84957fea4612a7ca432120d6751898ccf3d4347f101d932969a

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 49
content-type: application/json

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
275 B 60ms
15ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:42 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
830 B 28ms
8ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:42 GMT
AN-X-Request-Uuid: fb7fb2cc-325e-45c5-97ee-9e3354082ed2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 431 B
990 B 110ms
20ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591660&size_id=9&alt_size_ids=8&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=e97bdabb-86f9-43d5-b877-10a384eabade%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_left_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&tk_flint=pbjs_lite_v7.28.0&x_source.tid=1371c5ca-79a1-43a8-9d77-cafd4e93d2fd&l_pb_bid_id=460b79b068e4c0b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_left_sticky_rail&slots=1&rand=0.7034930038504068
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5a03b8e750e702131b8084c3dd6f3b4e116cd6373a60c77f6b6245fd8b512e88

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 431
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 429 B
760 B 112ms
23ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591662&size_id=2&alt_size_ids=55%2C95&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=e97bdabb-86f9-43d5-b877-10a384eabade%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_footer&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_footer&tk_flint=pbjs_lite_v7.28.0&x_source.tid=7f603ba2-ec42-4815-a867-d8b5155189bc&l_pb_bid_id=47684a4f1ad9b83&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_footer&slots=1&rand=0.8161134023798211
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3ba4f669cda9b80982f2fb80790ce9ea75fcf828757af9cde491027872e0b0ef

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 429
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 427 B
759 B 142ms
52ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=447806&zone_id=2591658&size_id=15&alt_size_ids=9%2C8%2C10&p_pos=atf&rp_schain=1.0,1!adapex.io,s2017,1,,,&eid_pubcid.org=e97bdabb-86f9-43d5-b877-10a384eabade%5E1&rf=http%3A%2F%2Fultrasurfing.com%2F&tg_i.page=http%3A%2F%2Fultrasurfing.com%2F&tg_i.domain=ultrasurfing.com&tg_i.pbadslot=%2F22181265%2Fultrasurfing_sticky_rail&tg_i.gpid=%2F22181265%2Fultrasurfing_sticky_rail&tk_flint=pbjs_lite_v7.28.0&x_source.tid=8543c79d-4756-4fdd-8db0-f3fae03b1d88&l_pb_bid_id=48f0fd87279c93a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fultrasurfing_sticky_rail&slots=1&rand=0.012537646924615231
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fb9162834da3e61ea87d35c4e461db27a7e78fe51dd0e9a779898f332ffd3f6a

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 427
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 106ms
90ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 142a6053029920f241444db9a850efc5f42283ff1cf9f13b069c504d8767f5fd

Request headers

Referer: http://ultrasurfing.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 113ms
96ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 9a2ee8041b7fe9c34a7914ae4a5d1025ab5ff8a239fe7e901057c8807eb3fd27

Request headers

Referer: http://ultrasurfing.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
297 B 105ms
89ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ddfee9200555b6719a59963646bdade89d1cb916d0b21bb6007d5ca811cce634

Request headers

Referer: http://ultrasurfing.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
content-length: 66

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 112ms
47ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d461b271a4d32cb22d2f5fbe661805ce5b9d572cdf2ecb955c6ba724b7ebf7de

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 13 Jan 2023 10:04:42 GMT

POST
H/1.1

204
No Content

hb Show response
rt.nanoook.com/
Redirect Chain

https://brightcombid.marphezis.com/hb
https://rt.nanoook.com/hb

0
110 B

597ms
395ms

XHR
text/plain

146.190.197.183
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.nanoook.com/hb
Protocol: HTTP/1.1
Server: 146.190.197.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Jan 2023 10:04:43 GMT
vary: Origin

Redirect headers

location: https://rt.nanoook.com/hb
access-control-allow-origin: *
date: Fri, 13 Jan 2023 10:04:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 180
content-type: text/html

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 5 KB
1 KB 365ms
300ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 47ea77337f59f7b2f79f09b190d8c7654f2696b1b976d2f46947c9d48fbd00a2

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 13 Jan 2023 10:04:42 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 921

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
555 B 37ms
9ms XHR
application/json 52.57.191.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.28.0&referrer=http%3A%2F%2Fultrasurfing.com%2F&tmax=2000

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.191.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-191-85.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:42 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width
x-auction-status: 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 playlist-logo.svg
cdn.vidcrunch.com/assets/ 4 KB
4 KB 7ms
6ms Image
image/svg+xml 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/assets/playlist-logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a03bc6f8a4016dbc7a0ae2347008521083839f5076118ac7789fc3cd9071458

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
last-modified: Sun, 01 Aug 2021 07:06:04 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 95HKPYXCTA1FBJ2T
age: 1897222
etag: "373cb6f70f7cfcd6a451cbe5110eb1fe"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 3684
x-amz-id-2: /w2JxQMlswI5hoOnxNAnmahIKWovcuTHk/I3n9W++5XTaznlzAKXTnD2sEEh6lst3zD5NKCIr18=
expires: Mon, 20 Feb 2023 11:04:20 GMT

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8/v/assets/ 34 KB
35 KB 26ms
8ms Font
application/octet-stream 2a02:26f0:3500:c::5c7b:6822
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8/v/assets/31d54a4b841c0e438f13.woff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvqSmEGNLs1tooGb0gdLcGXqbO8cDBTtwmgoFzNcLZxfe64xpmAnjQff-PBkqu5pXd-9RN_ds4W-s28TtoQQSqpt3rYRqE9
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 35197
last-modified: Wed, 11 Jan 2023 14:13:25 GMT
server: UploadServer
etag: "e16c7129631f07d9abf667d3c86030d1"
vary: Accept-Encoding
x-goog-generation: 1673446405188923
x-goog-hash: crc32c=Beoohg==, md5=4WxxKWMfB9mr9mfTyGAw0Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300
x-goog-stored-content-length: 35197
accept-ranges: bytes
content-type: application/octet-stream
expires: Fri, 13 Jan 2023 10:09:42 GMT

GET
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
145 B 221ms
105ms Image
text/plain 52.6.251.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track1.avplayer.com/ctrack?pt=2&d66=8.2.7&stagid=&stplid=&pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&cb=1673604282907&e=cpll&cvid=&cpid=&str=external&vi=-1&wi=640&he=360
Protocol: HTTP/1.1
Server: 52.6.251.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-251-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H2 200 91ff65ad7ec91fd3c96f9d2362db6129_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 12 KB
12 KB 12ms
11ms Image
application/octet-stream 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/91ff65ad7ec91fd3c96f9d2362db6129_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2e407adcd1f1f76232a2feab4dd7f8cfab656a21e923ddeb41c3ed667faa725

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
last-modified: Wed, 28 Sep 2022 12:34:13 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 406V9JA9J3BADP73
age: 71155
etag: "a7b0f0c5073138ca26fcd70ccadcb6ae"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 12320
x-amz-id-2: aMeN4jxN7YA8/EiVDgZZKbWPA61cSmJpS1F3Peiq68lRdXF5SDj2CxeakEEUqTvSN6sNfI64EiI=
expires: Mon, 13 Mar 2023 14:19:13 GMT

GET
H2 200 5544b7636de84a65b2f037aa576c9669_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 22 KB
22 KB 12ms
11ms Image
application/octet-stream 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/5544b7636de84a65b2f037aa576c9669_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=3f2dfea47ac28d3fbc595e839fb247c2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f94b99e126b3c8acd070cc337dfa76d8f836bf5d0b8e9a36ebf6a182ea9fd481

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
last-modified: Wed, 28 Sep 2022 12:34:38 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 406JVAXMNT18ARQG
age: 71155
etag: "ab087a0153020a8382789561f7ef1a39"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 22050
x-amz-id-2: TAR8Ffy95F0gsGOKFN02uu3SVABgbSLt1jJTDStWlCDQNjyVajatl5hfUzBwgwjjdqAGSh7Doa8=
expires: Mon, 13 Mar 2023 14:19:13 GMT

GET
H2 200 f7406905194bde38fc5b64b56c1f40ab_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 12 KB
12 KB 11ms
10ms Image
application/octet-stream 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/f7406905194bde38fc5b64b56c1f40ab_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=e54b6f77d4fae66d9d530ef98a775501
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3f6995da1355f918b6b6b1801d4df9aca02bdb7f3f20c088812e2ca2fc1d1cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
last-modified: Wed, 28 Sep 2022 12:35:00 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 406PN4T9MYVZDE9A
age: 71155
etag: "e89ef19daf8d921c2bfbdd75bda1dbc8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 12283
x-amz-id-2: xibdB13P7n8yBCYcaDijX52AdfoSFxMVogbpEvF3WYpm375FzSRzlj03NWsKUtbF/xZn30BR60g=
expires: Mon, 13 Mar 2023 14:19:15 GMT

GET
H2 200 61c52798d7dbae4070d1789bf23e84a6_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 10 KB
11 KB 10ms
10ms Image
application/octet-stream 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/61c52798d7dbae4070d1789bf23e84a6_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=cb471b4285e51c74118edb23f4a964b4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 962e14591b1134c488280aa7935148272b1c8efbd0fc00c31146138b4b42d226

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
last-modified: Wed, 28 Sep 2022 12:34:12 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 406N8D24G3WYYDXQ
age: 71155
etag: "06d05eebf6f8d5d00f725c99488ff1c8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 10557
x-amz-id-2: EBXTm9u1atzonyhIyxGiSyQ2jcCAJgaRvueHZ4GLetmJH5bPfU1uTm1w5Ag2O2rOkCoGpWAd6BY=
expires: Mon, 13 Mar 2023 14:18:47 GMT

GET
H2 200 b5a1b44dee350a81aa532e9f7a414f37_1.jpg
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 7 KB
8 KB 13ms
12ms Image
application/octet-stream 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/b5a1b44dee350a81aa532e9f7a414f37_1.jpg?channelId=62df7c7bac65d13f1813cc8e&veid=087dce497dec9f11d193619f3bb7691e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2bea2da9803c4ecc5861d210f88a8550399fa316e9a1d2e3e89c7319f5bbbfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
last-modified: Wed, 28 Sep 2022 12:34:42 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 406VWPT15JS39NNY
age: 71155
etag: "22052b55f6ab3fea3cd5596c987fe302"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 7523
x-amz-id-2: SabscNGygnTqatCzpHBGS+o9YBNJikKIwX1PDWyvtTkqOdiBoHKI/ophU/Cr7+LOV7GwLtS6iwc=
expires: Mon, 13 Mar 2023 14:18:47 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 96A9 432 KB
117 KB 106ms
12ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 612af3e3b9f79a1b37a32192706a9b4cc905624ef983f9b788714802b171ea98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvShd2e_jiEM7KyKGZ2YbzHRRgFzjdQFrPfCCt8BqKaM94ru-D1vNZ-WcBu9XUh9yBzd2LENbzF8n6Ivmyh5JQb-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 118513
last-modified: Wed, 11 Jan 2023 12:37:01 GMT
server: UploadServer
etag: "111082cbe6af4a9938fb7f0ac75e9988"
vary: Accept-Encoding
x-goog-generation: 1673440621255658
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=C7nmVQ==, md5=ERCCy+avSpk4+38Kx16ZiA==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 118513
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:14:43 GMT

GET
H/1.1 200
OK adapex.js Show response
c.neodatagroup.com/ 27 KB
9 KB 49ms
8ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://c.neodatagroup.com/adapex.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: 925c6baa3373bdbc18eaa1f62dac9de57184080f5d6ef2e9335525819ea537a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Fri, 13 Jan 2023 10:04:43 GMT
Content-Encoding: gzip
Content-MD5: OIr+Ki+Hl0Wt1GYJISUy4g==
Age: 4531
X-Cache: HIT
Content-Length: 9023
x-ms-lease-state: available
x-ms-lease-status: unlocked
Last-Modified: Wed, 04 Jan 2023 14:31:37 GMT
Server: ECAcc (frc/4CF6)
Etag: "0x8DAEE606325EA36+gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
x-ms-request-id: 4f36a652-801e-006f-782b-27f81a000000
Cache-Control: max-age=7200
x-ms-version: 2014-02-14
Expires: Fri, 13 Jan 2023 12:04:43 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 10ms
10ms Image
text/plain 143.204.215.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1673604283007&ns_c=UTF-8&c7=http%3A%2F%2Fultrasurfing.com%2F&c8=ultrasurfing.com%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-108.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 7C9dOj3EpUE8FQYD9xzExCSujJ2zFoaybESYN-9rq0k7vg1-TQxTEw==
x-cache: Miss from cloudfront

GET d6932a57bc3c672a0b73ae0d14418d3e.mp4
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 0
0

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

http://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

46 B
288 B

51ms
18ms

Script
text/javascript

2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Protocol

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 752177
expires: 60

Redirect headers

location: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control: no-cache
content-length: 0

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 75 KB
21 KB 708ms
702ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=10%3A04%3A43.062&lti=deflated&data=%7B%22id%22%3A100%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1673600993834%2C%22vi%22%3A1673604283060%2C%22cv%22%3A%2220230112-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1963%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1864.5%2C%22mw%22%3A610%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-1x3%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A578%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d139a3123fa35132cf39e48e4be2b81efde52467d5a8b0b1d96a4f8939314521

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 484
date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220025-HHN
server: nginx
x-timer: S1673604283.282830,VS0,VE484
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
90 B 78ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=10%3A04%3A43.056&type=usage&msg=rtus&llvl=2&id=7886&cv=20230112-8-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21874

GET
H2 200 sync Show response
p2.gcprivacy.com/v2/ 155 B
524 B 348ms
125ms XHR
application/json 3.234.22.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=e97bdabb-86f9-43d5-b877-10a384eabade&u=http%3A%2F%2Fultrasurfing.com%2F&h=ultrasurfing.com&ref=
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.22.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-22-15.compute-1.amazonaws.com
Software: /
Resource Hash: c6a324c347a2b1da80673d4c690958c3a8701de379bc47729e0e117c01ef5956

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length: 155

GET
H2 206 d6932a57bc3c672a0b73ae0d14418d3e.mp4
cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/ 3 MB
3 MB 18ms
18ms Media
application/octet-stream 8.248.147.250
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/d6932a57bc3c672a0b73ae0d14418d3e.mp4?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.147.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4565a34b0fba23d7b5b6a6471db6b633624f13f40723acda33cc310d1f4e3515

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
last-modified: Wed, 28 Sep 2022 12:34:13 GMT
server: AmazonS3
x-cdn: Lumen
x-amz-request-id: 406MZGKKZ6D5AH3V
age: 71156
etag: "81845cc6edba2f847949ed41c65043b2"
content-type: application/octet-stream
access-control-allow-origin: *
Content-Range: bytes 0-3024558/3024559
cache-control: max-age=5184000
Content-Length: 3024559
x-amz-id-2: GwWo/SmOB08YnhJ+UunQVACkmkkVUfHgT1ODF8zhzM2HupnJkNgxiTcW4qffRnl4wxpD2L6Wchg=
expires: Mon, 13 Mar 2023 14:18:47 GMT

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 47 B
121 B 185ms
184ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10ffc9c8622b64e687b3fe01262c01e15753c405fe03f70eea9b5ed9adb2685c

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: public,max-age=30
access-control-allow-credentials: true
cf-ray: 788d4f340d5a2c21-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 448ms
181ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=ultrasurfing.com&url=http://ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: http://ultrasurfing.com
cache-control: public,max-age=30
cf-cache-status: DYNAMIC
cf-ray: 788d4f32eb7f2c21-FRA
content-encoding: gzip
content-type: application/json
date: Fri, 13 Jan 2023 10:04:43 GMT
server: cloudflare
vary: Origin

GET
H2 200 pubads_impl_2023010501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:55:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132895
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Jan 2024 09:55:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 464 B
200 B 149ms
73ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ultrasurfing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f04b0177cbb9f714773bda5d775e3d75bb4b8d9f339b5d7ef99e492f8cebd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 68ms
67ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1084561247&t=pageview&_s=1&dl=http%3A%2F%2Fultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=ultrasurfing.com%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1471119457&gjid=507562514&cid=1137194237.1673604283&tid=UA-105623949-1&_gid=748575417.1673604283&_r=1&gtm=2ou1a1&z=1416531634

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 110ms
30ms XHR
application/json 34.247.10.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.10.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-10-3.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 40d6ee9c403c5d3c4c473c930ffa509261a6c1d121eb5e1a7d5dba2e06a91106

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.5.184
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 141 KB
52 KB 131ms
81ms Script
text/javascript 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/cse_element__de.js?usqp=CAM%3D

Protocol

HTTP/1.1

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6e97e9479fac90f30c5b1ee46a708056f8e4849796b07e84153c02740b8fe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "8506932131716117458"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Accept-Ranges: bytes
Expires: Fri, 13 Jan 2023 10:04:43 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 36ms
35ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/c20e9fb0a344f1f9/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 11:51:47 GMT
x-content-type-options: nosniff
age: 598376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 06 Jan 2024 11:51:47 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 37ms
35ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 03:19:02 GMT
x-content-type-options: nosniff
age: 197141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 11 Jan 2024 03:19:02 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
210 B 121ms
37ms Image
text/plain 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
127 B 104ms
38ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Protocol: HTTP/1.1
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:43 GMT
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 33ms
8ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

7c308f9804358119c061f644f79d79a30db9dd052957401cb96bdb27ede5ebbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
230 B 463ms
10ms XHR
application/json 2001:41d0:701:1000::2fb3
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: f08b3879fc4774e8de86c3f69c442f79dc1b6c239a343ef0c0fbb36fc921736b

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 96A9 369 KB
124 KB 124ms
44ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf10f2d2c2627b33f59c5110c744cc586c01cc00616a689c81b818255de09b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125837
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:43 GMT

GET
H2 200 avpb7.12.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 96A9 174 KB
55 KB 14ms
12ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycds7KoXW3tkos7-oHfCPNLRXY7xrUMrX3IvQyEzFXRCIaqcf9L8bdgVm8qjdpcHSbacIyNplusF6A5IUU7_FIhI0hw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 55924
last-modified: Wed, 11 Jan 2023 12:37:01 GMT
server: UploadServer
etag: "46a5271376f028316b42644d799916a5"
vary: Accept-Encoding
x-goog-generation: 1673440621843571
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=zygl9w==, md5=RqUnE3bwKDFrQmRNeZkWpQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 55924
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:14:43 GMT

GET
H2 200 / Show response
serv.vidcrunch.com/api/adserver/tag/1/ 5 KB
2 KB 361ms
119ms XHR
application/json 34.233.111.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.vidcrunch.com/api/adserver/tag/1/?AV_DNTCHECK=1&AV_VIDEOURL=https%3A%2F%2Fcdn.vidcrunch.com%2Fintegrations%2F62df7d0fd29282460c39aff8%2F62df7da6d292823c0039affb%2Fd6932a57bc3c672a0b73ae0d14418d3e.mp4%3FchannelId&veid=8d07283d1601710af947f7fb0b55d51d&AV_SLOTT=-2&AV_SECURED=0&AV_LANGUAGE=en&AV_URL=http%3A%2F%2Fultrasurfing.com%2F&AV_PUBLISHERID=62da3b626cdcbb44f25d16d3&AV_CHANNELID=62df7c7bac65d13f1813cc8e&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=1&pce=1&npx=1&AV_DETDOMAIN=ultrasurfing.com&AV_DADPOS=1&d36=6.2.73&responsive=1&sver=4&avtoken=283184&omv=1.0.1&AV_D66=8.2.7&clsid=f8b65853-273f-4010-ba44-105f9c4beb06&rando=84&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1673604283188&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.111.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-111-211.compute-1.amazonaws.com
Software: /
Resource Hash: bb0436a3823652ccb1a84b49da006524b9a0f7b276eefabcc1e6e6e252dc1fc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 01 Jan 2023 20:18:03 GMT

GET
H2 200 track
servt.vidcrunch.com/ 0
70 B 111ms
108ms Image
text/plain 52.21.65.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.vidcrunch.com/track?r=ultrasurfing.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=1&d36=6.2.73&apppkg=&fv=1&proto=http&d66=8.2.7&clsid=f8b65853-273f-4010-ba44-105f9c4beb06&rando=84&pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&stagid=&stplid=&e=inventory&vi=100&cb=1673604283186
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.65.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-65-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-105623949-1&cid=1137194237.1673604283&jid=1471119457&gjid=507562514&_gid=748575417.1673604283&_u=YEBAAUAAAAAAACAAI~&z=1281057291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Jan 2023 10:04:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
145 B 104ms
104ms Image
text/plain 52.6.251.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track1.avplayer.com/ctrack?pt=2&d66=8.2.7&stagid=&stplid=&pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&cb=1673604283230&e=cpst&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360
Protocol: HTTP/1.1
Server: 52.6.251.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-251-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ctrack
track1.avplayer.com/ 0
145 B 208ms
104ms Image
text/plain 52.6.251.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://track1.avplayer.com/ctrack?pt=2&d66=8.2.7&stagid=&stplid=&pid=62da3b626cdcbb44f25d16d3&cid=62df7c7bac65d13f1813cc8e&r=ultrasurfing.com&sn=&cd1=&cd2=&cd3=&app=&test=&cb=1673604283230&e=cply&cvid=&cpid=&str=viewable&vi=100&wi=640&he=360
Protocol: HTTP/1.1
Server: 52.6.251.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-251-183.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-105623949-1&cid=1137194237.1673604283&jid=1471119457&_u=YEBAAUAAAAAAACAAI~&z=241415865

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 133ms
50ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-105623949-1&cid=1137194237.1673604283&jid=1471119457&_u=YEBAAUAAAAAAACAAI~&z=241415865

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avpb7.12.0a6.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 96A9 53 KB
17 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a6.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 940a84f26893616e92f88def62cdd53af0f0402466ed677ae9fe9c9cb3630c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduJSnwNIzgZSU0PguQ96X2gVi8DybRq5ccyDGID-zLpV08nk4WBweBlK9yBsNgoEWxcsG9neSSn4elM1q3R8JnuVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 16394
last-modified: Wed, 11 Jan 2023 12:37:02 GMT
server: UploadServer
etag: "5d7ccd92da6524522af7a5785064476c"
vary: Accept-Encoding
x-goog-generation: 1673440621983738
x-goog-hash: crc32c=PaYcMg==, md5=XXzNktplJFIq96V4UGRHbA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 16394
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 13 Jan 2023 10:14:43 GMT

GET
H/1.1 200
OK apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 6BEE 179 KB
45 KB 8ms
7ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: HTTP/1.1
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b809ae8b76cc613028f1b689c184045b1b9b954c5b6dd43c3ba0f20dc876332

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 09:38:45 GMT
Content-Encoding: gzip
Via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P1, FRA56-C2
Age: 1559
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 12 Jan 2023 17:04:03 GMT
Server: AmazonS3
ETag: W/"b4e70c35848150e2f856a03d773347a2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: zn9ToPQYRPtGTKDiKGbFN0BoZI5e1G8Gi4DushBALV0lDgZDnAo-bw==

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 56ms
12ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6BEE 6 KB
3 KB 9ms
8ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 14:01:02 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
Content-Encoding: gzip
Via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C2
Age: 72222
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 01:05:48 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: xZQT8HVFjnOVsYd2Le8ZmOJockDO3_02QNFb2XXiG868Va6xBXX8jg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 6BEE 0
310 B 13ms
12ms XHR
text/plain 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fultrasurfing.com&pubid=24b39613-fd0f-4009-9189-976a7d9bfd3d
Requested by: Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 07:44:29 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 8414
x-cache: Hit from cloudfront
access-control-allow-origin: http://ultrasurfing.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: by_OXD00F4GrMrI5fofMxWvHHvv2GcF9zCy5KT2sBT-tWwCaB8gmrQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ Frame 6BEE 23 B
462 B 58ms
58ms XHR
text/javascript 13.32.28.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fultrasurfing.com%2F&pid=CAnDeZVG9FvOr&cb=0&ws=1600x1200&v=23.105.2110&t=8000&slots=%5B%7B%22id%22%3A%22VidCrunch_Video_Desktop%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!vidcrunch.com%2C62da3b626cdcbb44f25d16d3%2C1%2C%2C%2C&pubid=24b39613-fd0f-4009-9189-976a7d9bfd3d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.28.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-28-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 9V35PCBBWH10WMN1BPAW
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2j5iYN0nXSSrhq-kjG-hNxMJp_aW8Qe8ZHz0hikx1AGZi9aPg4lQdQ==

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
625 B 33ms
9ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

4c38b1e93286684bfb817e7e90a8a5d4212e601cbc789fc4f8736745009e8ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 10ms
10ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 10ms
10ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 11ms
10ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 531ms
177ms Script
application/javascript 44.240.138.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fultrasurfing.com%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.138.76 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-138-76.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: f8e8aeab6fd022f5637f3d0362fc13beca6ac3ea036e128d0c2ced1aa80c20b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H2 200 floating-unit.20230112-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230112-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b5cbe29557afdf2bc005a0b2c36ebc127fd788e43b75937a83887d5864cf42b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: qf1H7xck..89A1kkSYua9l2ngm9ruGK_
content-encoding: gzip
via: 1.1 varnish
date: Fri, 13 Jan 2023 10:04:43 GMT
x-amz-request-id: 47R5CAKA69T0RTDX
age: 42587
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: yDptPqgn/AyGhUl0rXpFxtqT1WpP6coecaA7KwO2mYHgxGMWC6olGhOP7M2kW7BL7qdExuH/yo0=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Thu, 12 Jan 2023 22:14:54 GMT
server: AmazonS3
x-timer: S1673604284.783385,VS0,VE0
etag: "e5a75f74ba61f811ea576890fccb629e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 8376

GET
H/1.1 200
OK UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.8/ 104 KB
30 KB 15ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:43 GMT
Via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
Age: 1973191
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Length: 30422
X-Served-By: cache-hhn-etou8220044-HHN
Last-Modified: Tue, 22 Nov 2022 07:02:09 GMT
Server: AmazonS3
X-Timer: S1673604284.793433,VS0,VE0
ETag: "7fcf5cdb23e918c79141cd7bbdf0b9cc"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -aTxfFvcJyrZFjUxpLaBUMGCt-NikJ2h08v2DUQexGnOL0AY-yojeA==
X-Cache-Hits: 136372

GET
H2 200 feed-card-placeholder.20230112-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230112-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 523b6ab0ff376b4f689627a104d831fcbf06973d6a8727cfa1b23922470753aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: A7uliTKdfPqkjFwxVXcqsA4EAO0K5JJl
content-encoding: gzip
via: 1.1 varnish
date: Fri, 13 Jan 2023 10:04:43 GMT
x-amz-request-id: G1CAT94HK0PT14ST
age: 42594
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: UEzGLLON3gRePRV85DfzD4lqtOMePX1mxsBJxvvHhJNCOGd8XsxS1vbca62dfxeBHaGtKhj2I7c=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Thu, 12 Jan 2023 22:14:46 GMT
server: AmazonS3
x-timer: S1673604284.787052,VS0,VE0
etag: "10ba035bfdcc5220b9c93401c81e5c54"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 94665

GET
H2 200 userx.20230112-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230112-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4ebfe4996c241c46d8df13c0bf8bda4c9c9474d2a0f8caefaf46a65b2d5b711

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: HOi8lGkhisnBc4x7j6pplHh_Db9V4cgq
content-encoding: gzip
via: 1.1 varnish
date: Fri, 13 Jan 2023 10:04:43 GMT
x-amz-request-id: WCNEE7BEABYB1TCT
age: 42547
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: 6eoR5WoB5ivRjeczU7MtSaRaSBXT/laHtV2njiqIpKFOQZdTaRESDM+PO556tqIr6aXcB91Cego=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Thu, 12 Jan 2023 22:15:34 GMT
server: AmazonS3
x-timer: S1673604284.798466,VS0,VE0
etag: "bcd349de8ac825116074dcf97d06c8ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 30288

GET
H2 200 cta-component.20230112-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230112-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f2192c4428f3769f43f65add5d19b70450f59435a8b1f321d174d825e235259

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: j_DGVTb.vEgpJE9FE5DN1LWQ.3n.ZrlX
content-encoding: gzip
via: 1.1 varnish
date: Fri, 13 Jan 2023 10:04:43 GMT
x-amz-request-id: VN9NY64QZG1ZB7K6
age: 42605
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4411
x-amz-id-2: sEpv6IHofzp4CTTmcyo3XBVZ9j3M0xbWW9SfCfULya/XRN44bEsuDsu9CqjrqN8TX+lfatRIA4A=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Thu, 12 Jan 2023 22:14:36 GMT
server: AmazonS3
x-timer: S1673604284.803535,VS0,VE0
etag: "3969dec957cc85306e0d3084bca963f0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 78876

GET
H2 204 supply-feature
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=cf975fb5371a8c97728756118d1ba77d&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&pi=/&wi=-1709852854480885386&pt=home&vi=1673604283060&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=10%3A04%3A43.780&id=1159&llvl=2&cv=20230112-8-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
3 KB 6ms
6ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding: gzip
Via: 1.1 varnish
Date: Fri, 13 Jan 2023 10:04:43 GMT
x-amz-request-id: ZSYWDV613EWRQFZR
Age: 116
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1758
x-amz-id-2: zyoRYlp0DUQi7rOxqotjsUGVeDg2jXVIKZFqFlMrZ3FOAGkPB6oHKoLVv4lN564LBGSA15CQpCE=
X-Served-By: cache-hhn-etou8220035-HHN
Last-Modified: Wed, 07 Feb 2018 11:15:52 GMT
Server: AmazonS3
X-Timer: S1673604284.813835,VS0,VE0
ETag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
abp: 42
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Cache-Hits: 275

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 33 KB
9 KB 744ms
744ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=10%3A04%3A43.822&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A214%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA%22%2C%22ui%22%3A%2201de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b%22%2C%22uifp%22%3A%2201de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b%22%2C%22lbt%22%3A1673600993834%2C%22vi%22%3A1673604283060%2C%22cv%22%3A%2220230112-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3212%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1867.5%2C%22mw%22%3A610%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10594721%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-1x3%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3733f460c32545586fef09f3f8f0e2b915bf7d5f05bdfc643b1bd3349c1b94bf

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 737
date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220025-HHN
server: nginx
x-timer: S1673604284.824703,VS0,VE737
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 e1b5cc44853a27e38f7cb395094004f7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 19ms
11ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf2a18daa1214d848d8072b110ba113267018828bdfcd00c4e550a8c30696d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 5
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
age: 984143
edge-cache-tag: 349589727310529642143444192172848156288,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349589727310529642143444192172848156288,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 441
req-referer: https://dl.web.de/
content-length: 6876
x-request-id: 96a8183eff5c03e11f941749da47a42e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200044-IAD, cache-iad-kiad7000089-IAD, cache-lga21939-LGA, cache-iad-kcgs7200059-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 02 Jan 2023 00:22:15 GMT
server: nginx
x-timer: S1673604284.850176,VS0,VE5
etag: "2d8556b142f95cde77df644aab2361b9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 095e8c1de419b1c494b1867004880d2b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 14ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095e8c1de419b1c494b1867004880d2b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c15a2ff03a859e1574e11e5e3b1388a733b605517d74ab01d1008e3fa3d9624d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095e8c1de419b1c494b1867004880d2b.png
age: 1354052
edge-cache-tag: 484540626132019895985007566871388502719,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 484540626132019895985007566871388502719,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 73
expiration: expiry-date="Mon, 16 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dl.web.de/
content-length: 7036
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kjyo7100114-IAD, cache-sna10745-LGB, cache-iad-kjyo7100088-IAD, cache-hhn-etou8220025-HHN
last-modified: Fri, 16 Dec 2022 16:48:55 GMT
server: nginx
x-timer: S1673604284.850546,VS0,VE0
etag: "6ae245986bbb5e090d00dd7e301b7ec8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 29, 5

GET
H2 200 5ac4a66e3342b6fb47a3b080f150ce80.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 16ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ac4a66e3342b6fb47a3b080f150ce80.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d1fdf690f6b1d5864513aebf6296ae49b610c73eeadd58454834d3a48ceffc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ac4a66e3342b6fb47a3b080f150ce80.jpg
age: 3789809
edge-cache-tag: 537235665520757617942976764212026769357,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537235665520757617942976764212026769357,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 97
req-referer: https://www.bloomberg.com/
content-length: 4360
x-request-id: 99943d71262e407a1f40ca23305216ac
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100045-IAD, cache-chi-kigq8000136-CHI, cache-iad-kcgs7200116-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 30 Nov 2022 10:13:25 GMT
server: nginx
x-timer: S1673604284.850560,VS0,VE2
etag: "377bdd627f8e1aafbb8a5bcbe14f5e91"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 226, 1

GET
H2 200 e57b71bf78acc992724d5578cda0e53a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cc961613182e754b988b863e0c5c8a9adbe647ff38babaf520af0816fb4f628

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
age: 741508
edge-cache-tag: 581642981813423033132911081436147160939,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581642981813423033132911081436147160939,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 538
req-referer: https://dl.gmx.net/
content-length: 35224
x-request-id: a499985d6a687310cbac0c0d2c6be633
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200062-IAD, cache-iad-kjyo7100156-IAD, cache-chi-klot8100063-CHI, cache-iad-kiad7000169-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 04 Jan 2023 20:01:52 GMT
server: nginx
x-timer: S1673604284.850523,VS0,VE1
etag: "8e445d3482f0e237bfcbb45d91c6310c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 7a329b4e4f82feec75ff9f432b8f85a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 9ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a329b4e4f82feec75ff9f432b8f85a4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 656e9f7414af48519ee7d05954f6fc451e6c90bafd92cc9f4f2f73f4eb687e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a329b4e4f82feec75ff9f432b8f85a4.jpg
age: 316968
edge-cache-tag: 456754592445102959237649883989892759167,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 456754592445102959237649883989892759167,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 303
req-referer: https://dl.web.de/
content-length: 14086
x-request-id: 3d2c814acf4b3f871b0b7ccae344299d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kjyo7100120-IAD, cache-lga21959-LGA, cache-iad-kiad7000080-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 09 Jan 2023 17:03:50 GMT
server: nginx
x-timer: S1673604284.850511,VS0,VE2
etag: "af19a698106b415c3263f53c117e76b4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 604f64db35ad7d8e32fc4a7cffa729ec.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 9ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2965c9069f4f0cb213cec2572fda6ac3f8af342c67a0cd7888e9cbf05cb08ee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
age: 6531315
edge-cache-tag: 380932827776598572844696039841441315722,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380932827776598572844696039841441315722,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 145
req-referer: https://www.nbcnews.com/
content-length: 25024
x-request-id: 6d4507e8b1d1b6591409a1bbc169b593
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100069-IAD, cache-iad-kjyo7100074-IAD, cache-bur-kbur8200072-BUR, cache-iad-kcgs7200146-IAD, cache-hhn-etou8220025-HHN
last-modified: Thu, 13 Oct 2022 03:24:05 GMT
server: nginx
x-timer: S1673604284.853097,VS0,VE1
etag: "71a5249ebf825bffbf341a7dd8262a5f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 24, 1

GET
H2 200 e263f44cef340668db586471b70661d4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 7ms
6ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e06a2540df8bea590ae6ca668ed0c32bef14e2aff46d02c96df75240794d792f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
age: 1974465
edge-cache-tag: 364560876160549481589467145760867241195,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 364560876160549481589467145760867241195,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 392
req-referer: https://dl.gmx.net/
content-length: 9664
x-request-id: 3d8090b9ce171b691205c2bf55ec3094
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200079-IAD, cache-iad-kjyo7100052-IAD, cache-bur-kbur8200030-BUR, cache-iad-kjyo7100055-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 21 Dec 2022 13:17:04 GMT
server: nginx
x-timer: S1673604284.857631,VS0,VE0
etag: "72975a3b033e97a3e73a818abe729ec1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 26, 6

GET
H2 200 934aa1b94bbf4b219c980445ae32d14c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 9ms
6ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/934aa1b94bbf4b219c980445ae32d14c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac82b0a0b7b97b8f77ae7168e76cb259c67adae4af7fbcdc346c846be4771af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/934aa1b94bbf4b219c980445ae32d14c.jpg
age: 1104920
edge-cache-tag: 464410965424768318265251885418594544140,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 464410965424768318265251885418594544140,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 45
req-referer: https://www.standard.co.uk/
content-length: 9558
x-request-id: 486c0880c58e3590861c609787f628c2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200027-IAD, cache-lga21982-LGA, cache-iad-kjyo7100057-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 12 Dec 2022 18:52:18 GMT
server: nginx
x-timer: S1673604284.862196,VS0,VE0
etag: "7e4a88109f60dd332b812e21b0978730"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 213, 30

GET
H2 200 8874c52a695d58513c01143ce1131205.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
19 KB 35ms
34ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8874c52a695d58513c01143ce1131205.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d85d0459c46d9294e669012076dba06a2a8b72b0d1c1e26d75db954f2ebd0473

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 13
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8874c52a695d58513c01143ce1131205.jpg
age: 4283832
edge-cache-tag: 447117253232661094161594744927834908179,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag: 447117253232661094161594744927834908179,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 161
req-referer: https://www.t-online.de/
content-length: 18992
x-request-id: e8ebf890d9369aa9037e9627acfdcc58
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200039-IAD, cache-iad-kiad7000158-IAD, cache-lga21926-LGA, cache-iad-kiad7000091-IAD, cache-hhn-etou8220025-HHN
last-modified: Thu, 24 Nov 2022 18:16:18 GMT
server: nginx
x-timer: S1673604284.862271,VS0,VE13
etag: "a91cc7ba8f774b8c5a8902de51bdc825"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 1

GET
H2 200 a3d682509a56f65fe65c11b3d9a43063.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a3d682509a56f65fe65c11b3d9a43063.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd236f676bfe5a8f6aa6458beab29a81318e998ad0b24b826d89b08590d8534f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a3d682509a56f65fe65c11b3d9a43063.png
age: 949391
edge-cache-tag: 319022864014738675646758039400689843188,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 319022864014738675646758039400689843188,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 436
req-referer: https://www.freenet.de/
content-length: 14264
x-request-id: bc1cfba21205a78f5e5573062468b98d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200148-IAD, cache-iad-kiad7000171-IAD, cache-bur-kbur8200028-BUR, cache-iad-kiad7000151-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 21 Dec 2022 10:57:01 GMT
server: nginx
x-timer: S1673604284.862912,VS0,VE0
etag: "d5f7bb82c1b16de66857e12207861e98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
H2 200 dc1aa9c7f4feacc0362da8965be88cd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ab32357046cf4a9d0ac14bb34f9495c42cf3589a0d126536c95ae866abd79a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
age: 1174655
edge-cache-tag: 570355061721211699538449521237231190296,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 570355061721211699538449521237231190296,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 474
req-referer: https://work.chron.com/
content-length: 14044
x-request-id: f3dc37cb5c2263ddad4a1a361389fac0
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200120-IAD, cache-iad-kiad7000099-IAD, cache-bur-kbur8200035-BUR, cache-iad-kiad7000155-IAD, cache-hhn-etou8220025-HHN
last-modified: Tue, 20 Dec 2022 12:44:25 GMT
server: nginx
x-timer: S1673604284.862608,VS0,VE0
etag: "8259ddf27eafaa40f40f65fed9837da0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1517, 9

GET
H2 206 sbfcvda1gqwcij41gdnv.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/ 303 KB
303 KB 9ms
7ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/sbfcvda1gqwcij41gdnv.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9409e8b88b7880640f02eb872b435e71ad5d79931e42cb675d098f78ee16be03

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: NHwYfLNYVEAbRmtYbe2mDdvej_0WkCnZ
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish
x-amz-request-id: A04TG9E3PCRKM5MS
age: 1
x-cache: HIT
Content-Range: bytes 0-310206/310207
x-amz-replication-status: COMPLETED
Content-Length: 310207
x-amz-id-2: yaVZTsIsqjFDXtl1CD+psiz/6suO9sKG91uxAexWbaPK47Ztnn98zX6CupRXg+lrsmHIHxMs8/k=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Wed, 15 Jun 2022 10:44:31 GMT
server: AmazonS3
x-timer: S1673604284.864851,VS0,VE1
etag: "c54599e9c7c442de75cbb6db4644fb1e"
content-type: video/mp4;codecs=avc1
abp: 42
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 next-up-widget.20230112-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230112-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50e2bbf14f8c2ce0f6369b672e797b6b37b09cb6e26e77027de648e73a0049f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: QffML38lnINFyyg9hb68lb7P3HE2GUsU
content-encoding: gzip
via: 1.1 varnish
date: Fri, 13 Jan 2023 10:04:43 GMT
x-amz-request-id: 4B8ZPWBSFFF10X0E
age: 42582
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: ILcxyfgYPtBssW7e294IpaNhDKV9x7Uuc+SjDjmHxgLmoKgGa2IH1DmsgCb6GEXqNaLE9RDabbs=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Thu, 12 Jan 2023 22:14:59 GMT
server: AmazonS3
x-timer: S1673604284.864953,VS0,VE0
etag: "d8d9a3b452b28e4ea8b816edb726a241"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7982

GET
H2 206 b5vabxhqezog1arnt7m2.mp4
cdn.taboola.com/libtrc/static/video/v1666339887/ 866 KB
867 KB 15ms
14ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1666339887/b5vabxhqezog1arnt7m2.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1dc07516bb84363b41feac92819797ac2ed7c96947da75379100a309da766be4

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: 5M7lg4hT5Uad0mDq7OgxKTYCwbmsYE9q
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish
x-amz-request-id: WDR7ZT0A2C30VE5N
age: 26
x-cache: HIT
Content-Range: bytes 0-886582/886583
x-amz-replication-status: COMPLETED
Content-Length: 886583
x-amz-id-2: S+XuxF030rz1x4DAHCok4txBSxoZQICupPiIBtefLCXn1NrhmNZZmv4FyhyMfhIhQ6a5kiV9kHM=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Fri, 21 Oct 2022 08:11:39 GMT
server: AmazonS3
x-timer: S1673604284.865817,VS0,VE4
etag: "1b5ebbbf450bb3defa14aad23cc92811"
content-type: video/mp4;codecs=avc1
abp: 42
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095e8c1de419b1c494b1867004880d2b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c15a2ff03a859e1574e11e5e3b1388a733b605517d74ab01d1008e3fa3d9624d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/095e8c1de419b1c494b1867004880d2b.png
age: 1354052
edge-cache-tag: 484540626132019895985007566871388502719,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 484540626132019895985007566871388502719,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 73
expiration: expiry-date="Mon, 16 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dl.web.de/
content-length: 7036
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000104-IAD, cache-iad-kjyo7100114-IAD, cache-sna10745-LGB, cache-iad-kjyo7100088-IAD, cache-hhn-etou8220025-HHN
last-modified: Fri, 16 Dec 2022 16:48:55 GMT
server: nginx
x-timer: S1673604284.879343,VS0,VE0
etag: "6ae245986bbb5e090d00dd7e301b7ec8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 29, 6

GET
H2 200 e1b5cc44853a27e38f7cb395094004f7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 7ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf2a18daa1214d848d8072b110ba113267018828bdfcd00c4e550a8c30696d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
age: 984143
edge-cache-tag: 349589727310529642143444192172848156288,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349589727310529642143444192172848156288,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 441
req-referer: https://dl.web.de/
content-length: 6876
x-request-id: 96a8183eff5c03e11f941749da47a42e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200044-IAD, cache-iad-kiad7000089-IAD, cache-lga21939-LGA, cache-iad-kcgs7200059-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 02 Jan 2023 00:22:15 GMT
server: nginx
x-timer: S1673604284.896325,VS0,VE0
etag: "2d8556b142f95cde77df644aab2361b9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ac4a66e3342b6fb47a3b080f150ce80.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d1fdf690f6b1d5864513aebf6296ae49b610c73eeadd58454834d3a48ceffc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5ac4a66e3342b6fb47a3b080f150ce80.jpg
age: 3789809
edge-cache-tag: 537235665520757617942976764212026769357,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537235665520757617942976764212026769357,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 97
req-referer: https://www.bloomberg.com/
content-length: 4360
x-request-id: 99943d71262e407a1f40ca23305216ac
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100039-IAD, cache-iad-kjyo7100045-IAD, cache-chi-kigq8000136-CHI, cache-iad-kcgs7200116-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 30 Nov 2022 10:13:25 GMT
server: nginx
x-timer: S1673604284.898033,VS0,VE0
etag: "377bdd627f8e1aafbb8a5bcbe14f5e91"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 226, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cc961613182e754b988b863e0c5c8a9adbe647ff38babaf520af0816fb4f628

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e57b71bf78acc992724d5578cda0e53a.jpg
age: 741508
edge-cache-tag: 581642981813423033132911081436147160939,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581642981813423033132911081436147160939,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 538
req-referer: https://dl.gmx.net/
content-length: 35224
x-request-id: a499985d6a687310cbac0c0d2c6be633
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200062-IAD, cache-iad-kjyo7100156-IAD, cache-chi-klot8100063-CHI, cache-iad-kiad7000169-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 04 Jan 2023 20:01:52 GMT
server: nginx
x-timer: S1673604284.898316,VS0,VE0
etag: "8e445d3482f0e237bfcbb45d91c6310c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a329b4e4f82feec75ff9f432b8f85a4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 656e9f7414af48519ee7d05954f6fc451e6c90bafd92cc9f4f2f73f4eb687e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7a329b4e4f82feec75ff9f432b8f85a4.jpg
age: 316968
edge-cache-tag: 456754592445102959237649883989892759167,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 456754592445102959237649883989892759167,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 303
req-referer: https://dl.web.de/
content-length: 14086
x-request-id: 3d2c814acf4b3f871b0b7ccae344299d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kjyo7100120-IAD, cache-lga21959-LGA, cache-iad-kiad7000080-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 09 Jan 2023 17:03:50 GMT
server: nginx
x-timer: S1673604284.898277,VS0,VE0
etag: "af19a698106b415c3263f53c117e76b4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2965c9069f4f0cb213cec2572fda6ac3f8af342c67a0cd7888e9cbf05cb08ee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/604f64db35ad7d8e32fc4a7cffa729ec.jpg
age: 6531315
edge-cache-tag: 380932827776598572844696039841441315722,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380932827776598572844696039841441315722,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 145
req-referer: https://www.nbcnews.com/
content-length: 25024
x-request-id: 6d4507e8b1d1b6591409a1bbc169b593
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100069-IAD, cache-iad-kjyo7100074-IAD, cache-bur-kbur8200072-BUR, cache-iad-kcgs7200146-IAD, cache-hhn-etou8220025-HHN
last-modified: Thu, 13 Oct 2022 03:24:05 GMT
server: nginx
x-timer: S1673604284.898347,VS0,VE0
etag: "71a5249ebf825bffbf341a7dd8262a5f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 24, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e06a2540df8bea590ae6ca668ed0c32bef14e2aff46d02c96df75240794d792f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e263f44cef340668db586471b70661d4.jpg
age: 1974465
edge-cache-tag: 364560876160549481589467145760867241195,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 364560876160549481589467145760867241195,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 392
req-referer: https://dl.gmx.net/
content-length: 9664
x-request-id: 3d8090b9ce171b691205c2bf55ec3094
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200079-IAD, cache-iad-kjyo7100052-IAD, cache-bur-kbur8200030-BUR, cache-iad-kjyo7100055-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 21 Dec 2022 13:17:04 GMT
server: nginx
x-timer: S1673604284.908052,VS0,VE0
etag: "72975a3b033e97a3e73a818abe729ec1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 26, 7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/934aa1b94bbf4b219c980445ae32d14c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac82b0a0b7b97b8f77ae7168e76cb259c67adae4af7fbcdc346c846be4771af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/934aa1b94bbf4b219c980445ae32d14c.jpg
age: 1104920
edge-cache-tag: 464410965424768318265251885418594544140,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 464410965424768318265251885418594544140,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 45
req-referer: https://www.standard.co.uk/
content-length: 9558
x-request-id: 486c0880c58e3590861c609787f628c2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kcgs7200027-IAD, cache-lga21982-LGA, cache-iad-kjyo7100057-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 12 Dec 2022 18:52:18 GMT
server: nginx
x-timer: S1673604284.908491,VS0,VE0
etag: "7e4a88109f60dd332b812e21b0978730"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 213, 31

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a3d682509a56f65fe65c11b3d9a43063.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd236f676bfe5a8f6aa6458beab29a81318e998ad0b24b826d89b08590d8534f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a3d682509a56f65fe65c11b3d9a43063.png
age: 949391
edge-cache-tag: 319022864014738675646758039400689843188,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 319022864014738675646758039400689843188,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 436
req-referer: https://www.freenet.de/
content-length: 14264
x-request-id: bc1cfba21205a78f5e5573062468b98d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200148-IAD, cache-iad-kiad7000171-IAD, cache-bur-kbur8200028-BUR, cache-iad-kiad7000151-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 21 Dec 2022 10:57:01 GMT
server: nginx
x-timer: S1673604284.907809,VS0,VE0
etag: "d5f7bb82c1b16de66857e12207861e98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

GET
H2 200 dc1aa9c7f4feacc0362da8965be88cd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
14 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ab32357046cf4a9d0ac14bb34f9495c42cf3589a0d126536c95ae866abd79a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc1aa9c7f4feacc0362da8965be88cd9.jpg
age: 1174655
edge-cache-tag: 570355061721211699538449521237231190296,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag: 570355061721211699538449521237231190296,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 474
req-referer: https://work.chron.com/
content-length: 14044
x-request-id: f3dc37cb5c2263ddad4a1a361389fac0
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200120-IAD, cache-iad-kiad7000099-IAD, cache-bur-kbur8200035-BUR, cache-iad-kiad7000155-IAD, cache-hhn-etou8220025-HHN
last-modified: Tue, 20 Dec 2022 12:44:25 GMT
server: nginx
x-timer: S1673604284.908026,VS0,VE0
etag: "8259ddf27eafaa40f40f65fed9837da0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1517, 10

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
17ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://ultrasurfing.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 13 Jan 2023 10:04:43 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 473028
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
250 B 192ms
117ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.28.0
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: http://ultrasurfing.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fultrasurfing.com%2F&domain=ultrasurfing.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=-eMTynxUR3Zxb1FQa2Z5NFRPM041cUlMakltSEZNdEFNMkREVWtMVzV3Ykkvcjk5YXZSOVpDSEcxU251c2Zlak9YR1hSN1FCelk2bXVGajZCQmN0RkxvdGp3T2svRkpXYnhQRzBsbFIyMzRFenYvTEVyVDRoL2h1UVNRUH...

357 B
645 B

44ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-eMTynxUR3Zxb1FQa2Z5NFRPM041cUlMakltSEZNdEFNMkREVWtMVzV3Ykkvcjk5YXZSOVpDSEcxU251c2Zlak9YR1hSN1FCelk2bXVGajZCQmN0RkxvdGp3T2svRkpXYnhQRzBsbFIyMzRFenYvTEVyVDRoL2h1UVNRUHpCNUw2OG92VGFGdWYvcjlNVEkvSjV2S05kSU5tNVF6cEp6QUt3R2FwVzlTVlp5STNsU2haVXV0SVJyaE92WWlWT1dMYmtGR1VCQThzZTZjaGV3Z05mZElubmZJd3VqRm5Bc2JCZDRrZG1xTmovQlkrcGhzPXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2717f02743430fdd34803a59bb281e76db5dfd3de1a4c93c4219e6748ac5d078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1364546
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=-eMTynxUR3Zxb1FQa2Z5NFRPM041cUlMakltSEZNdEFNMkREVWtMVzV3Ykkvcjk5YXZSOVpDSEcxU251c2Zlak9YR1hSN1FCelk2bXVGajZCQmN0RkxvdGp3T2svRkpXYnhQRzBsbFIyMzRFenYvTEVyVDRoL2h1UVNRUHpCNUw2OG92VGFGdWYvcjlNVEkvSjV2S05kSU5tNVF6cEp6QUt3R2FwVzlTVlp5STNsU2haVXV0SVJyaE92WWlWT1dMYmtGR1VCQThzZTZjaGV3Z05mZElubmZJd3VqRm5Bc2JCZDRrZG1xTmovQlkrcGhzPXw&cppv=2
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 753609
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
544 B 22ms
8ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 204 any Show response
idx.liadm.com/idex/prebid/ 0
313 B 336ms
106ms XHR
text/plain 34.231.246.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.246.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-246-225.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: 4cf90663175c21f9
vary: Origin
request-time: 2

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 99ms
28ms XHR
application/json 54.171.141.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.141.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-141-116.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache
x-server: 10.45.5.139
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
338 B 64ms
36ms XHR
text/plain 104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by: Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:43 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 13 Jan 2023 10:04:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
47ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ultrasurfing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 123ms
44ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ultrasurfing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
14 KB 507ms
507ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2668570728063583&correlator=3230910362397022&eid=31071151%2C31071369%2C31071526&output=ldjh&gdfp_req=1&vrg=2023010501&ptt=17&impl=fifs&iu_parts=22181265%3A22829021775%2Cultrasurfing_left_sticky_rail%2Cultrasurfing_sticky_footer%2Cultrasurfing_sticky_rail&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=160x600%7C120x600%2C728x90%7C728x124%7C970x90%7C970x100%7C970x124%7C1200x100%7C1200x124%7C1520x100%7C1520x124%2C300x250%7C300x600%7C160x600%7C120x600&ifi=1&adks=3632821694%2C3134511214%2C345495185&didk=1860833184~1776048037~626430864&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dadhesion%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D700%26wrap_l%3D3000%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D19%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26teadsIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=0&cookie_enabled=1&abxe=1&dt=1673604283955&lmt=1673604283&dlt=1673604282153&idt=1101&adxs=325%2C436%2C975&adys=578%2C3155%2C578&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fultrasurfing.com%2F&frm=20&vis=1&psz=183x600%7C1600x3154%7C300x250&msz=160x0%7C728x0%7C300x0&fws=4%2C128%2C4&ohw=990%2C0%2C990&ga_vid=1137194237.1673604283&ga_sid=1673604284&ga_hid=1084561247&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3beb329b4e2bd948ff9b1ec4baf9b1d3c7f2f12fcfe7847812d0e4f5aa2f596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14622
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 171ms
87ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ee37cf33fcc2b045ce82c93e6e85ac96ef93fffe66330b58d30f4b223e2eb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11076
x-xss-protection: 0

GET
H2 200 container.html Show response
b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C298 6 KB
3 KB 139ms
45ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Sat, 13 Jan 2024 10:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8874c52a695d58513c01143ce1131205.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d85d0459c46d9294e669012076dba06a2a8b72b0d1c1e26d75db954f2ebd0473

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8874c52a695d58513c01143ce1131205.jpg
age: 4283832
edge-cache-tag: 447117253232661094161594744927834908179,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
cache-tag: 447117253232661094161594744927834908179,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 161
req-referer: https://www.t-online.de/
content-length: 18992
x-request-id: e8ebf890d9369aa9037e9627acfdcc58
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200039-IAD, cache-iad-kiad7000158-IAD, cache-lga21926-LGA, cache-iad-kiad7000091-IAD, cache-hhn-etou8220025-HHN
last-modified: Thu, 24 Nov 2022 18:16:18 GMT
server: nginx
x-timer: S1673604284.969491,VS0,VE0
etag: "a91cc7ba8f774b8c5a8902de51bdc825"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 7, 2

GET
H2 200 e1b5cc44853a27e38f7cb395094004f7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b68157994bf47f98c0172d69cc964c44b61e4720ebd1392c4668695fc7db6f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 13 Jan 2023 10:04:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
age: 982246
edge-cache-tag: 349589727310529642143444192172848156288,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349589727310529642143444192172848156288,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 136
expiration: expiry-date="Wed, 11 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.livedoor.com/
content-length: 4828
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000164-IAD, cache-chi-kigq8000113-CHI, cache-iad-kcgs7200106-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 11 Dec 2022 20:02:57 GMT
server: nginx
x-timer: S1673604284.976994,VS0,VE1
etag: "068f7258b96d8341cced4913b77f3b48"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 11, 1

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
402 B 11ms
9ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

7c308f9804358119c061f644f79d79a30db9dd052957401cb96bdb27ede5ebbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 68ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 13 Jan 2023 10:04:43 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 403354
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
625 B 8ms
8ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/ob/tage/aaw.ultrasurfing.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

360324b544410bf26fa483d58f96fe45341c69bfd2c3a98659862f34f23fbd97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 e1b5cc44853a27e38f7cb395094004f7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 7ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b68157994bf47f98c0172d69cc964c44b61e4720ebd1392c4668695fc7db6f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1b5cc44853a27e38f7cb395094004f7.jpg
age: 982246
edge-cache-tag: 349589727310529642143444192172848156288,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349589727310529642143444192172848156288,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 136
expiration: expiry-date="Wed, 11 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://news.livedoor.com/
content-length: 4828
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000164-IAD, cache-chi-kigq8000113-CHI, cache-iad-kcgs7200106-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 11 Dec 2022 20:02:57 GMT
server: nginx
x-timer: S1673604284.003776,VS0,VE0
etag: "068f7258b96d8341cced4913b77f3b48"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 11, 2

GET
H/1.1 200
OK st Show response
imprammp.taboola.com/ Frame 27E4 738 B
811 B 28ms
16ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f29d6a15dad119f952895a5e28b31ac92fb281d0da77d4beb056cbe74f3a5ece

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 13 Jan 2023 10:04:44 GMT
Server: nginx
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Served-By: cache-hhn-etou8220053-HHN
X-Timer: S1673604284.199331,VS0,VE9
transfer-encoding: chunked

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 40CC 564 B
658 B 28ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4b0acb5b956e0838f74b55d4693710c5f2f5fb43d6ad98609eb2882ad7df92eb

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 13 Jan 2023 10:04:44 GMT
machineid: 3402
server: nginx

POST
H/1.1 200
OK VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 10 KB
7 KB 192ms
185ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1673604284192&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1493&pt=-173796119&tz=0&viewable=true&ddast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1334675&dpubid=231135&abtst=Noappq22_vB!smbs!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a0282278e1fd513986e1186dd42fa7a658f69d1d624a0f5d3a89ccefa3421d9

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

Expires: Sat, 26 Jul 1997 05:00:00 GMT
Date: Fri, 13 Jan 2023 10:04:44 GMT
Content-Encoding: gzip
Via: 1.1 varnish
MachineId: 1439
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-hhn-etou8220035-HHN
Pragma: no-cache
Server: nginx
X-Timer: S1673604284.207669,VS0,VE174
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Link: <http://{"userSync">; rel=preconnect,<http://{"adUnit">; rel=preconnect
X-Cache-Hits: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 132ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:04:44 GMT

GET
H2 206 sbfcvda1gqwcij41gdnv.mp4
cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/ 64 KB
0 8ms
7ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video//h_400,c_scale/v1655289863/sbfcvda1gqwcij41gdnv.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: NHwYfLNYVEAbRmtYbe2mDdvej_0WkCnZ
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish
x-amz-request-id: A04TG9E3PCRKM5MS
age: 1
x-cache: HIT
Content-Range: bytes 0-310206/310207
x-amz-replication-status: COMPLETED
Content-Length: 310207
x-amz-id-2: yaVZTsIsqjFDXtl1CD+psiz/6suO9sKG91uxAexWbaPK47Ztnn98zX6CupRXg+lrsmHIHxMs8/k=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Wed, 15 Jun 2022 10:44:31 GMT
server: AmazonS3
x-timer: S1673604284.201532,VS0,VE1
etag: "c54599e9c7c442de75cbb6db4644fb1e"
content-type: video/mp4;codecs=avc1
abp: 42
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200

pv Show response
tra.neodatagroup.com/
Redirect Chain

https://tra.neodatagroup.com/pv?sid=2033&rnd=282433994428&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&ids=e97bdabb-86f9-43d5-b877-10a384eabade;pubcid...
https://tra.neodatagroup.com/pv?sid=2033&rnd=282433994428&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&ids=e97bdabb-86f9-43d5-b877-10a384eabade;pubcid...

232 B
1 KB

38ms
37ms

Script
application/javascript

20.73.234.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tra.neodatagroup.com/pv?sid=2033&rnd=282433994428&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&ids=e97bdabb-86f9-43d5-b877-10a384eabade;pubcid;PublisherCommonId&pbs=true&neoid=30b552d7edc0593
Protocol: HTTP/1.1
Server: 20.73.234.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ce51b9218e28d519579023ff4be76644ca7485f5caaf2ec0cfbe27fbb9f39ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
vary: accept-encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive

Redirect headers

Access-Control-Allow-Origin: *
Location: /pv?sid=2033&rnd=282433994428&id=11931&ad=122499&rs=1600x1200&lg=en-US&tz=0&ur=http%3A%2F%2Fultrasurfing.com%2F&re=&co=24&ids=e97bdabb-86f9-43d5-b877-10a384eabade;pubcid;PublisherCommonId&pbs=true&neoid=30b552d7edc0593
Date: Fri, 13 Jan 2023 10:04:44 GMT
Content-Type: text/richtext;charset=UTF-8
Connection: keep-alive
Content-Length: 0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

GET
H/1.1

200

cm
tracker.neodatagroup.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=282433994428
https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=282433994428&google_tc=
https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=282433994428&google_gid=CAESEGRrqFq7wF99tU_icAEscpU&google_cver=1

1 B
2 KB

344ms
305ms

Image
image/gif

20.73.234.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=282433994428&google_gid=CAESEGRrqFq7wF99tU_icAEscpU&google_cver=1
Protocol: HTTP/1.1
Server: 20.73.234.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 13 Jan 2023 10:04:44 GMT
Content-Type: image/gif;charset=UTF-8
Connection: keep-alive
Content-Length: 1
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=282433994428&google_gid=CAESEGRrqFq7wF99tU_icAEscpU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 27E4 43 B
183 B 330ms
112ms Image
image/gif 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 13 Jan 2023 10:04:44 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 27E4 70 B
265 B 98ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 40CC 70 B
264 B 91ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 40CC 43 B
182 B 322ms
114ms Image
image/gif 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 13 Jan 2023 10:04:44 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 40CC 43 B
146 B 31ms
8ms Image
image/gif 52.58.228.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.228.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-228-255.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0504
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

37ms
8ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 13 Jan 2023 10:04:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0504 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e1126a799c2e8d267e500237f8f80fc11d030de9c9c67b90d58128d43d871826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Jan 2023 14:41:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16614
Connection: keep-alive
Content-Length: 10036
Expires: Fri, 13 Jan 2023 14:41:38 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0504 0
239 B 65ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LCUCS1CR-F-HYY8
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
www.youronlinechoices.com/wp-content/plugins/optout/callback/ 0
0 99ms
32ms Image
text/html 40.85.112.191
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=Wu4-Judf2MyC94bZ6emx8oT90o4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.85.112.191 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B6D 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 22:19:36 GMT
expires: Fri, 12 Jan 2024 22:19:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 08F5 783 B
535 B 48ms
48ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8537ab24a2b12ef310a6fde3c8b89167f53d0443e1f6b033c63e762608644a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kizxe9kr9Sh3lNFLPuOkVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Kizxe9kr9Sh3lNFLPuOkVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Fri, 13 Jan 2023 10:04:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B6D 36 KB
16 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
H/1.1 200
OK cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_4_7/infra/ 857 KB
186 KB 13ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/32_4_7/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b1339f0a7868e89be68636a35d678bafbb77aacd2b5e30b3242e702f0c4cc11

Request headers

Referer: http://ultrasurfing.com/
Origin: http://ultrasurfing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-meta-mtime: 1672222094
Date: Fri, 13 Jan 2023 10:04:44 GMT
Via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA60-P1
Age: 1381358
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1672222094
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 189979
X-Served-By: cache-hhn-etou8220044-HHN
Last-Modified: Wed, 28 Dec 2022 10:08:15 GMT
Server: AmazonS3
X-Timer: S1673604284.402145,VS0,VE0
ETag: "53893fd0933930896c226ae345238df3"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ghCgFaxOfTmKXmg0rd7twQrMBYaW4ampDuNFs96JxsvmtGVLksSBZA==
X-Cache-Hits: 8694

GET
H/1.1 200
OK cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_4_7/assets/css/ 63 KB
10 KB 8ms
8ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/32_4_7/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-meta-mtime: 1672222125
Date: Fri, 13 Jan 2023 10:04:44 GMT
Via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA60-P1
Age: 1382081
X-Cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1672222126
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 9595
X-Served-By: cache-hhn-etou8220044-HHN
Last-Modified: Wed, 28 Dec 2022 10:08:47 GMT
Server: AmazonS3
X-Timer: S1673604284.397809,VS0,VE0
ETag: "6447e08dd293a35a6c0f1bb02250ed04"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: XjqH7vWzojBNtYcXz9g-_zkzNB0l56exPwk7sfNLpPoli_0uCL6yJA==
X-Cache-Hits: 529555

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 08F5 0
0 194ms
139ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023010501&jk=2668570728063583&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0504
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCUCS1CR-F-HYY8&gdpr=1&us_privacy=1---

0
710 B

158ms
122ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCUCS1CR-F-HYY8&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:43 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 738DCF9F220B4A78BCE1A20E83FDFF2A Ref B: FRAEDGE1219 Ref C: 2023-01-13T10:04:44Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyIlziGDJsSNQK43Frww==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCUCS1CR-F-HYY8&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0504
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP0TuF8P_c2ObkwjTQap-xM&google_cver=1

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP0TuF8P_c2ObkwjTQap-xM&google_cver=1
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP0TuF8P_c2ObkwjTQap-xM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 0504
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

34ms
34ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R509VZWV17ZJ7G8D5RXG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N8CSMP7SWH9TKT1R05GR
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0504
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/MS1N9y1Lq5R4V7rCIEiZnA?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dqxxOWBE2oJc288l.wdvcCBsEi5OoUpc7Hv66Q--~A

0
239 B

8ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dqxxOWBE2oJc288l.wdvcCBsEi5OoUpc7Hv66Q--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 13 Jan 2023 10:04:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dqxxOWBE2oJc288l.wdvcCBsEi5OoUpc7Hv66Q--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0504
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlOTk0NGM0NTU0NjNhNjE5ZmQwZDA0MTdjODhiZTE3ZGEwZjIyYw&gdpr=1&us_privacy=1---

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlOTk0NGM0NTU0NjNhNjE5ZmQwZDA0MTdjODhiZTE3ZGEwZjIyYw&gdpr=1&us_privacy=1---

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJlOTk0NGM0NTU0NjNhNjE5ZmQwZDA0MTdjODhiZTE3ZGEwZjIyYw&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0504
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQ1MxQ1ItRi1IWVk4&gdpr=1&us_privacy=1---

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQ1MxQ1ItRi1IWVk4&gdpr=1&us_privacy=1---

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENVQ1MxQ1ItRi1IWVk4&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 0504
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

113ms
112ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1H69X9XHCFMNA6226295
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:44 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y6944VB46SPY6VMG76RH
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 0504 70 B
264 B 34ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=undefined&cb=1673604284177&uv=3247&tms=1673604284177&abt=Noappq22_vB!smbs!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2b07fda-b41f-422d-a91a-9478997ac17f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK content_v3.js Show response
vidstat.taboola.com/ 16 KB
6 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_4_7/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:44 GMT
Via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
Age: 2679740
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Length: 4839
X-Served-By: cache-hhn-etou8220044-HHN
Last-Modified: Wed, 20 Jul 2022 13:23:50 GMT
Server: AmazonS3
X-Timer: S1673604285.532386,VS0,VE0
ETag: "f7533e747bb02a8eb527ada4f2749620"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Q0KjeUPCgZAHIdyoLHniQDzMk1-wp3U3iVb-9MHod_5Ky07U_92QFw==
X-Cache-Hits: 285812

GET
H/1.1 200
OK OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v14.9.3/ 437 KB
104 KB 11ms
11ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v14.9.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_4_7/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dbbf2b9885e84d05df0a819b3da15498bc90ed45c1de4c388ed5fec4541b85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-meta-mtime: 1673344868
Date: Fri, 13 Jan 2023 10:04:44 GMT
Via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA60-P1
Age: 259373
X-Cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1673344868
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 105243
X-Served-By: cache-hhn-etou8220044-HHN
Last-Modified: Tue, 10 Jan 2023 10:01:09 GMT
Server: AmazonS3
X-Timer: S1673604285.557475,VS0,VE0
ETag: "1127662da5a4e1b8b3193532fdbd1413"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: UMPBBvK8oczI__Rog67mdxl8Oz6KOJkwPrfQWLVDQfTLc-CDP-nHPg==
X-Cache-Hits: 106002

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D355 564 B
658 B 16ms
16ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_4_7/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 13 Jan 2023 10:04:44 GMT
machineid: 3402
server: nginx

GET
H/1.1 200 st
am-vid-events.taboola.com/ 0
112 B 43ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&cmcv=&pix=31579697&cb=1673604284555&uv=3247&tms=1673604284555&su=3&abt=Noappq22_vB!smbs!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 container.html Show response
b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 592D 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Sat, 13 Jan 2024 10:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C79 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Sat, 13 Jan 2024 10:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 600D 6 KB
3 KB 36ms
36ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ultrasurfing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Sat, 13 Jan 2024 10:04:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
90 KB 13ms
6ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: HTTP/1.1
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
Date: Fri, 13 Jan 2023 10:04:44 GMT
Via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront), 1.1 varnish
X-Amz-Cf-Pop: FRA2-C1
Age: 819976
X-Cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Length: 90784
X-Served-By: cache-hhn-etou8220047-HHN
Last-Modified: Sun, 02 Jul 2017 20:40:57 GMT
Server: AmazonS3
X-Timer: S1673604285.647300,VS0,VE0
ETag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: QgBz_EkuAytUrW2SOYijc0QG2Ab2af0U695mUwb2WgqmD4FLhuKPXQ==
X-Cache-Hits: 310243

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame D355 43 B
182 B 105ms
105ms Image
image/gif 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:59f0:7d1c:f2a3:a394 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 13 Jan 2023 10:04:44 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D355 70 B
264 B 31ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
x.bidswitch.net/ Frame D355 43 B
145 B 10ms
10ms Image
image/gif 52.58.228.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.228.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-228-255.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 abtests
am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/ 0
230 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:AM:V&lti=deflated&ri=c3a8cd6452ac9e606af3203e49e90a82&sd=v2_b9d1424c15e1727fec6466689afdd9c1_01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b_1673604283_1673604283_CIi3jgYQ8-NDGLT12tTaMCABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABou8Lv8ILE69mmAXAA&ui=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&pi=/&wi=-1709852854480885386&pt=home&vi=1673604283060&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1673604284750%7D&tim=10%3A04%3A44.750&id=1691&llvl=2&cv=20230112-8-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 1d106f6c8729ca44649d076581d85be2.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
47 KB 10ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d106f6c8729ca44649d076581d85be2.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ec439b6e683200fac65cb880cbd01488a49a6d586176e5f58dc40837a17d3e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d106f6c8729ca44649d076581d85be2.jpeg
age: 4230808
edge-cache-tag: 412183723988332279854577293719959860136,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 412183723988332279854577293719959860136,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 210
expiration: expiry-date="Sun, 18 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.techradar.com/
content-length: 47378
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kcgs7200068-IAD, cache-chi-kigq8000072-CHI, cache-iad-kjyo7100136-IAD, cache-hhn-etou8220025-HHN
last-modified: Thu, 17 Nov 2022 17:20:44 GMT
server: nginx
x-timer: S1673604285.760515,VS0,VE3
etag: "08b507c0ad3b9d48183cc636996b9827"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 3, 1

GET
H2 200 1e9b6f0c36512acd33cf7b7ea529ede8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 6ms
6ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e9b6f0c36512acd33cf7b7ea529ede8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4221598043d8b7959428615c31872bfa9ca218cb00b49404b1bf22d316664573

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e9b6f0c36512acd33cf7b7ea529ede8.jpg
age: 5157400
edge-cache-tag: 617717985472330783583721591863509528911,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 617717985472330783583721591863509528911,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 178
expiration: expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sport5.co.il/
content-length: 19206
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000107-IAD, cache-iad-kiad7000066-IAD, cache-bur-kbur8200121-BUR, cache-iad-kiad7000068-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 31 Oct 2022 16:33:31 GMT
server: nginx
x-timer: S1673604285.761580,VS0,VE0
etag: "2febd40e4e4b29bd4bc091d1fc25a0ec"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 312, 78

GET
H2 200 015af41778ddfd605659671e4047fed7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 8ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/015af41778ddfd605659671e4047fed7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db5249b0b99f2ca1523758ca370e57da03bf66d58a18d33c184c599569f6ca0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/015af41778ddfd605659671e4047fed7.png
age: 3203878
edge-cache-tag: 359003628904163526318549268100062111672,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 359003628904163526318549268100062111672,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 994
req-referer: https://dl.gmx.net/
content-length: 17388
x-request-id: 56f33638228e2ed5030e58113d5b4533
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100159-IAD, cache-iad-kcgs7200052-IAD, cache-bur-kbur8200161-BUR, cache-iad-kiad7000068-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 13 Nov 2022 07:35:03 GMT
server: nginx
x-timer: S1673604285.763419,VS0,VE0
etag: "3c2caa200d903e964ca779f992e4ed04"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 263, 9

GET
H2 200 24124d8f27b1d1a29512f185760a5080.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
45 KB 10ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24124d8f27b1d1a29512f185760a5080.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5472ccccef98f1e425838285ff718b61db349a86aa6be607d451b24a25b382de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24124d8f27b1d1a29512f185760a5080.jpg
age: 5679199
edge-cache-tag: 385504925848121649181976101043475921893,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 385504925848121649181976101043475921893,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 108
req-referer: https://www.oggi.it/video/attualita/2022/10/10/kiev-il-missile-russo-cade-in-pieno-centro-il-video-e-impressionante/
content-length: 45762
x-request-id: ceed0254ecddd42844d573421b2e060a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000082-IAD, cache-iad-kcgs7200072-IAD, cache-chi-kigq8000122-CHI, cache-iad-kcgs7200072-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 30 Oct 2022 12:01:51 GMT
server: nginx
x-timer: S1673604285.764416,VS0,VE0
etag: "d423706deddde66c7a6d183a96329cd4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 22, 2

GET
H2 200 b01c096a69a28bc3f5704d1c3438dd95.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 10ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b01c096a69a28bc3f5704d1c3438dd95.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 772c81becaa9b251345a3d51932d166eb6c8bf2d1973ddecead1a4dbc7e0c450

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b01c096a69a28bc3f5704d1c3438dd95.jpg
age: 3173782
edge-cache-tag: 367504570694213303184625667089085642694,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 367504570694213303184625667089085642694,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 217
req-referer: https://www.sport1.de/
content-length: 6564
x-request-id: ab48d796e69e537e8b3ff18c516b8462
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kiad7000173-IAD, cache-chi-klot8100159-CHI, cache-iad-kcgs7200138-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 07 Dec 2022 09:41:35 GMT
server: nginx
x-timer: S1673604285.764405,VS0,VE1
etag: "df21689251c943060aa5fc6fcd4a5352"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 6, 1

GET
H2 200 6a37609fe73f162515152f36670aadcd.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
23 KB 10ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a37609fe73f162515152f36670aadcd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b350c06f4e2a82525846479b05b16e4d19435eb8a3f768f35f56a43476c790b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a37609fe73f162515152f36670aadcd.png
age: 3978688
edge-cache-tag: 400924720345543310243816491797318360283,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 400924720345543310243816491797318360283,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 581
req-referer: https://dl.web.de/
content-length: 22494
x-request-id: a4828b198faf2dd1083b501136702837
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100142-IAD, cache-iad-kjyo7100121-IAD, cache-lax10683-LGB, cache-iad-kjyo7100021-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 28 Nov 2022 08:08:22 GMT
server: nginx
x-timer: S1673604285.764749,VS0,VE0
etag: "10418ab462ca29047241e2885b0d00df"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 97, 3

GET
H2 200 2b7f742ffc4dadfa6aac0764e2a76224.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 7ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b7f742ffc4dadfa6aac0764e2a76224.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 601b262350b862c48dd8d4be9cae1cf7f316e52e6bbeb0b9f09a475656685e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b7f742ffc4dadfa6aac0764e2a76224.jpg
age: 1471086
edge-cache-tag: 354415799842458207427169052846434777897,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 354415799842458207427169052846434777897,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 213
req-referer: https://www.mediaite.com/
content-length: 14788
x-request-id: 1d59687ffef2ad158d08bbdf8f945cbf
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000142-IAD, cache-iad-kcgs7200079-IAD, cache-lga21932-LGA, cache-iad-kiad7000074-IAD, cache-hhn-etou8220025-HHN
last-modified: Fri, 23 Dec 2022 14:04:16 GMT
server: nginx
x-timer: S1673604285.769085,VS0,VE1
etag: "5683b298873b98df7707524902dcf356"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 1

GET
H2 200 be82161eaf5f30ee3af0642b961d5255.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 10 KB
10 KB 12ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be82161eaf5f30ee3af0642b961d5255.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0411d6faf719dd6fc3fc61c485cfdf82054a496e45e763c195434ea3ce0d45bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be82161eaf5f30ee3af0642b961d5255.jpg
age: 783870
edge-cache-tag: 552799273361985540482499519553745668792,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 552799273361985540482499519553745668792,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 654
req-referer: https://www.iodonna.it/
content-length: 9888
x-request-id: bf868a05543f3276b45becd95d909afd
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200148-IAD, cache-iad-kjyo7100039-IAD, cache-sna10750-LGB, cache-iad-kiad7000170-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 18 Dec 2022 23:34:57 GMT
server: nginx
x-timer: S1673604285.775043,VS0,VE2
etag: "e015cbf7184677dcd94ebd60f67d4fd8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 9, 1

GET
H2 200 dd0a201ae99f75aa69e8d09d238de0fd.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 19ms
16ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd0a201ae99f75aa69e8d09d238de0fd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7dc68dd02e94a30a906bea6195c08db6dbb3d11a874bc3079efe1d02f2bac7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd0a201ae99f75aa69e8d09d238de0fd.png
age: 1173966
edge-cache-tag: 467537909027818736314260670052733828433,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 467537909027818736314260670052733828433,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 62
expiration: expiry-date="Sat, 07 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dl.web.de/
content-length: 14456
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200091-IAD, cache-iad-kjyo7100093-IAD, cache-lga21940-LGA, cache-iad-kjyo7100037-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 07 Dec 2022 17:13:52 GMT
server: nginx
x-timer: S1673604285.775141,VS0,VE10
etag: "38a591b27d234a1469a162674dd1a2db"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 18, 1

GET
H2 200 ebe34cda8115467cefbce4b5ccf7075e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
46 KB 11ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 12529dba98253a6038fe210eb7ecbea19a3d0afc00ccbe55d206b97b2f59efa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
age: 6204949
edge-cache-tag: 380718914452234203638632966853219348314,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380718914452234203638632966853219348314,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 252
expiration: expiry-date="Mon, 07 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tichyseinblick.de/video/der-beste-trick-der-natur-2/
content-length: 45660
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100049-IAD, cache-lga21971-LGA, cache-iad-kjyo7100112-IAD, cache-hhn-etou8220025-HHN
last-modified: Fri, 07 Oct 2022 21:53:28 GMT
server: nginx
x-timer: S1673604285.775224,VS0,VE2
etag: "ce52279bbfc1aff9f44e08efaac9d88a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 20, 1

GET
H2 200 ff5b43531a037cac13e572fe25a53588.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 82 KB
83 KB 12ms
11ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5b43531a037cac13e572fe25a53588.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bb55ccd5d6949930e396e3d7f56b6a83a191b050f3f9d5a2b9012a20d8079934

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5b43531a037cac13e572fe25a53588.jpg
age: 1177747
edge-cache-tag: 403273544374710709306457206066066899901,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403273544374710709306457206066066899901,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 371
expiration: expiry-date="Sat, 07 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://telegrafi.com/
content-length: 84438
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000041-IAD, cache-iad-kiad7000068-IAD, cache-bur-kbur8200087-BUR, cache-iad-kjyo7100064-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 07 Dec 2022 13:06:55 GMT
server: nginx
x-timer: S1673604285.775422,VS0,VE4
etag: "e6e469c6542ac1faa1b83d1bbeadec0f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 1

GET
H2 200 8dd8e93d18f4e417f2ee8ae136ca1d53.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 39 KB
40 KB 11ms
11ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dd8e93d18f4e417f2ee8ae136ca1d53.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: baed14923754089f4780d01a03c5efa808af6d05df7aee101950a8fcef3533f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dd8e93d18f4e417f2ee8ae136ca1d53.jpg
age: 1627930
edge-cache-tag: 326267978891874195092818918985655870049,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 326267978891874195092818918985655870049,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 259
expiration: expiry-date="Thu, 29 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.viepratique.fr/
content-length: 40214
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kcgs7200025-IAD, cache-bur-kbur8200144-BUR, cache-iad-kjyo7100078-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 28 Nov 2022 00:53:08 GMT
server: nginx
x-timer: S1673604285.775427,VS0,VE3
etag: "637149b4f8676b60152bc4ab42ef46f2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 1

GET
H2 200 4334f49a9779be4eb38937223665ce8f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 68 KB
69 KB 40ms
40ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4334f49a9779be4eb38937223665ce8f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e71cbb95000c2f801d05af833ac781b93fdc22d2e52495f7916af50590772f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 32
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4334f49a9779be4eb38937223665ce8f.jpg
age: 926750
edge-cache-tag: 622212998138269706642735016391113909912,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 622212998138269706642735016391113909912,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 374
expiration: expiry-date="Sat, 21 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dl.web.de/
content-length: 69902
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000082-IAD, cache-iad-kiad7000060-IAD, cache-lga21927-LGA, cache-iad-kcgs7200173-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 21 Dec 2022 09:33:10 GMT
server: nginx
x-timer: S1673604285.777055,VS0,VE32
etag: "ac36cca1b05cc55c4d682062ed43b30b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 4, 1

GET
H2 200 6dcf6699949a0a940bc769c36cbd9e50.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
57 KB 11ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6dcf6699949a0a940bc769c36cbd9e50.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cc35271f4d6929d4d3c58f44bfa3551bf77ad7eb7b9ac2956ffaa2a9b9cad7e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6dcf6699949a0a940bc769c36cbd9e50.jpg
age: 1103032
edge-cache-tag: 624931428990978870394343749851764939953,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624931428990978870394343749851764939953,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 343
req-referer: https://lols.pl/
content-length: 57998
x-request-id: 838159f576eb0bc229163786b873d5ec
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kiad7000151-IAD, cache-sna10730-LGB, cache-iad-kjyo7100087-IAD, cache-hhn-etou8220025-HHN
last-modified: Sat, 03 Dec 2022 13:31:55 GMT
server: nginx
x-timer: S1673604285.788506,VS0,VE1
etag: "0363196b05b2788586acf97bf960fa68"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 4, 1

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ 8 KB
4 KB 54ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=20309721&cmp=28592042&sid=8137502&plc=346555983&adsrv=1&btreg=tbl_1673604283920-0&btadsrv=&crt=&tagtype=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_126}&dvtagver=6.1.src
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a9932bc9e169e3f42cf782e33f879d6f2108c28bd924bf01ce1bcabe6889683

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2023 16:24:47 GMT
Server: Microsoft-IIS/10.0
ETag: W/"80317d38d925d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3336

POST
H2 204 required-viewability-available Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
277 B 16ms
15ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/required-viewability-available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220025-HHN
server: nginx
x-timer: S1673604285.768979,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

B28592042.346555983;dc_pre=CMeSluelxPwCFY6SdwodYQUNaQ;dc_trk_aid=538212364;dc_trk_cid=178151941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B28592042.346555983;dc_trk_aid=538212364;dc_trk_cid=178151941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B28592042.346555983;dc_pre=CMeSluelxPwCFY6SdwodYQUNaQ;dc_trk_aid=538212364;dc_trk_cid=178151941;ord=[timestamp];dc_lat=;dc_rdid=;tag_f...

43 B
119 B

73ms
72ms

Image
image/gif

142.250.201.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B28592042.346555983;dc_pre=CMeSluelxPwCFY6SdwodYQUNaQ;dc_trk_aid=538212364;dc_trk_cid=178151941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com

Protocol

Server

142.250.201.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N9166.3001245TABOOLADE/B28592042.346555983;dc_pre=CMeSluelxPwCFY6SdwodYQUNaQ;dc_trk_aid=538212364;dc_trk_cid=178151941;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=ultrasurfing.com
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A2AD 624 B
368 B 184ms
82ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ3HstwBMAE&v=APEucNUJoU8VLH4yyNSedp5o-wPSqs_2tabQer8qJdBUvh7miE08h_IJufEdHN_5R1fKr65H6uTVOq_4WAAXxnaujpMiMUiPJEl_kwPLcV7e1xlj5l5at7SFj9e5_jCI8JE0kAjPxS-5bK4bJIlBFxwFf0551lVYEVDHOkEpjQpGA1Z8mBqkASeMRvAfho2w_9QKjj6HTTfX6qN3NEgZk46fhY3gXDprdQ

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Fri, 13 Jan 2023 10:04:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 592D 76 KB
27 KB 115ms
113ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 10:04:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592D 42 B
63 B 140ms
139ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Alce6_KiX97EbaVAqEtf8bluaYFRh4XEx0xuR498RWRKkZuLGeEliFTFUNA46ugyU9IrgmqxenZySTXNPBMAM2tRqQSq_7fBQSZGTkBL9lbjkhwoc

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592D 0
20 B 141ms
139ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12078184435898746367&x=1&ct=76

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 592D
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1291789/67949523/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1010229247&ias_pubId=pub-1062972861553303&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=

43 B
483 B

38ms
8ms

Image
image/gif

2600:9000:214f:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=
Requested by: Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 17435506
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: xiwmz3PAWjEx2Vtv7OCybVCwrnT6OSaLSrM2oOim000DAVzngPkg0g==

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 592D 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 592D 18 KB
7 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 592D 157 KB
49 KB 381ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A1F 624 B
368 B 174ms
78ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYk5feswEwAQ&v=APEucNXqLjNdsJyFPQqw692ggWtUEM1Zo3GocqyXIhLXmPvyrTcGLfue5oJVdPC47bpu64IgcLoQA7-ugfDx3tzY4mAh8UToOGixWaPu7bLexFRvZX8qT8l5CE4O2BvASDKtuBp4t0b49NjEgKHIZP5d5cQaNdC2hRiDqenZBUy_jVTZki0rZRnkhl4eLBHL9Fyl-rHqB2310TJJhKzpVLUagi1YZM6Cxg

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Fri, 13 Jan 2023 10:04:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7C79 76 KB
27 KB 169ms
169ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 10:04:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C79 42 B
63 B 140ms
138ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D9HdAhIkhgUtAY1S-cil3KAHutPqRhEUqzm1UqvXhq4eXPkO2uGUdCw4ZRQGLvMVXJPheh-iiRDNELZMD9Zwgym7Q0fR5IvjbnLcv2P4dZCJ-KzPI

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C79 0
20 B 140ms
139ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8740959834475600412&x=1&ct=76

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 7C79 3 KB
1 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 7C79 18 KB
7 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C79 157 KB
48 KB 435ms
103ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D0FE 624 B
782 B 171ms
77ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKrHstwBMAE&v=APEucNVNZ3BIxvElKgBk5mSz94umDgl70NXv_r_6A3QjicPo_rKcHXw_FP8f8sxTEYdjId8UigWoQP-RZyW_F6SgFn0fhuGFwdnz5ZVRGrIy-HNKTxUdYsCdtpHt6ilcocbDtbx37XU-IFbR70JKCubORkb8P7nygaCByHxhDA3hwQ_rUe-MRadjafoFAmzddleyE3j8QCJU_EN0gqH7wU09RopM79brRQ

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:44 GMT
expires: Fri, 13 Jan 2023 10:04:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 600D 76 KB
27 KB 182ms
181ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27384
x-xss-protection: 0
server: cafe
etag: 10506132538256102613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 10:04:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 600D 42 B
63 B 141ms
139ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmyXVjrAqpTJJIxJ4wYL16RQ9FPdqgbspSCkAC7OoxA4AHrZjjhIQxPVHas5HawPRrpgbpxjtbJwRrZw7eohbxyQzl6sq3cRY3rmahkJi75ZgP4Ig

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 600D 0
20 B 141ms
138ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4209687574788538013&x=1&ct=76

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 600D
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1291789/67949529/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1010229247&ias_pubId=pub-1062972861553303&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=

43 B
483 B

38ms
8ms

Image
image/gif

2600:9000:214f:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=
Requested by: Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 17435506
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: GMHDuBqZ6oT5v1WbzYx_tR3TmsweYgaUZE7oRoNfNxl_OjpX_Wvy0w==

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 600D 3 KB
1 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 600D 18 KB
7 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7538
x-xss-protection: 0
server: cafe
etag: 18140588555649875417
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:01:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 600D 157 KB
48 KB 456ms
129ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49309
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1673441803913192"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H2 206 j7e7myuha8obnczlmaid.mp4
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1635941761/ 1 MB
1 MB 10ms
9ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/h_400,c_scale/v1635941761/j7e7myuha8obnczlmaid.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab6cb54388c572a1ac43e9cb6dd252aa014b24247b9a8baffea37bad795b75c7

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: sJJqH3AYvIlIIGmitydU.NgNgfBfJyGq
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish
x-amz-request-id: 5EP8VA5S10WB9C1R
age: 10
x-cache: HIT
Content-Range: bytes 0-1253344/1253345
x-amz-replication-status: COMPLETED
Content-Length: 1253345
x-amz-id-2: Gkp/c2CiA/o+ltrdZtBnEuRwOjV2lMW1FouxMefxn+1ZkBPxtf6xds/9hwgNXRl4LU38fIGdqeY=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Wed, 03 Nov 2021 12:16:16 GMT
server: AmazonS3
x-timer: S1673604285.814546,VS0,VE1
etag: "7d6f04fea4cdb32af8580b029f272e5e"
content-type: video/mp4;codecs=avc1
abp: 42
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 vetswpk8l2arpg2550eu.mp4
cdn.taboola.com/libtrc/static/video/v1644315697/ 1 MB
1 MB 9ms
8ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1644315697/vetswpk8l2arpg2550eu.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f6535f49cac94e0bbad2c7623a8e2431e8eb1e88bf699c96107325a3481d608

Request headers

Referer: http://ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: ATlxVVTqyFLOf_eNoFfE69D5FpXP3lsk
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish
x-amz-request-id: J37TQKCM6VMXZBG9
age: 14
x-cache: HIT
Content-Range: bytes 0-1128603/1128604
x-amz-replication-status: COMPLETED
Content-Length: 1128604
x-amz-id-2: 8z6p8ab9aRZyB/6x9h/YAtEBJtBLxPHBBy1ZcSC/vjsoU+xizZD/10mMBoXc2GEoXL3kc/7Qdxo=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Tue, 08 Feb 2022 10:21:46 GMT
server: AmazonS3
x-timer: S1673604285.815494,VS0,VE1
etag: "a13de9817307e619c7663571c495f753"
content-type: video/mp4;codecs=avc1
abp: 42
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d106f6c8729ca44649d076581d85be2.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ec439b6e683200fac65cb880cbd01488a49a6d586176e5f58dc40837a17d3e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d106f6c8729ca44649d076581d85be2.jpeg
age: 4230808
edge-cache-tag: 412183723988332279854577293719959860136,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 412183723988332279854577293719959860136,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 210
expiration: expiry-date="Sun, 18 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.techradar.com/
content-length: 47378
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kcgs7200068-IAD, cache-chi-kigq8000072-CHI, cache-iad-kjyo7100136-IAD, cache-hhn-etou8220025-HHN
last-modified: Thu, 17 Nov 2022 17:20:44 GMT
server: nginx
x-timer: S1673604285.878249,VS0,VE0
etag: "08b507c0ad3b9d48183cc636996b9827"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e9b6f0c36512acd33cf7b7ea529ede8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4221598043d8b7959428615c31872bfa9ca218cb00b49404b1bf22d316664573

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e9b6f0c36512acd33cf7b7ea529ede8.jpg
age: 5157401
edge-cache-tag: 617717985472330783583721591863509528911,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 617717985472330783583721591863509528911,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 178
expiration: expiry-date="Thu, 01 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sport5.co.il/
content-length: 19206
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000107-IAD, cache-iad-kiad7000066-IAD, cache-bur-kbur8200121-BUR, cache-iad-kiad7000068-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 31 Oct 2022 16:33:31 GMT
server: nginx
x-timer: S1673604285.877767,VS0,VE0
etag: "2febd40e4e4b29bd4bc091d1fc25a0ec"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 312, 79

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/015af41778ddfd605659671e4047fed7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: db5249b0b99f2ca1523758ca370e57da03bf66d58a18d33c184c599569f6ca0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/015af41778ddfd605659671e4047fed7.png
age: 3203878
edge-cache-tag: 359003628904163526318549268100062111672,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 359003628904163526318549268100062111672,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 994
req-referer: https://dl.gmx.net/
content-length: 17388
x-request-id: 56f33638228e2ed5030e58113d5b4533
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100159-IAD, cache-iad-kcgs7200052-IAD, cache-bur-kbur8200161-BUR, cache-iad-kiad7000068-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 13 Nov 2022 07:35:03 GMT
server: nginx
x-timer: S1673604285.877422,VS0,VE0
etag: "3c2caa200d903e964ca779f992e4ed04"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 263, 10

GET
H2 200 24124d8f27b1d1a29512f185760a5080.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
46 KB 39ms
34ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24124d8f27b1d1a29512f185760a5080.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5472ccccef98f1e425838285ff718b61db349a86aa6be607d451b24a25b382de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/24124d8f27b1d1a29512f185760a5080.jpg
age: 5679199
edge-cache-tag: 385504925848121649181976101043475921893,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
cache-tag: 385504925848121649181976101043475921893,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 108
req-referer: https://www.oggi.it/video/attualita/2022/10/10/kiev-il-missile-russo-cade-in-pieno-centro-il-video-e-impressionante/
content-length: 45762
x-request-id: ceed0254ecddd42844d573421b2e060a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000082-IAD, cache-iad-kcgs7200072-IAD, cache-chi-kigq8000122-CHI, cache-iad-kcgs7200072-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 30 Oct 2022 12:01:51 GMT
server: nginx
x-timer: S1673604285.877278,VS0,VE0
etag: "d423706deddde66c7a6d183a96329cd4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 22, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b01c096a69a28bc3f5704d1c3438dd95.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 772c81becaa9b251345a3d51932d166eb6c8bf2d1973ddecead1a4dbc7e0c450

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b01c096a69a28bc3f5704d1c3438dd95.jpg
age: 3173782
edge-cache-tag: 367504570694213303184625667089085642694,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 367504570694213303184625667089085642694,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 217
req-referer: https://www.sport1.de/
content-length: 6564
x-request-id: ab48d796e69e537e8b3ff18c516b8462
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kiad7000173-IAD, cache-chi-klot8100159-CHI, cache-iad-kcgs7200138-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 07 Dec 2022 09:41:35 GMT
server: nginx
x-timer: S1673604285.876835,VS0,VE0
etag: "df21689251c943060aa5fc6fcd4a5352"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 6, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a37609fe73f162515152f36670aadcd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b350c06f4e2a82525846479b05b16e4d19435eb8a3f768f35f56a43476c790b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6a37609fe73f162515152f36670aadcd.png
age: 3978688
edge-cache-tag: 400924720345543310243816491797318360283,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 400924720345543310243816491797318360283,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 581
req-referer: https://dl.web.de/
content-length: 22494
x-request-id: a4828b198faf2dd1083b501136702837
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100142-IAD, cache-iad-kjyo7100121-IAD, cache-lax10683-LGB, cache-iad-kjyo7100021-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 28 Nov 2022 08:08:22 GMT
server: nginx
x-timer: S1673604285.877077,VS0,VE0
etag: "10418ab462ca29047241e2885b0d00df"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 97, 4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b7f742ffc4dadfa6aac0764e2a76224.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 601b262350b862c48dd8d4be9cae1cf7f316e52e6bbeb0b9f09a475656685e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b7f742ffc4dadfa6aac0764e2a76224.jpg
age: 1471086
edge-cache-tag: 354415799842458207427169052846434777897,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 354415799842458207427169052846434777897,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 213
req-referer: https://www.mediaite.com/
content-length: 14788
x-request-id: 1d59687ffef2ad158d08bbdf8f945cbf
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000142-IAD, cache-iad-kcgs7200079-IAD, cache-lga21932-LGA, cache-iad-kiad7000074-IAD, cache-hhn-etou8220025-HHN
last-modified: Fri, 23 Dec 2022 14:04:16 GMT
server: nginx
x-timer: S1673604285.888309,VS0,VE0
etag: "5683b298873b98df7707524902dcf356"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be82161eaf5f30ee3af0642b961d5255.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0411d6faf719dd6fc3fc61c485cfdf82054a496e45e763c195434ea3ce0d45bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be82161eaf5f30ee3af0642b961d5255.jpg
age: 783870
edge-cache-tag: 552799273361985540482499519553745668792,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 552799273361985540482499519553745668792,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 654
req-referer: https://www.iodonna.it/
content-length: 9888
x-request-id: bf868a05543f3276b45becd95d909afd
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200148-IAD, cache-iad-kjyo7100039-IAD, cache-sna10750-LGB, cache-iad-kiad7000170-IAD, cache-hhn-etou8220025-HHN
last-modified: Sun, 18 Dec 2022 23:34:57 GMT
server: nginx
x-timer: S1673604285.888284,VS0,VE0
etag: "e015cbf7184677dcd94ebd60f67d4fd8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 9, 2

GET
H2 200 ebe34cda8115467cefbce4b5ccf7075e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
45 KB 10ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 12529dba98253a6038fe210eb7ecbea19a3d0afc00ccbe55d206b97b2f59efa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebe34cda8115467cefbce4b5ccf7075e.png
age: 6204949
edge-cache-tag: 380718914452234203638632966853219348314,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 380718914452234203638632966853219348314,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 252
expiration: expiry-date="Mon, 07 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tichyseinblick.de/video/der-beste-trick-der-natur-2/
content-length: 45660
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kjyo7100049-IAD, cache-lga21971-LGA, cache-iad-kjyo7100112-IAD, cache-hhn-etou8220025-HHN
last-modified: Fri, 07 Oct 2022 21:53:28 GMT
server: nginx
x-timer: S1673604285.888960,VS0,VE0
etag: "ce52279bbfc1aff9f44e08efaac9d88a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 20, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5b43531a037cac13e572fe25a53588.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bb55ccd5d6949930e396e3d7f56b6a83a191b050f3f9d5a2b9012a20d8079934

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ff5b43531a037cac13e572fe25a53588.jpg
age: 1177747
edge-cache-tag: 403273544374710709306457206066066899901,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 403273544374710709306457206066066899901,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 371
expiration: expiry-date="Sat, 07 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://telegrafi.com/
content-length: 84438
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000041-IAD, cache-iad-kiad7000068-IAD, cache-bur-kbur8200087-BUR, cache-iad-kjyo7100064-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 07 Dec 2022 13:06:55 GMT
server: nginx
x-timer: S1673604285.888848,VS0,VE0
etag: "e6e469c6542ac1faa1b83d1bbeadec0f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dd8e93d18f4e417f2ee8ae136ca1d53.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: baed14923754089f4780d01a03c5efa808af6d05df7aee101950a8fcef3533f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8dd8e93d18f4e417f2ee8ae136ca1d53.jpg
age: 1627930
edge-cache-tag: 326267978891874195092818918985655870049,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 326267978891874195092818918985655870049,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 259
expiration: expiry-date="Thu, 29 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.viepratique.fr/
content-length: 40214
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kcgs7200025-IAD, cache-bur-kbur8200144-BUR, cache-iad-kjyo7100078-IAD, cache-hhn-etou8220025-HHN
last-modified: Mon, 28 Nov 2022 00:53:08 GMT
server: nginx
x-timer: S1673604285.888843,VS0,VE0
etag: "637149b4f8676b60152bc4ab42ef46f2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 2

GET
H/1.1 200
OK prebid.js Show response
vidstat.taboola.com/prebid/1.1.0/ 126 KB
42 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/prebid/1.1.0/prebid.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v14.9.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bc3dd9bce98eb79be5ff2549d86ac9a0b367955f507da9c09bc10cadcfa0cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:44 GMT
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront), 1.1 varnish
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
Age: 1248520
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Length: 42140
X-Served-By: cache-hhn-etou8220044-HHN
Last-Modified: Tue, 25 Oct 2022 07:28:47 GMT
Server: AmazonS3
X-Timer: S1673604285.888271,VS0,VE0
ETag: "a04a7c519db8f61b90bf41a7377369fb"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZZibovCx361IhY7aBTk0vYsMQTIYga8PSajspbDPBqR9t4cbfhZ-AA==
X-Cache-Hits: 39520

POST
H2 204 bulk Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
283 B 35ms
35ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=14
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220025-HHN
server: nginx
x-timer: S1673604285.912735,VS0,VE17
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd0a201ae99f75aa69e8d09d238de0fd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7dc68dd02e94a30a906bea6195c08db6dbb3d11a874bc3079efe1d02f2bac7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd0a201ae99f75aa69e8d09d238de0fd.png
age: 1173966
edge-cache-tag: 467537909027818736314260670052733828433,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 467537909027818736314260670052733828433,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 62
expiration: expiry-date="Sat, 07 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dl.web.de/
content-length: 14456
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200091-IAD, cache-iad-kjyo7100093-IAD, cache-lga21940-LGA, cache-iad-kjyo7100037-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 07 Dec 2022 17:13:52 GMT
server: nginx
x-timer: S1673604285.919127,VS0,VE0
etag: "38a591b27d234a1469a162674dd1a2db"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 18, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4334f49a9779be4eb38937223665ce8f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e71cbb95000c2f801d05af833ac781b93fdc22d2e52495f7916af50590772f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4334f49a9779be4eb38937223665ce8f.jpg
age: 926750
edge-cache-tag: 622212998138269706642735016391113909912,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 622212998138269706642735016391113909912,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 374
expiration: expiry-date="Sat, 21 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://dl.web.de/
content-length: 69902
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000082-IAD, cache-iad-kiad7000060-IAD, cache-lga21927-LGA, cache-iad-kcgs7200173-IAD, cache-hhn-etou8220025-HHN
last-modified: Wed, 21 Dec 2022 09:33:10 GMT
server: nginx
x-timer: S1673604285.918975,VS0,VE0
etag: "ac36cca1b05cc55c4d682062ed43b30b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 4, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6dcf6699949a0a940bc769c36cbd9e50.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cc35271f4d6929d4d3c58f44bfa3551bf77ad7eb7b9ac2956ffaa2a9b9cad7e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 13 Jan 2023 10:04:44 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6dcf6699949a0a940bc769c36cbd9e50.jpg
age: 1103032
edge-cache-tag: 624931428990978870394343749851764939953,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624931428990978870394343749851764939953,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 343
req-referer: https://lols.pl/
content-length: 57998
x-request-id: 838159f576eb0bc229163786b873d5ec
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200093-IAD, cache-iad-kiad7000151-IAD, cache-sna10730-LGB, cache-iad-kjyo7100087-IAD, cache-hhn-etou8220025-HHN
last-modified: Sat, 03 Dec 2022 13:31:55 GMT
server: nginx
x-timer: S1673604285.919446,VS0,VE0
etag: "0363196b05b2788586acf97bf960fa68"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 4, 2

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
1 KB 7ms
6ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Date: Fri, 13 Jan 2023 10:04:44 GMT
Via: 1.1 varnish
x-amz-request-id: RXPPRCR6WSZ12407
Age: 28745
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: 6HRI7LUqTe5ZMnAAeDpkOqm2g/lgGiuzwqHLIoWfYP0ln7ampDPEtLDVJn9C0zLIy0PK+xJJTPA=
X-Served-By: cache-hhn-etou8220035-HHN
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1673604285.932716,VS0,VE0
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Content-Type: image/png
abp: 42
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 23295

GET
H/1.1 200
OK dv-measurements3398.js Show response
cdn.doubleverify.com/ Frame C15B 558 KB
107 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3398.js
Requested by: Host: ultrasurfing.com
URL: http://ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: de314b6adaf3911dbb0b0fcda036b07fa8a0e72001b30a1f609d98e380b2b970

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 10:04:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2023 12:31:40 GMT
Server: Microsoft-IIS/10.0
ETag: "05e96a7b825d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109180

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592D 0
20 B 139ms
138ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3712257991793&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592D 0
20 B 141ms
140ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3712257991793&version=m202209210101&ct=76&x=1&cor=12078184435898747000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 592D 86 KB
35 KB 97ms
94ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2G-fV8SoIwEnrWmGGjvJcukr83xE4HusJq7gWp-6FG0Ho190Rw7A5jGNuMgxBOdixc4XLvrVYW1UlrFHNw-OLjo63W4x4zQenS3iXz0xQ0ILHGXHWUanL8lHT5PxL9YWOmktVeRxYPdsaL1kReL9lSTzYT4WDoCRtw6cK1vzC8Bw2TGo&dbm_d=AKAmf-DCU_LTLiR8kkKXHAZD7r6lZl98t4qU6j-AUVt8nFsvQyHWIWks8mwwPl6r0aToIqmnUHxYTN95F2XQ4rFwCOKFo50MGcneMWkTGYWnMS1OWMIGXoh3JjAuSyLme6yxOn7mT3jStnRxyowzMdZ-SBi7pBk1GBpUj-WIhT-PuGd4ikV1ihvARFVrB5aa9Yj-PU6iBGbCttJLutMUTZlWjBM5V1eu4p-_8idhD4LPL6Nc_9XXxomwfKPx4bQ3ussHv5Zxo2Yix6eOMAJqok9N0CrhzpjOUhYINoLuzRdrcXVt_tHdGPUTp5XY01BhOnahfbUGhXJwNIVrYIgbpfb0cv_g7lA7rFQnbz8GBpJuktwft1XL5KjCG0DgVWOiMJzqcxdjKyLKm1sSBSvu34h_aWBIu-7Py7uiy_10-g1miXjz30YjcLyiPpFsoQTXnWYj2oLeL7TVPYBEO0zkilIlVnMHmG9JXMSZ6XwG8KyfXlTOx6WH9Irn55GihjOkeRNo-_ujCcmCtZEEaeRpVx0xNAWT55KuAukLDm9Pl3R9mgybOZacdRnUQGe95ciy6oXAayelHD-Ji4x_h1YsogxitUiC7AIpgmeoBAsEE9QYdstIReYRJmZnfmqcD5TAqWr9RD57OIDfLRM-IRqS84_yIB2rctIJF4YNqk_U6wI1Ub2hYP03vUV470vdlHobM91qxwrPdrfwG5obhTv-_9Qajo-5_9CQu9PvijssB4yMQQlF21u4OiQkic8_MbveuEUIysVi686gzRcwhShb8Vtk46ARNrVAo6DNxBcwWxPtujYB0KdyM6P5dF3fDc2oSpUNm0FxHlTXSDsF5GIrbZ_M36aR7tXXqko-mwxG4qoh2i3WtMEiCk5I6YJIZGCJje1EPEuY00Bdax8C_3W9S_Ckpt9N5NTTfK6q9bpE_gdjEnX6JzH-xqpJiya8HMre3oMsi36-rs3lfb_A0MK5FaNGKRJqOaFwtCqhke4yUwzIWUBtUxF3JtuROrr-H36ocRRYaAg8zN_lIM1J3e-gy-0xRMq71DceGkUlcf3fV_2RBkvBzQ_cFm0TQJSigQwvtE-NPUw07WnItXB85bM2sy2wvWKlBF97-agc6HcFZ4x4Qa-7xW80j-kncr56DRDiCpbXRqKeCCf3l6NvNVET_Toiu2Wz_98qlEhmwSsfLVZymEqxb1uND_X5J8UFTBlAJEbxj1aUPkwPz14vizySPXSgOXHS3DTtf15qzShOeC-7Dew9kVGqSAR5audGj22UTsYZSECbqtgApE0CEjg3vIhp0DbAptRHnFj9BluI7AcbsoisdMS-hLAQKMd9OpHpbfGGqF-y-cFm8qM7tRWI2wXy9__sBuTyUVXN3EP6o9HWb-u-BUfmzayPhdlm2AMy3yw5IHuCcC86xkStKTs9TmogD-gjphyY5aekaIBFxzrncfwkVTEQRJc1p8Ou7hqhoDNZwPBmE9z4cPxkQXqGRnIWJYXpXqYNW0TBFpFe9VY9Y-s6sDWDtZtJ3tlCs05suwl1e5dk6hPfH5obUoh1pCTWO4NymhYfj2C-fp0wK4Fl11vw4lTS0-JRaEvqeyM8Zfl63wTaaUINkG6GqL7oOa4MHd4Lsm5hdRes3vEeiy6qA7SXjsJ4CC_xwPXgCDG4X0_uhuW5zbX97QailBtpBXbxvF33KhgZ0jPsKUtYIEiHyy_6qRTb_Re6q05xZRXdVJNPorfs58DL3gK3oOy2nJJQ4jf_9LO4DbfzFN2j38c6c4vAa_qmvIi0M-Csliu8crgkFa2rK0cc8RlS2Ja0jOZFkf2QKye5u18cgavyR8sLY0MIB6HFcik_THrGA5Sg9MJdoBv7K5ngPNEqECkbqyvaHmvMFSrs7MWVsqZxmk1I6yYaRiq_gNYzDFZ865m_7rqmhbYrpIM5aUhvEXXy9Uu1bMzlZAsL5NgIgz_bFPckgtjxt3W9PtbM7re6kzGDEUvWnSM6aYeez3LQpA4up84VgyMV2NvgbfEdu52bTARCjorBWgPvRbkvO-yL7JE5JqBy9GffiEiC0Cf2gtqtX1n8o9nj0bDDFn_8uY_zgLTK-74QrqOmMmcBt8dn0c3ihz688CPpWYn6Q-6ZPY0MU8K3odGxk7r4t27aRqp9R0scmuDEctaMQxoCs5yK6HwrZo9OFeDtGVqH9q1qiklhMeMnjFKeT2VHxCdRuCSkGAdpZCxywT5iD2p5uqX1mlnMRdhLK7m8i-jea3v8QjQNnpmdqQgTuunKzh5aFQYo_eOYtGyLKQ2zeP9BKb8dDQL6mcogYUKfx_anvkideSB3kFAP0QIgZxj4HNEizoXLFxWm0q5rJODpVJYm3yYBn8LXZXykbvi49Xl_OlPoUN66_2zTwGHil8Ii2RauiMkBtAPDvDFxm1oGvvuNi59kQGzdmvfMIZ9rmL1rIneAnFO2X65bGcaLMFIyuGWSwQYCDxlhy7u-u9JbYzl6WeHFGP2lQqI8XDB_Fig5Wy9LpzeTQd9GSAMkV0V2DvqAMGxgu0y7Iwu0lTcDF-exBjabSFl-Le-C3BXRm76UKKePv-vL4HyWJV1DAgByaGXtuvk8_pRyvFdaTCDzTerfFi80P_K55qOqGMpzHI2gpIIHRCd4HJTggObvh5PhDhhhH33pgx2NPGylLkf4jLESFr4aFCUSKH2cVH4nNTHKbRs2exP0ru0A-JFxb-r-UeZhCwRKlj5h4T8s8nLF6G1wpj0ne_ZJ6fwrNphj0GcIgp-4Cqt5qd-tSH80M8qbKrJiFKGEnT9r-5983elFoy95ZdUhm36AOYEggruPVqNn3m4MCRSYty43p45eWbMxRVnzBBuUZkYG6ttPtyCJKnCGFmfizvw8v7oE_a08C1NjI2PcrzV0sSf_gO7L-Z23ItiCK7h0HsWSHBlnQbd0ceG21wXBBVo8VyA9O6q6LispbUBkIkTKHMd3Vf0ClToRp17t5MLrvoHOfLlzL1Fg5lOg4KU7qQQk3WSCkzLIbwCaG25UNAvmmqQURLlPqEw8n8c3E31kSaSJ9WMc_iiMkTguRnZHaqkEh1sgOwhd4AbNTcx4VYFTHJF5I11g9bGVBDC9Yknq-PQn-QW4I6X2b9i1hmC_Z_oViA5mAIbv_NhyoucR4KjPyT4Flw5hfG5hjps4BKaxC5YPPeX1LRr-2c4LYV1rLbWpkzBBySgkc2mGIiqCZG5r4JHQv8Cbjzadw8vj9a7goczn_MSPZYw_XqFvjQOA_JpM1qptUMeUCxoX&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&dv3_ver=m202209210101&rfl=http%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=1&iif=1&cor=12078184435898747000&adk=3944675600&idt=136&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9723e2c421a7bdb0ec3676aa44550477c42275a45a7b6538b4794377fa33d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35900
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 146ms
29ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v14.9.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:44 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 avjp Show response
taboola-d.openx.net/v/1.0/ 106 B
381 B 115ms
43ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fultrasurfing.com&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1673604285035&gdpr_consent=&gdpr=1&us_privacy=1---&schain=1.0%2C1!taboola.com%2C1110515%2C1%2C-50485613%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A700%2C%22h%22%3A393%2C%22skippable%22%3Atrue%2C%22protocol%22%3A6%2C%22mimes%22%3A%5B%22video%2Fmp4%22%5D%7D%7D%5D%7D&auid=543963954&vwd=700&vht=393&vos=101
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v14.9.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://ultrasurfing.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D0FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKrHstwBMAE&v=APEucNVNZ3BIxvElKgBk5mSz94umDgl70NXv_r_6A3QjicPo_rKcHXw_FP8f8sxTEYdjId8UigWoQP-RZyW_F6SgFn0fhuGFwdnz5ZVRGrIy-HNKTxUdYsCdtpHt6ilcocbDtbx37XU-IFbR70JKCubORkb8P7nygaCByHxhDA3hwQ_rUe-MRadjafoFAmzddleyE3j8QCJU_EN0gqH7wU09RopM79brRQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D0FE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8EsvW39OM.WPrIXM-V5LAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKrHstwBMAE&v=APEucNVNZ3BIxvElKgBk5mSz94umDgl70NXv_r_6A3QjicPo_rKcHXw_FP8f8sxTEYdjId8UigWoQP-RZyW_F6SgFn0fhuGFwdnz5ZVRGrIy-HNKTxUdYsCdtpHt6ilcocbDtbx37XU-IFbR70JKCubORkb8P7nygaCByHxhDA3hwQ_rUe-MRadjafoFAmzddleyE3j8QCJU_EN0gqH7wU09RopM79brRQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D0FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

43 B
1 KB

9ms
7ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGKrHstwBMAE&v=APEucNVNZ3BIxvElKgBk5mSz94umDgl70NXv_r_6A3QjicPo_rKcHXw_FP8f8sxTEYdjId8UigWoQP-RZyW_F6SgFn0fhuGFwdnz5ZVRGrIy-HNKTxUdYsCdtpHt6ilcocbDtbx37XU-IFbR70JKCubORkb8P7nygaCByHxhDA3hwQ_rUe-MRadjafoFAmzddleyE3j8QCJU_EN0gqH7wU09RopM79brRQ

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
AN-X-Request-Uuid: 6376de39-d002-417d-96e0-a3e362b8d1ee
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D0FE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 13 Jan 2023 10:04:45 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ae635177-2e3b-4a61-8cfd-3a732dbec6f5
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYk5feswEwAQ&v=APEucNXqLjNdsJyFPQqw692ggWtUEM1Zo3GocqyXIhLXmPvyrTcGLfue5oJVdPC47bpu64IgcLoQA7-ugfDx3tzY4mAh8UToOGixWaPu7bLexFRvZX8qT8l5CE4O2BvASDKtuBp4t0b49NjEgKHIZP5d5cQaNdC2hRiDqenZBUy_jVTZki0rZRnkhl4eLBHL9Fyl-rHqB2310TJJhKzpVLUagi1YZM6Cxg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A1F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8EsvW39OM.WPrIXM-V5LAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYk5feswEwAQ&v=APEucNXqLjNdsJyFPQqw692ggWtUEM1Zo3GocqyXIhLXmPvyrTcGLfue5oJVdPC47bpu64IgcLoQA7-ugfDx3tzY4mAh8UToOGixWaPu7bLexFRvZX8qT8l5CE4O2BvASDKtuBp4t0b49NjEgKHIZP5d5cQaNdC2hRiDqenZBUy_jVTZki0rZRnkhl4eLBHL9Fyl-rHqB2310TJJhKzpVLUagi1YZM6Cxg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1A1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

43 B
1 KB

21ms
11ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDDhCYYk5feswEwAQ&v=APEucNXqLjNdsJyFPQqw692ggWtUEM1Zo3GocqyXIhLXmPvyrTcGLfue5oJVdPC47bpu64IgcLoQA7-ugfDx3tzY4mAh8UToOGixWaPu7bLexFRvZX8qT8l5CE4O2BvASDKtuBp4t0b49NjEgKHIZP5d5cQaNdC2hRiDqenZBUy_jVTZki0rZRnkhl4eLBHL9Fyl-rHqB2310TJJhKzpVLUagi1YZM6Cxg

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
AN-X-Request-Uuid: 85a3172c-52eb-431a-b066-65456f9c770c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A1F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 13 Jan 2023 10:04:45 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b0af3250-7949-4b74-8127-afe9524de174
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A2AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ3HstwBMAE&v=APEucNUJoU8VLH4yyNSedp5o-wPSqs_2tabQer8qJdBUvh7miE08h_IJufEdHN_5R1fKr65H6uTVOq_4WAAXxnaujpMiMUiPJEl_kwPLcV7e1xlj5l5at7SFj9e5_jCI8JE0kAjPxS-5bK4bJIlBFxwFf0551lVYEVDHOkEpjQpGA1Z8mBqkASeMRvAfho2w_9QKjj6HTTfX6qN3NEgZk46fhY3gXDprdQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A2AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8EsvW39OM.WPrIXM-V5LAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ3HstwBMAE&v=APEucNUJoU8VLH4yyNSedp5o-wPSqs_2tabQer8qJdBUvh7miE08h_IJufEdHN_5R1fKr65H6uTVOq_4WAAXxnaujpMiMUiPJEl_kwPLcV7e1xlj5l5at7SFj9e5_jCI8JE0kAjPxS-5bK4bJIlBFxwFf0551lVYEVDHOkEpjQpGA1Z8mBqkASeMRvAfho2w_9QKjj6HTTfX6qN3NEgZk46fhY3gXDprdQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECMKTCPf3oOlxm7XK48KWHs&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A2AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

43 B
1 KB

20ms
7ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ3HstwBMAE&v=APEucNUJoU8VLH4yyNSedp5o-wPSqs_2tabQer8qJdBUvh7miE08h_IJufEdHN_5R1fKr65H6uTVOq_4WAAXxnaujpMiMUiPJEl_kwPLcV7e1xlj5l5at7SFj9e5_jCI8JE0kAjPxS-5bK4bJIlBFxwFf0551lVYEVDHOkEpjQpGA1Z8mBqkASeMRvAfho2w_9QKjj6HTTfX6qN3NEgZk46fhY3gXDprdQ

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:45 GMT
AN-X-Request-Uuid: fd7db0ec-e751-4a21-8b74-4d5289fc7353
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMFKulv34TfmkE3h_AUCmog&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2AD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 13 Jan 2023 10:04:45 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: baf0af3d-0ba2-4584-8c56-ee1dfad0aeb8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwNzE0OTE0NDI4NjY2MzE0NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C79 0
20 B 139ms
139ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8456619629459&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C79 0
20 B 139ms
139ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8456619629459&version=m202209210101&ct=76&x=1&cor=8740959834475601000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C79 81 KB
34 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJdazHEq2stEZGXWo3u4LRfa1T6SjD65AKSFovgRaM1ShsG_0SSep_uOrEyPsfycAfBhGUbzMGNDXF2dbSyGD2uTuluw&cry=1&dbm_d=AKAmf-B2A61c6YvEDkkuIGqoU8rqOBA4t0MC5wnqKlGJkgJh7INk21lQLc9H6iKZlqfWdO8aQxq9nUcFxeRSZVGmSDQOtyjYKPBRpOoHCVsVxKhHLfuJbMv_Z_D2z0TQ7V3zUKXMm6g3weXr77L6VfpKCd2dVvY832vK6oBAef4629vw04kZc7UzSAKCi7f-NdCa4dAPzfZqiE2EuMK1Asf71iC4OgCBCfcIHZTsL4zAvJ4qxozhcaPdNCp8TAkPVe17sspV0mYdq1Z08k_oGvExWUcrGO2zS_iBRDNdPtqqliAExw5K3OQgRgF3ULezoOLi2rCGOWP78otZcyCf4Lv3ZWQGDs3lawxk7btacthR9SIHLnE6qO3tJCKONnLuVS_MZ7v7dvxHOVDEHv05FeQjdZXwFM9h2kSWaC1Tw9b-yz6yWOdYuQ5saJAfdyUgygsJwQ3Tx1gfhvXn-Zi8a0CPIDVscJPAxyprA1ElqnX5j0isC6mAA_KR0wRe0tOL048CL6kf0FaEcNKF2DAnI0gn2P5DQwwJXk5hAiDnK3adM1hdHM9ECHD30vFJJYtd2lZVZZnEA9ICCnSrHqULwpm1uy5nhtjY9kaTPaIHtW0orf6_wi4mlgmrJYJa2OHB3f_4yJV8puLrav4c_IdEjQW8N_UqXjizikMwI5iNMc-OpljwCUtf7ye40esM4QtoRIfO7cEIdwjniA2VwaYb6RuMfgig1o2Zf171b95aZze9QgHEpu3gfFswVPi0r6O7hkBlWYuX6V9Eebs7fO82UQtMXBLtHhWngUJI6yiI4FoGjcNZr1Jb04-YEFr-Nf2lYH24jX1lcwdf9aHxYDVC-Kxap9bJWWqxTltEkD5GLhfqwlsgKJ5f5L9INCmRDS7lfVZJ5R8PzUVgJ1qmIufMYDD_0_S15Bv2qe7tHMmiqWhIH6gp8eTchpf7gtyeaTxvmlJ-5c5f7wZdkpW59qmyE2qYGit3phOlY2uk4MIQPoiQYfluUrIIIA3nuykz236RJKYhZe2Jg7L4tdi_EWHEtEVoHZEOF_UdSHMg8MrKwZ6kkd0X19kMx5h26eBf9-lEhyBLq_oLOsANBdGEjqIQSBYz8W9AdVuAJZOJzA2efOVCHabswA5ltxUJVPkQc1vJlYqVLPQGwxEF1b0iYpo8hYjhGwEjUxtfvK9ihBVLM5VNI_kiJ1KNbLXXgpOlgJ1ukxtIrIzYhfeYZINBlhp4GlR0nOsL-8aoxNiKUXWoSZdb8Smm2FbzZWjwM8U5xToTOPy4DIUZEnJ2PfbgxaHRcdfnu0UDWc9VrQHAEXMAF8eAnP1VDjC2pc6F8wncf7odh3XoRiwL47xYkfHXOX8hrpXSe4M-gIchY0fsVFZ-6oYmetpAh_pYYuuPWnt1De2YB3nLHWnZI-P-UIG9WonWL_Hz38tGqai5vb53hIoeSl9FFD_kv-MSi-WQC3dQXN_X3IEAN6Uya9qG-Q0RQycpNtJ3rpiFjYn-2cLTu6LI2_PI4JdHMOmBWQEEJb5SE2O830zAA4_FgHfTdY3UjmBboaHLgl1xaMLG_5ZsiHbekEudCXWs53FIlwG_fABRxUeyJZWCYMcJaGOgmXA9KsjgndGyuwPGNRtxhvM7YnJrVEVcTY4u-ok0n1AGxn_UQTEtSC1pYU5VgOf0BThk2obJUApvdN2_HM4onw1TwkGEAr7McBIBXwVQWUkay1QBGyi-GPUO_lUr97OX5EPzlCv10JJ5jzjL0nykInHwpN_IvexOIC17yjJeAsrujnE6q2KBCuwt7gaI5dJ1viOhMMr_-kv_6kMPSIU3qEJQKGOjYVx2PMXBVCbhVbyEX1aUfrgdr7BEYPaS1pSM1zv-HCmQn11JQV0QMQEGOEOaBLpilrngtO-AMHfWTZuUXWMN-oM_Yel7RV_BX7xesDlEI-qeRD4ustyTqYhwm3Fk-rTK4k8ayIlZQenqWj1A3-Y03yVyfE10pBekpzXUcTpoiCZFOUxdGpFusK11CZmTo90vrFoNJXt2n3PSTOgTG3ff9v6m3hxRrvRo-VQhpU8i8z3lXS-Lq4pqsSibGj4pBepml-a9psqAwofdNI84JJl0f3w-ivjEA9dGV8D5j3WNvHxk2nHu7lqDCeIAAGJ-DgUjrAdJKp7RM0Cob9ZxPv4tLjwlazGRYk8cke2Q9A66UjIznURrLwQYMTx-s0qokQrOynZHN3D_s4gnrW4zfRt93EXh9HMEPKdCFwucNNKtfuypFl_GaUk_Ay5SmY6pSD2UrkSmzHT-Iq82oAj3U2edvzznQcSjRGayQqJ8OvVs-sqQaNFSyxN1F_1wFFJbXeRYfT6S4FQ9mJuXw3DYX5YWxN2QPh6W1WM1LHfPLhlXdWG8fXtAWNo4pyZniBfk5cDUagItL_XsyVaJu2FiZBYs_9j93i9V8J16LY60NaQRdsXuCRORNjEH4SV6nSAnZqxIolwHUrYOK-Lq-vx5E_pzLg8KYjs6xXZHQRGiaLMlsxP4ZLEaHJdFhRh7IoJT-ERriLxV7V2kgpjnYTLvWT8PUTQNX0FfISCeSybFD3YuUvCiuxGpXVHxHbyhh1J8HabovohkSZkWSwSOaBwZPVovmuUOQUbWk-R5dNpWHCa5_fxJI5LhGMBTRk8D0Ts725sdTJzEOL36Qt1O5ZVd0MhiJv7Mhgtog7dxMpNmfTDFnjq804xWkwZJig8WtezkP3O5AcQMd4y12z5LL16O0dgXZWl94pJ6Dr47VA9G0HOZPRen2_aO88FbjEEKSb161KoCLhRdG8eDKVp_KJPDroNYUFvqJbWxR4AXGdnqVCDHbNsdGYa08mu2lmv5BSAMJpFirtkdzVzjRnNtFma-1WGJthggNhlI0YqKnu0btQ3klhbMuTUrnksb4W_Te8BP9bbdOBGVx0CeLd-wYwDCMhgPKEDjr4YQxfKavsszdDsCAQs8VadCuyNU8hNTh1pSYlEmQ6BAa8M_4XwUXL7LCcGCp1KAvziAAz0ep6UT3CDFbkJehTsXEXh2IsaHUGVvi7Tm5LSb2YJFCMINGbNzRlXKTUYXuJsHVygR3PUauDx3D-NUluAbafqWj-7sYI42oJQ6Ob3BYOvdx_HItAwgfRcc_vnDHaExF7ZglxxLUNUycSHt_7eqlEc6qKe6VTB6SnMXY2rb19TP7RohtU2Pd3VXlKJLEJc_xzcUV7EwN5oILyvtnHd6cIqvhRpXvrBfpj6afa-J4YD-cioiQLK2LSXDtvwEttLq5IHKtBq3qEpGCETooE76ik2zgNq6MoiZkklw9fieFWDnateujSugoavuTb74U1TKXXzPqynV4uEy23XCdMQIzsQBXeu2SA&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&dv3_ver=m202209210101&rfl=http%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=1&iif=1&cor=8740959834475601000&adk=943508955&idt=199&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adab914d0e24225ab3a62d129f19a6f98ee5975f50cb99c0570848fef923034b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34865
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 600D 0
20 B 139ms
139ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3420153940842&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 600D 0
20 B 139ms
138ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3420153940842&version=m202209210101&ct=76&x=1&cor=4209687574788538000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 600D 86 KB
35 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyjf5G2cWUPDGtS7y0puQtOpfjW4SJIHr3Kslojpfaql6mn6P5dWeDI0zhhLX-TPa8USGtEgby-MYG_8zCqERgzFkXuGhoBHEebeavXs05Op-U0N5P8bYeyJ6frjkeuT_lF5IxfQzoAiINbKzJYeVK_jpOyGE5I6YJuDaNUF9r4uij3WQ&dbm_d=AKAmf-AiRjDFZTQvUkaUPwlsllz2LSffSsFZxhhihG8dKXYHClZ4nl97mvyA2aq6QY4aCqJLyJluD-SwEgVTPWU-2Lg5acbwnDQOZTMWjkK2zDn6TRvw-d6AaNIGwk0UB0qqIcnl2roZGPfYHRv18zuVtBhDyEU20SMK5zt_s7fR4PWWYGzZdBGP2qVI_DzmwERy3blrAae2pNmJ3_dEswFpEKbQ9Fxx82DFa4NB4dKaNRF82WA1opMHi4xNe2oiuPgQ-kBULw81xr2GB7yY2XgbMqHM_285rvPzJwJTxry407xu-zrmgBO0zywg9r_oRimIPkLP1wk_SobJRz3Dd8A5Hbtv4g_I1ZAYpd0OlY1Oa_8SL_B2HGJQxDKaGLRKdpd8HByQyPXKLryBxXuGtGB0qP8qKr3xKjt2BYGZ5yOL7ehq817l-PmiflMDiKeWl-5X9qfEG7I8mTL5GsnbLPvTbum9C47btgb_tsIFI1KxwFZ-GWmgb6R3aKwZwvPdxxPmKfCJZEulOFT0W8N7eI8C61n49CKkErPytHVgyWOokyAq_drYe7-q9yZ9YRe_vYiN1Q48JN91VK9F85T7fsM8DJoS163nfrIsw_WftFoLPNG9U_7McoUcBQW96BaAqTr6UY8EuhyQ3_suBPDeLixqfHGge9oCcoKq8A_6il9Jfw5wBVsnRya9Yrpnch9dRmtRovdnrHLjZfjnDdK5EREosp5OWttENAj_qFe5kwt1PdesqG_oKmiyx4jwdLNnx03TgYpZu3wIvE0sLrdNFfuELP6jsjIZyGqfp89q4ntjw3z8E2Wic7A9UXYj8d9b5IZ6DUGds-38igig1xOB1W9cGaH7FWK__7yHZcGdaM1toIZb6aqe-XXMI1Xf4Z10eU48DSmj7pX3liGQSXCAjcxSLUFP-CY6VN8wBLjUDYgqAE_12bVw83rgdn_Bhow5Y016KzEgiqCeCBcz9X626j2nYpPn4yYKtO6eK4WRtTvbpA0AjbDIdlFz6WQVwTpU5L7880vX0SBrwPichJXcoBprAl7v3bK2GwIYCDae16zPnRkjJPhc1qDOlFUJ_G_CDLKhJ-BpwCc6VZqvxrLT-a13DvuFzuEaRtqxbyhyd4hZpRLirALvslU-T--ayNsPZjnD1vfOnZnos70rjqTF8_YV_NuYTg11ZpEohomzy3b98_J6N8xwTRFc8R44zZ5qh9oGwzBkqjLRH398ePBm1L_trAkaUxrAt7luSHkArfyWJh7424eJ3mih3bBLkEYXnqKB_RJ8WohHiqCK7f0KKLJlWNYuxGsjFZr46yf3ZW3V84A38sWTRAmXQbdvnsWBjHgLokp0v4VvY3uLUBJ8gAH7mhHKjlkozM76y9N0RKmvYEieTku0zxLUblaOI4RJA7iZ7dOF3tnybnFW48s8ZD_Ks8hShLWl4WMnWzm2abuPLZWO_BsMbhg-3Fr01HvZH8X-vutTVZd5Of5p-wHYmKdaJ7Cf4Q_w-OcQo_bl75Tozf3jMdfJZY9KSjjG1DxQCXihAa3eHbJl5Zx-h6xHsiGW0QhxmnRVQ1VVJLN51RQjvLN5xQaNw_woZYXQv9jbbK6_vJ02T-3f706nLMEzP2KKWdy0Kp4o_wjcxQjY61zEg6FJ2_k0GimEPD_9lxG3Omew8e5A-thntyPHvg3U0HhqLjwmNZku20_iBdnAE0pXaUVg9K3u8EIM0kq14hqJdelyEq198_V5WLKKSRExIKLfDWB2HVBE1UkLwp9jclG1nUAeivqT8FmtnagGimmcJxsVIqVaJRtaLtoJYx6cc7fgGHDCYO45ssKyaJm8NgBFpkUrYb91zi-b7P-P3NiJiHEbQHhcqNG06ewmeHfbTs8VvrwIcs0cflD6KToxYDo2dmP754_huFUF04NSBj-RDnPnPlq34xBNVZF1km4D9SKHZHAq8Yb7qItlEuF5lq82CylqFvIJ5mHT0GuMYpF2uIN4gu-K03VGgJbQ2jJOh9q_G2UYXyPAJWGVIsEz7AWT279-U70CT87tGd0rVMlu7xPwl-wxRxSCLQWIQlcxh6ojRuPDuUlLHK9tfMhrBWnGaTL0hSz7nS7W6pK0lx_ObNLtgO7aSw92NregOq8a6RRk6kYCwiQRrz1yAQOxzo34Y53B2yicWFcCeXPXyVlJD277MHID8oecCI6FhTx1LcOY8T7vDUXRwMlPoVacLYxsHMOq4_6dx8SV3RfPnvCZf6oPseALZ0fq7CB3swZ6fvwpA7umaVtv65aXVVAEschvzFf5HE-7tIbFzzF3rAOJ__OpWQVOHqVxHFAnGVPcC9UsafC8VI9rHI93lQns5rZyaDbVyXBthh_wHalAyyAGKeTopnLvvjQyPlJnMcRwfybCDQmJKv2igJvdWkfe9gXMAym0P7EiY92u_dcrLJbXUzzwWInDTqWiNb_YVP83u8c2J-wKx3hXL7Uq5PhBfnAvXpwInPnppXJIQsOfbj7qm1_FuSET2M7Fnx08BCCZW_qUh9Nb7gm93emW5Sq0OohWsgUfVipqBVa8U9STapn9_7q6X_4MYvRAUlK1izRNA78tITnrn4cH4kGIJxsHE7ZDsExX9yZJDyFhrefEYPT2TwvdUvqYJBa-q6fHFMwhOB6x1Qmdq-nN6QHoZVxfPKGIoNqWJqFIrSOTMGKD4fiawq8kkV8zSGKB9WeJS_QnCFVyKfb_OWRv9YWeQQd_0HglO_0WQ1BqJiAG5Vk_en_CKzpWkoE9nBeJFlNUJpOXMF6UrCEtN77HJ3l36KzcZvyYXBFB9G3E8ax_KGaCyKKMx7c97IL3PQQgH-8la_X_LNB4DyLtO8QbLHWKhwR6ojuskhIMcainJdFUjX9JCtUz3yOWKZe8Zbb3FHu2rUFqAm9XvHKi85RjQyzgcR8XYg_hZKYR5sLD2-RPgZiYYsCW2okHsmAiCir7Za5QCeAvnbOP7axYc1YamP7NuGef4eaWM57fohihtKlkcwGOYDLV1p47b15jlmPuaqKFbk_8Ky4q0cmNqPb00LIOE576YP3RKvIh8pM3jQ_boZ5jAK0Y-ILglZCHX3ez3zRWYh8Nw2oyXFT-2VeDxfi6RDXN3d0ThHv8cuWfOeeE1j1XtKcmQ5k1xwUBvGku0kU4Hj_n1_sdksScNhZ6WhI24udluFvh7EIrJb8GX0ecp1mY-m6zwN5qn5RpU98HnETy5UH6Y9k6uL-lExEBzkA6Br1VBQo8NOBz9PD4Bb4GKoOfO8PnjMbazp6spV--&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&dv3_ver=m202209210101&rfl=http%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=1&iif=1&cor=4209687574788538000&adk=3690638929&idt=202&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c648469fa3b96b929523f5e66122513c5103c85b2b1759eef6a6db3f9fc406b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35904
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C15B 1008 B
858 B 173ms
17ms Script
text/javascript 213.254.244.23
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?flvr=0&ttmms=155&ttfrms=32&brid=3&brver=109.0.5414.74&bridua=3&bds=1&tstype=1&eparams=DC4FC%3Dl9EEATbpTauTauF%3DEC2DFC7%3A%3F8%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=5157&ddur=55&uid=1673604285124171&jsCallback=dvCallback_1673604285124141&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3398&tgjsver=3398&lvvn=28&m1=13&refD=0&referrer=http%3A%2F%2Fultrasurfing.com%2F&fwc=8&fcl=893&flt=9&fec=1378&fcifrms=13&brh=2&sdf=2&dvp_epl=53&noc=4&nav_pltfrm=Win32&ctx=20309721&cmp=28592042&sid=8137502&plc=346555983&btreg=tbl_1673604283920-0&adsrv=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_126}&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=37853149807.342674&dvp_tukv=708463214.8577667&dvp_uuid=96933468.71678497&dvp_tuid=294767062814&jurtd=2324705508
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3398.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: d0b4f54a6680c6e605a9f513a1422e26b86f05b4df86aced7e375931c09defa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:42 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 01/12/2023 10:04:45

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 592D 170 KB
59 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Origin: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Jan 2023 12:08:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 592D 8 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2G-fV8SoIwEnrWmGGjvJcukr83xE4HusJq7gWp-6FG0Ho190Rw7A5jGNuMgxBOdixc4XLvrVYW1UlrFHNw-OLjo63W4x4zQenS3iXz0xQ0ILHGXHWUanL8lHT5PxL9YWOmktVeRxYPdsaL1kReL9lSTzYT4WDoCRtw6cK1vzC8Bw2TGo&dbm_d=AKAmf-DCU_LTLiR8kkKXHAZD7r6lZl98t4qU6j-AUVt8nFsvQyHWIWks8mwwPl6r0aToIqmnUHxYTN95F2XQ4rFwCOKFo50MGcneMWkTGYWnMS1OWMIGXoh3JjAuSyLme6yxOn7mT3jStnRxyowzMdZ-SBi7pBk1GBpUj-WIhT-PuGd4ikV1ihvARFVrB5aa9Yj-PU6iBGbCttJLutMUTZlWjBM5V1eu4p-_8idhD4LPL6Nc_9XXxomwfKPx4bQ3ussHv5Zxo2Yix6eOMAJqok9N0CrhzpjOUhYINoLuzRdrcXVt_tHdGPUTp5XY01BhOnahfbUGhXJwNIVrYIgbpfb0cv_g7lA7rFQnbz8GBpJuktwft1XL5KjCG0DgVWOiMJzqcxdjKyLKm1sSBSvu34h_aWBIu-7Py7uiy_10-g1miXjz30YjcLyiPpFsoQTXnWYj2oLeL7TVPYBEO0zkilIlVnMHmG9JXMSZ6XwG8KyfXlTOx6WH9Irn55GihjOkeRNo-_ujCcmCtZEEaeRpVx0xNAWT55KuAukLDm9Pl3R9mgybOZacdRnUQGe95ciy6oXAayelHD-Ji4x_h1YsogxitUiC7AIpgmeoBAsEE9QYdstIReYRJmZnfmqcD5TAqWr9RD57OIDfLRM-IRqS84_yIB2rctIJF4YNqk_U6wI1Ub2hYP03vUV470vdlHobM91qxwrPdrfwG5obhTv-_9Qajo-5_9CQu9PvijssB4yMQQlF21u4OiQkic8_MbveuEUIysVi686gzRcwhShb8Vtk46ARNrVAo6DNxBcwWxPtujYB0KdyM6P5dF3fDc2oSpUNm0FxHlTXSDsF5GIrbZ_M36aR7tXXqko-mwxG4qoh2i3WtMEiCk5I6YJIZGCJje1EPEuY00Bdax8C_3W9S_Ckpt9N5NTTfK6q9bpE_gdjEnX6JzH-xqpJiya8HMre3oMsi36-rs3lfb_A0MK5FaNGKRJqOaFwtCqhke4yUwzIWUBtUxF3JtuROrr-H36ocRRYaAg8zN_lIM1J3e-gy-0xRMq71DceGkUlcf3fV_2RBkvBzQ_cFm0TQJSigQwvtE-NPUw07WnItXB85bM2sy2wvWKlBF97-agc6HcFZ4x4Qa-7xW80j-kncr56DRDiCpbXRqKeCCf3l6NvNVET_Toiu2Wz_98qlEhmwSsfLVZymEqxb1uND_X5J8UFTBlAJEbxj1aUPkwPz14vizySPXSgOXHS3DTtf15qzShOeC-7Dew9kVGqSAR5audGj22UTsYZSECbqtgApE0CEjg3vIhp0DbAptRHnFj9BluI7AcbsoisdMS-hLAQKMd9OpHpbfGGqF-y-cFm8qM7tRWI2wXy9__sBuTyUVXN3EP6o9HWb-u-BUfmzayPhdlm2AMy3yw5IHuCcC86xkStKTs9TmogD-gjphyY5aekaIBFxzrncfwkVTEQRJc1p8Ou7hqhoDNZwPBmE9z4cPxkQXqGRnIWJYXpXqYNW0TBFpFe9VY9Y-s6sDWDtZtJ3tlCs05suwl1e5dk6hPfH5obUoh1pCTWO4NymhYfj2C-fp0wK4Fl11vw4lTS0-JRaEvqeyM8Zfl63wTaaUINkG6GqL7oOa4MHd4Lsm5hdRes3vEeiy6qA7SXjsJ4CC_xwPXgCDG4X0_uhuW5zbX97QailBtpBXbxvF33KhgZ0jPsKUtYIEiHyy_6qRTb_Re6q05xZRXdVJNPorfs58DL3gK3oOy2nJJQ4jf_9LO4DbfzFN2j38c6c4vAa_qmvIi0M-Csliu8crgkFa2rK0cc8RlS2Ja0jOZFkf2QKye5u18cgavyR8sLY0MIB6HFcik_THrGA5Sg9MJdoBv7K5ngPNEqECkbqyvaHmvMFSrs7MWVsqZxmk1I6yYaRiq_gNYzDFZ865m_7rqmhbYrpIM5aUhvEXXy9Uu1bMzlZAsL5NgIgz_bFPckgtjxt3W9PtbM7re6kzGDEUvWnSM6aYeez3LQpA4up84VgyMV2NvgbfEdu52bTARCjorBWgPvRbkvO-yL7JE5JqBy9GffiEiC0Cf2gtqtX1n8o9nj0bDDFn_8uY_zgLTK-74QrqOmMmcBt8dn0c3ihz688CPpWYn6Q-6ZPY0MU8K3odGxk7r4t27aRqp9R0scmuDEctaMQxoCs5yK6HwrZo9OFeDtGVqH9q1qiklhMeMnjFKeT2VHxCdRuCSkGAdpZCxywT5iD2p5uqX1mlnMRdhLK7m8i-jea3v8QjQNnpmdqQgTuunKzh5aFQYo_eOYtGyLKQ2zeP9BKb8dDQL6mcogYUKfx_anvkideSB3kFAP0QIgZxj4HNEizoXLFxWm0q5rJODpVJYm3yYBn8LXZXykbvi49Xl_OlPoUN66_2zTwGHil8Ii2RauiMkBtAPDvDFxm1oGvvuNi59kQGzdmvfMIZ9rmL1rIneAnFO2X65bGcaLMFIyuGWSwQYCDxlhy7u-u9JbYzl6WeHFGP2lQqI8XDB_Fig5Wy9LpzeTQd9GSAMkV0V2DvqAMGxgu0y7Iwu0lTcDF-exBjabSFl-Le-C3BXRm76UKKePv-vL4HyWJV1DAgByaGXtuvk8_pRyvFdaTCDzTerfFi80P_K55qOqGMpzHI2gpIIHRCd4HJTggObvh5PhDhhhH33pgx2NPGylLkf4jLESFr4aFCUSKH2cVH4nNTHKbRs2exP0ru0A-JFxb-r-UeZhCwRKlj5h4T8s8nLF6G1wpj0ne_ZJ6fwrNphj0GcIgp-4Cqt5qd-tSH80M8qbKrJiFKGEnT9r-5983elFoy95ZdUhm36AOYEggruPVqNn3m4MCRSYty43p45eWbMxRVnzBBuUZkYG6ttPtyCJKnCGFmfizvw8v7oE_a08C1NjI2PcrzV0sSf_gO7L-Z23ItiCK7h0HsWSHBlnQbd0ceG21wXBBVo8VyA9O6q6LispbUBkIkTKHMd3Vf0ClToRp17t5MLrvoHOfLlzL1Fg5lOg4KU7qQQk3WSCkzLIbwCaG25UNAvmmqQURLlPqEw8n8c3E31kSaSJ9WMc_iiMkTguRnZHaqkEh1sgOwhd4AbNTcx4VYFTHJF5I11g9bGVBDC9Yknq-PQn-QW4I6X2b9i1hmC_Z_oViA5mAIbv_NhyoucR4KjPyT4Flw5hfG5hjps4BKaxC5YPPeX1LRr-2c4LYV1rLbWpkzBBySgkc2mGIiqCZG5r4JHQv8Cbjzadw8vj9a7goczn_MSPZYw_XqFvjQOA_JpM1qptUMeUCxoX&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&dv3_ver=m202209210101&rfl=http%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=1&iif=1&cor=12078184435898747000&adk=3944675600&idt=136&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:12:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 592D 28 KB
11 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10849
x-xss-protection: 0
server: cafe
etag: 12554467027428251666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:37:12 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7C79 106 KB
37 KB 158ms
100ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Origin: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Jan 2023 09:14:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 7C79 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJdazHEq2stEZGXWo3u4LRfa1T6SjD65AKSFovgRaM1ShsG_0SSep_uOrEyPsfycAfBhGUbzMGNDXF2dbSyGD2uTuluw&cry=1&dbm_d=AKAmf-B2A61c6YvEDkkuIGqoU8rqOBA4t0MC5wnqKlGJkgJh7INk21lQLc9H6iKZlqfWdO8aQxq9nUcFxeRSZVGmSDQOtyjYKPBRpOoHCVsVxKhHLfuJbMv_Z_D2z0TQ7V3zUKXMm6g3weXr77L6VfpKCd2dVvY832vK6oBAef4629vw04kZc7UzSAKCi7f-NdCa4dAPzfZqiE2EuMK1Asf71iC4OgCBCfcIHZTsL4zAvJ4qxozhcaPdNCp8TAkPVe17sspV0mYdq1Z08k_oGvExWUcrGO2zS_iBRDNdPtqqliAExw5K3OQgRgF3ULezoOLi2rCGOWP78otZcyCf4Lv3ZWQGDs3lawxk7btacthR9SIHLnE6qO3tJCKONnLuVS_MZ7v7dvxHOVDEHv05FeQjdZXwFM9h2kSWaC1Tw9b-yz6yWOdYuQ5saJAfdyUgygsJwQ3Tx1gfhvXn-Zi8a0CPIDVscJPAxyprA1ElqnX5j0isC6mAA_KR0wRe0tOL048CL6kf0FaEcNKF2DAnI0gn2P5DQwwJXk5hAiDnK3adM1hdHM9ECHD30vFJJYtd2lZVZZnEA9ICCnSrHqULwpm1uy5nhtjY9kaTPaIHtW0orf6_wi4mlgmrJYJa2OHB3f_4yJV8puLrav4c_IdEjQW8N_UqXjizikMwI5iNMc-OpljwCUtf7ye40esM4QtoRIfO7cEIdwjniA2VwaYb6RuMfgig1o2Zf171b95aZze9QgHEpu3gfFswVPi0r6O7hkBlWYuX6V9Eebs7fO82UQtMXBLtHhWngUJI6yiI4FoGjcNZr1Jb04-YEFr-Nf2lYH24jX1lcwdf9aHxYDVC-Kxap9bJWWqxTltEkD5GLhfqwlsgKJ5f5L9INCmRDS7lfVZJ5R8PzUVgJ1qmIufMYDD_0_S15Bv2qe7tHMmiqWhIH6gp8eTchpf7gtyeaTxvmlJ-5c5f7wZdkpW59qmyE2qYGit3phOlY2uk4MIQPoiQYfluUrIIIA3nuykz236RJKYhZe2Jg7L4tdi_EWHEtEVoHZEOF_UdSHMg8MrKwZ6kkd0X19kMx5h26eBf9-lEhyBLq_oLOsANBdGEjqIQSBYz8W9AdVuAJZOJzA2efOVCHabswA5ltxUJVPkQc1vJlYqVLPQGwxEF1b0iYpo8hYjhGwEjUxtfvK9ihBVLM5VNI_kiJ1KNbLXXgpOlgJ1ukxtIrIzYhfeYZINBlhp4GlR0nOsL-8aoxNiKUXWoSZdb8Smm2FbzZWjwM8U5xToTOPy4DIUZEnJ2PfbgxaHRcdfnu0UDWc9VrQHAEXMAF8eAnP1VDjC2pc6F8wncf7odh3XoRiwL47xYkfHXOX8hrpXSe4M-gIchY0fsVFZ-6oYmetpAh_pYYuuPWnt1De2YB3nLHWnZI-P-UIG9WonWL_Hz38tGqai5vb53hIoeSl9FFD_kv-MSi-WQC3dQXN_X3IEAN6Uya9qG-Q0RQycpNtJ3rpiFjYn-2cLTu6LI2_PI4JdHMOmBWQEEJb5SE2O830zAA4_FgHfTdY3UjmBboaHLgl1xaMLG_5ZsiHbekEudCXWs53FIlwG_fABRxUeyJZWCYMcJaGOgmXA9KsjgndGyuwPGNRtxhvM7YnJrVEVcTY4u-ok0n1AGxn_UQTEtSC1pYU5VgOf0BThk2obJUApvdN2_HM4onw1TwkGEAr7McBIBXwVQWUkay1QBGyi-GPUO_lUr97OX5EPzlCv10JJ5jzjL0nykInHwpN_IvexOIC17yjJeAsrujnE6q2KBCuwt7gaI5dJ1viOhMMr_-kv_6kMPSIU3qEJQKGOjYVx2PMXBVCbhVbyEX1aUfrgdr7BEYPaS1pSM1zv-HCmQn11JQV0QMQEGOEOaBLpilrngtO-AMHfWTZuUXWMN-oM_Yel7RV_BX7xesDlEI-qeRD4ustyTqYhwm3Fk-rTK4k8ayIlZQenqWj1A3-Y03yVyfE10pBekpzXUcTpoiCZFOUxdGpFusK11CZmTo90vrFoNJXt2n3PSTOgTG3ff9v6m3hxRrvRo-VQhpU8i8z3lXS-Lq4pqsSibGj4pBepml-a9psqAwofdNI84JJl0f3w-ivjEA9dGV8D5j3WNvHxk2nHu7lqDCeIAAGJ-DgUjrAdJKp7RM0Cob9ZxPv4tLjwlazGRYk8cke2Q9A66UjIznURrLwQYMTx-s0qokQrOynZHN3D_s4gnrW4zfRt93EXh9HMEPKdCFwucNNKtfuypFl_GaUk_Ay5SmY6pSD2UrkSmzHT-Iq82oAj3U2edvzznQcSjRGayQqJ8OvVs-sqQaNFSyxN1F_1wFFJbXeRYfT6S4FQ9mJuXw3DYX5YWxN2QPh6W1WM1LHfPLhlXdWG8fXtAWNo4pyZniBfk5cDUagItL_XsyVaJu2FiZBYs_9j93i9V8J16LY60NaQRdsXuCRORNjEH4SV6nSAnZqxIolwHUrYOK-Lq-vx5E_pzLg8KYjs6xXZHQRGiaLMlsxP4ZLEaHJdFhRh7IoJT-ERriLxV7V2kgpjnYTLvWT8PUTQNX0FfISCeSybFD3YuUvCiuxGpXVHxHbyhh1J8HabovohkSZkWSwSOaBwZPVovmuUOQUbWk-R5dNpWHCa5_fxJI5LhGMBTRk8D0Ts725sdTJzEOL36Qt1O5ZVd0MhiJv7Mhgtog7dxMpNmfTDFnjq804xWkwZJig8WtezkP3O5AcQMd4y12z5LL16O0dgXZWl94pJ6Dr47VA9G0HOZPRen2_aO88FbjEEKSb161KoCLhRdG8eDKVp_KJPDroNYUFvqJbWxR4AXGdnqVCDHbNsdGYa08mu2lmv5BSAMJpFirtkdzVzjRnNtFma-1WGJthggNhlI0YqKnu0btQ3klhbMuTUrnksb4W_Te8BP9bbdOBGVx0CeLd-wYwDCMhgPKEDjr4YQxfKavsszdDsCAQs8VadCuyNU8hNTh1pSYlEmQ6BAa8M_4XwUXL7LCcGCp1KAvziAAz0ep6UT3CDFbkJehTsXEXh2IsaHUGVvi7Tm5LSb2YJFCMINGbNzRlXKTUYXuJsHVygR3PUauDx3D-NUluAbafqWj-7sYI42oJQ6Ob3BYOvdx_HItAwgfRcc_vnDHaExF7ZglxxLUNUycSHt_7eqlEc6qKe6VTB6SnMXY2rb19TP7RohtU2Pd3VXlKJLEJc_xzcUV7EwN5oILyvtnHd6cIqvhRpXvrBfpj6afa-J4YD-cioiQLK2LSXDtvwEttLq5IHKtBq3qEpGCETooE76ik2zgNq6MoiZkklw9fieFWDnateujSugoavuTb74U1TKXXzPqynV4uEy23XCdMQIzsQBXeu2SA&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&dv3_ver=m202209210101&rfl=http%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=1&iif=1&cor=8740959834475601000&adk=943508955&idt=199&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:12:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 7C79 28 KB
11 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10849
x-xss-protection: 0
server: cafe
etag: 12554467027428251666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:37:12 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 600D 170 KB
59 KB 109ms
77ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Origin: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Jan 2023 12:08:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 600D 8 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyjf5G2cWUPDGtS7y0puQtOpfjW4SJIHr3Kslojpfaql6mn6P5dWeDI0zhhLX-TPa8USGtEgby-MYG_8zCqERgzFkXuGhoBHEebeavXs05Op-U0N5P8bYeyJ6frjkeuT_lF5IxfQzoAiINbKzJYeVK_jpOyGE5I6YJuDaNUF9r4uij3WQ&dbm_d=AKAmf-AiRjDFZTQvUkaUPwlsllz2LSffSsFZxhhihG8dKXYHClZ4nl97mvyA2aq6QY4aCqJLyJluD-SwEgVTPWU-2Lg5acbwnDQOZTMWjkK2zDn6TRvw-d6AaNIGwk0UB0qqIcnl2roZGPfYHRv18zuVtBhDyEU20SMK5zt_s7fR4PWWYGzZdBGP2qVI_DzmwERy3blrAae2pNmJ3_dEswFpEKbQ9Fxx82DFa4NB4dKaNRF82WA1opMHi4xNe2oiuPgQ-kBULw81xr2GB7yY2XgbMqHM_285rvPzJwJTxry407xu-zrmgBO0zywg9r_oRimIPkLP1wk_SobJRz3Dd8A5Hbtv4g_I1ZAYpd0OlY1Oa_8SL_B2HGJQxDKaGLRKdpd8HByQyPXKLryBxXuGtGB0qP8qKr3xKjt2BYGZ5yOL7ehq817l-PmiflMDiKeWl-5X9qfEG7I8mTL5GsnbLPvTbum9C47btgb_tsIFI1KxwFZ-GWmgb6R3aKwZwvPdxxPmKfCJZEulOFT0W8N7eI8C61n49CKkErPytHVgyWOokyAq_drYe7-q9yZ9YRe_vYiN1Q48JN91VK9F85T7fsM8DJoS163nfrIsw_WftFoLPNG9U_7McoUcBQW96BaAqTr6UY8EuhyQ3_suBPDeLixqfHGge9oCcoKq8A_6il9Jfw5wBVsnRya9Yrpnch9dRmtRovdnrHLjZfjnDdK5EREosp5OWttENAj_qFe5kwt1PdesqG_oKmiyx4jwdLNnx03TgYpZu3wIvE0sLrdNFfuELP6jsjIZyGqfp89q4ntjw3z8E2Wic7A9UXYj8d9b5IZ6DUGds-38igig1xOB1W9cGaH7FWK__7yHZcGdaM1toIZb6aqe-XXMI1Xf4Z10eU48DSmj7pX3liGQSXCAjcxSLUFP-CY6VN8wBLjUDYgqAE_12bVw83rgdn_Bhow5Y016KzEgiqCeCBcz9X626j2nYpPn4yYKtO6eK4WRtTvbpA0AjbDIdlFz6WQVwTpU5L7880vX0SBrwPichJXcoBprAl7v3bK2GwIYCDae16zPnRkjJPhc1qDOlFUJ_G_CDLKhJ-BpwCc6VZqvxrLT-a13DvuFzuEaRtqxbyhyd4hZpRLirALvslU-T--ayNsPZjnD1vfOnZnos70rjqTF8_YV_NuYTg11ZpEohomzy3b98_J6N8xwTRFc8R44zZ5qh9oGwzBkqjLRH398ePBm1L_trAkaUxrAt7luSHkArfyWJh7424eJ3mih3bBLkEYXnqKB_RJ8WohHiqCK7f0KKLJlWNYuxGsjFZr46yf3ZW3V84A38sWTRAmXQbdvnsWBjHgLokp0v4VvY3uLUBJ8gAH7mhHKjlkozM76y9N0RKmvYEieTku0zxLUblaOI4RJA7iZ7dOF3tnybnFW48s8ZD_Ks8hShLWl4WMnWzm2abuPLZWO_BsMbhg-3Fr01HvZH8X-vutTVZd5Of5p-wHYmKdaJ7Cf4Q_w-OcQo_bl75Tozf3jMdfJZY9KSjjG1DxQCXihAa3eHbJl5Zx-h6xHsiGW0QhxmnRVQ1VVJLN51RQjvLN5xQaNw_woZYXQv9jbbK6_vJ02T-3f706nLMEzP2KKWdy0Kp4o_wjcxQjY61zEg6FJ2_k0GimEPD_9lxG3Omew8e5A-thntyPHvg3U0HhqLjwmNZku20_iBdnAE0pXaUVg9K3u8EIM0kq14hqJdelyEq198_V5WLKKSRExIKLfDWB2HVBE1UkLwp9jclG1nUAeivqT8FmtnagGimmcJxsVIqVaJRtaLtoJYx6cc7fgGHDCYO45ssKyaJm8NgBFpkUrYb91zi-b7P-P3NiJiHEbQHhcqNG06ewmeHfbTs8VvrwIcs0cflD6KToxYDo2dmP754_huFUF04NSBj-RDnPnPlq34xBNVZF1km4D9SKHZHAq8Yb7qItlEuF5lq82CylqFvIJ5mHT0GuMYpF2uIN4gu-K03VGgJbQ2jJOh9q_G2UYXyPAJWGVIsEz7AWT279-U70CT87tGd0rVMlu7xPwl-wxRxSCLQWIQlcxh6ojRuPDuUlLHK9tfMhrBWnGaTL0hSz7nS7W6pK0lx_ObNLtgO7aSw92NregOq8a6RRk6kYCwiQRrz1yAQOxzo34Y53B2yicWFcCeXPXyVlJD277MHID8oecCI6FhTx1LcOY8T7vDUXRwMlPoVacLYxsHMOq4_6dx8SV3RfPnvCZf6oPseALZ0fq7CB3swZ6fvwpA7umaVtv65aXVVAEschvzFf5HE-7tIbFzzF3rAOJ__OpWQVOHqVxHFAnGVPcC9UsafC8VI9rHI93lQns5rZyaDbVyXBthh_wHalAyyAGKeTopnLvvjQyPlJnMcRwfybCDQmJKv2igJvdWkfe9gXMAym0P7EiY92u_dcrLJbXUzzwWInDTqWiNb_YVP83u8c2J-wKx3hXL7Uq5PhBfnAvXpwInPnppXJIQsOfbj7qm1_FuSET2M7Fnx08BCCZW_qUh9Nb7gm93emW5Sq0OohWsgUfVipqBVa8U9STapn9_7q6X_4MYvRAUlK1izRNA78tITnrn4cH4kGIJxsHE7ZDsExX9yZJDyFhrefEYPT2TwvdUvqYJBa-q6fHFMwhOB6x1Qmdq-nN6QHoZVxfPKGIoNqWJqFIrSOTMGKD4fiawq8kkV8zSGKB9WeJS_QnCFVyKfb_OWRv9YWeQQd_0HglO_0WQ1BqJiAG5Vk_en_CKzpWkoE9nBeJFlNUJpOXMF6UrCEtN77HJ3l36KzcZvyYXBFB9G3E8ax_KGaCyKKMx7c97IL3PQQgH-8la_X_LNB4DyLtO8QbLHWKhwR6ojuskhIMcainJdFUjX9JCtUz3yOWKZe8Zbb3FHu2rUFqAm9XvHKi85RjQyzgcR8XYg_hZKYR5sLD2-RPgZiYYsCW2okHsmAiCir7Za5QCeAvnbOP7axYc1YamP7NuGef4eaWM57fohihtKlkcwGOYDLV1p47b15jlmPuaqKFbk_8Ky4q0cmNqPb00LIOE576YP3RKvIh8pM3jQ_boZ5jAK0Y-ILglZCHX3ez3zRWYh8Nw2oyXFT-2VeDxfi6RDXN3d0ThHv8cuWfOeeE1j1XtKcmQ5k1xwUBvGku0kU4Hj_n1_sdksScNhZ6WhI24udluFvh7EIrJb8GX0ecp1mY-m6zwN5qn5RpU98HnETy5UH6Y9k6uL-lExEBzkA6Br1VBQo8NOBz9PD4Bb4GKoOfO8PnjMbazp6spV--&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&dv3_ver=m202209210101&rfl=http%3A%2F%2Fultrasurfing.com%2F&ds=l&xdt=1&iif=1&cor=4209687574788538000&adk=3690638929&idt=202&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:12:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 600D 28 KB
11 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52053
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10849
x-xss-protection: 0
server: cafe
etag: 12554467027428251666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 26 Jan 2023 19:37:12 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 592D 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
DATA 200
OK truncated
/ Frame 592D 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7116d3fc8539c2a328a35bd9e052b2b06aa56cefbc5a58b23ecd30ce2d3cf10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C79 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
DATA 200
OK truncated
/ Frame 7C79 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1d8daa45f6def59168f1d04c9f1adf8b499548ecdc5b5c1f3c65c1bd9dcb68c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 600D 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
DATA 200
OK truncated
/ Frame 600D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4f36445f7e45774c199118fa06c0e6d65e9074d79ccad2df31fd6c904eb70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D9E8 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 67617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 15:17:48 GMT
expires: Fri, 12 Jan 2024 15:17:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8828632559684167007/ Frame F1DB 36 KB
6 KB 133ms
55ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:45 GMT
expires: Sat, 13 Jan 2024 10:04:45 GMT
last-modified: Wed, 05 May 2021 19:27:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 592D 0
0 163ms
78ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu-FJZMUAsVbnIDMN2PmfiKS5x1OZ9RpqMvEbagQpfAzmY9-NhWJlTAUYQ92kO1LhhDGN1XD07vgMLKAro_94TkVz3Y1rsJLJQhTuyO7ku7kW0tykQ5cbZHNkHv3pbOPv__YiQaTjSks7_Kgn84JEw8lKIk5gGlEn9Qobxl6_rkA6OCEfTAy52Hn1TU3sCHNMlrD-R3ITIDbXVSWHt3ande04tIVfY73z_JI0XOwGP6n2W8RVmJrOpAMzUZKRTeq7LxLtzVDkkYMbfckgAnHfUocoLkHGNHd0DRk3-aUZaWQq6rjRY5XM2u_z_XbKMCk4mzJVM37kf1cOx71cdGQW_fMywOlLFcAgjQBYoX0UO_uEE5jKjOMHyXI8MpQgaKWYibt9axyLUo4XLMdiwKN5LrCcFKeSYL4eJwUTLc63XkFx-Nmmk8Mrl0cjVolM8qiz11h083nln16KDibQ7ws6MWF-s9l_g3kJBoivGTHukyIHoQjK3T-Cbh1CMHdAWXc6MZzAqThQf23tMwPlSVwvpNql7I1KyWYrXlFhDvxC8LK-MS0pkXrKhg0YblhtWbvAJaUoPYpgWqAqp2U0Pb8_XX1fjC8VJ_OF9c0JB3jbUuiBNg_xFbFQEyIeoQGUhLcGYBmHGuGohxKnfuXqRZw_EdGaICyJGEwA1wZ8UpldDk4ENKCyyIRiLon3goe-aHHQujnDy_6pMR980IrDbumrIVBUcY5mVApKc0AW9-5BRHipUaXSBDB3m3YfFqhYuyjQfY9MDpoln5p_DG99nFIABDXdsWFPV2YiGef4YBv9pZ1VsLr6VRtVTSzKshKS4rD8tMPbf0q3Dp1rINrWqDmRlYIx-aZk4715pRUSsrKbbhFDCNDRkAU6rmjrT6emQS7rvTX0MLsmuoUZ9gKoYQLP5sjMYBz95PgSO704rtLxBc1EsVef7YA3CS7FFnSM7D22SaMH9K-e_TtPhcvWzXnbm_-fS44YtgunWgesy-Lyp9GtuXoi-EH-lnvhkuheHjj-kL24k3kbahEyQjlAohQeFkEQ162goxZPvxvDcPC74Lx2pHAgJuuqMBlOwHWBI5uDyyKq2Me6M1IineDiXVZqhZlrCXbyhQ50XJko8S2WXIev6qMtvcyc208I1YVrsgrZbzb2sUqcJ9_SBODiZjJo-hIVilz08F02fScb3XC2Fr28WmX3xZbgymZxVUxClPzqdpgGT_xNQUaX7auLAtqFwgchY5BPn&sai=AMfl-YS6lP8LuxHOiPjnon99lsqRQ3cHDabE8hW20YtMb1naF8GvU66nAKEL6I7OBDCUSd-WWQGav0CN7XOrmMEsehNHXhR4AdYNbu85RAX-qsI0n6LH6lrxsquYCS3o-rFYB7UYXVRtCHnzAgFQglBV_KcVSzeBAuEalWbgpLFjjOCLwSHXF7doTTpS5xqnwVuTt8z7x_XzxoY442PyxuMTUD-Cv1c7hdcwFzmFyF_A_raMNbBImp55XTto2oXH1pf2rgrWHEugSZV4N6SP1C53lmLQz4YQLUWdOsQMOIirQg&sig=Cg0ArKJSzIjkkMpMaP7bEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&cbvp=1&cstd=246&cisv=r20230111.40705&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 592D
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=354993420&d_campaign=29111912&d_bust=2741893067&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=354993420&d_campaign=29111912&d_bust=2741893067&gdpr=&gdp...

42 B
964 B

34ms
34ms

Image
image/gif

52.50.218.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=354993420&d_campaign=29111912&d_bust=2741893067&gdpr=&gdpr_consent=

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

52.50.218.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-218-77.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-07e4ed132.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: o5pSpjCMRkA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: u2OOqEnIS28=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=354993420&d_campaign=29111912&d_bust=2741893067&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 592D 43 B
1 KB 64ms
22ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1010229247&extPm=462201757&extCr=19267639401&gdpr=&gdpr_consent=&rnd=2741893067

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 13 Jan 2023 10:04:45 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 13 Jan 2023 10:04:45 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 80D9 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 67617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 15:17:48 GMT
expires: Fri, 12 Jan 2024 15:17:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/671891683100766080/ Frame FEE0 102 KB
24 KB 91ms
39ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/671891683100766080/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44874a36d2dea46c11509d3c1a12dcf541caf1f5347a33b638f4fc78432bc77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 345602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24545
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 10:04:43 GMT
expires: Tue, 09 Jan 2024 10:04:43 GMT
last-modified: Wed, 07 Dec 2022 16:36:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C79 0
0 144ms
77ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3XyHtC7vbDAQl-g0poL0vCud2m0ZReb9a1wGt2JMkyQXNlrWwlKGUUiulgAP9J9xwIUzvsE48FsNq93nAUkG-jWVKnDwZ2uju1WKqyHntKxmF0hAxMtN1n20Zk3CDsW9evQrhoG9Nmbf9_ZTz_vtzWvnk5aAtexY89USdx8BzY5SWcOFvZknYPDkHq_Xkylsh_IzkwyzjFHq7ITPVWUcLZXM1tXUNJ6GL7D1SLG2p-pAxCEIbWL_N1A3nqDhtaLlD_iKa-hwaAdNF3R9KD93J2Czd9arOuOsQKcPDtfIxQJaUD0VKu8JBwdM8_SZie3eQhaf_ZqyAmQqQ976xte6nL2TG5jPoELW3kpKZeB1rXXh2XD6taLgleaTbQcIc460OJGl-qg31s1CvqFS9RHiGjsqMSIt9H-catyZuYLHegMS4Y6o3JBkktwC8bqGQiI-kZcU6MRsXp0ceqcZVIRDmdgDwhY7q9AgTnLamylrTnPGqSil17b7tUiUTH4s4g5xiPmZk9fCY3xz7lEwXb2_FdMrPQJd0AIO7xmMTL61H_VMV_4QV1h9A0xlK94hd2rQZUUQgJsG5tstGk6_6rvUqGeyp8pMsutpbajOklBXN90z0hcFW9mip7xLpeFXBkDWciw06jnU7qFvC_P8ICXZdt0YPysCUvdrjqjOfVDFUlj4DrH6Wg_iTtVtgfTI0vSfpN6frmWW9i-exjYojaPKSWzC-CODTkr3m9gvv5Drsj3hXC7fPeqeDMaKvvD7TD-Ds87XetMaRX-uGnoMlHL0hBjFwEz8K5vR0GbS90Yj6AlyfCizrQx3JRqwlayO3GS_AnY48ntLdcEdQCSw7eqhDYbqrJMbA7kSegclwOtR_cnSOKRUlf2fGxWq4x2eelSAHmjDGxoN_ZV6Wq7nq8a3vsuwN0LJbWKu6TNmhDdhbTO8YyzW2WTdoK0Tx-wS8IDXkunlriE4LhsZrYXrwJtnWTB0gjCUmn3QtD3g6xctUlfIDNh73m0LOSyY2HVKgORsJyAKK-WThG99Uqt1Xq1UZZSCJmPeAdXtoUSjSuxpRuXAINB1oj_h-IXkpKnUPnRKsVQuGNYmGlpl01cGcBj7P3hi9_bLtS29H5MaaCJD9T1JnGr05dKDbyUGOxfihzUaY43c-hMpuf1izYejK_kjdQKicVDa-6VRMQH7kvH5t27DCMnHfkTpdHACutDtJbuEuCg-Jh5SQ0-6LQc-F8ZKjNur6hESdEaC9Ne5jzrKNermAMyjx&sai=AMfl-YQcmiTVchj6o8TfEMk-ios6Zp-DrXarasxapISAYwf7GPMIxElouLvzh7tZClzUM2shKs5xjbzmNU94L6UxjIDpz7yKNlnFIyeZLV4Un_FKPdeZ8EvzmG1Xr4LYXxZE6SW4doPljzazOQrQ3Su0qQBOE1CliXf0fAfX5t_K90oqfhNZSa-8HzPkfuatyQqUX67QRjUyqP1NkzWIurzIpGSUZwNVbN60p0sYpgSS5J3uBOCVTq1cJj72eEVC7-rYtdGQZ-Xtyaho7GBSMg2s6Z_sJERsq4hmqc9YSoOoeA&sig=Cg0ArKJSzGa1VYn0_1XCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=256&cbvp=1&cstd=253&cisv=r20230111.98402&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H2

200

/
track.adform.net/adfserve/ Frame 7C79
Redirect Chain

https://track.adform.net/adfserve/?bn=52774350;1x1inv=1;srctype=3;ord=2729624672
https://track.adform.net/adfserve/?CC=1&bn=52774350;1x1inv=1;srctype=3;ord=2729624672

35 B
395 B

26ms
26ms

Image
image/gif

37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=52774350;1x1inv=1;srctype=3;ord=2729624672

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=52774350;1x1inv=1;srctype=3;ord=2729624672
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8826478595190136707/ Frame 34BD 36 KB
6 KB 106ms
65ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d4c520d8d19c54f542db4edba9c0f2e40fb4ba83d6cbe964cc2ae2f6728602e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 10:04:45 GMT
expires: Sat, 13 Jan 2024 10:04:45 GMT
last-modified: Wed, 05 May 2021 19:27:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 600D 0
0 132ms
78ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJOS0bDtrbHP4V9Ouf-KVCDFi8FTb1xNUetqDAIx2R7VAdOSIO6tdnhK1iBihBY2cAF7wOBj6h1IOhSLwdaYiG2b-NIoAOYLwH0vtF9cscw0ku4TgPwmB1Mv1nSsg8UScJqFR0VJ1tiKUHcf3sheIgDpvO0AfUzu0ddPb1c5SJtcRAs-VNg_zNk8xL3tCSpe-XwqTOh9CSh6N2RdZbp_PlshcWeCaJk7NshtGB7Vs_txKqzbGhHNVtdcPrOHoNpViG82P8DbZV1JXQ75W00OdnmcpUKwutZ1BJEIBPs6v89IMGn5A2L6a5aQvMVmQ9K2wK4yyq3wWA7l_UO0u9_Hgd6-78UE53yFfyfJWsbQnv3UHOufkC3yLlXW-bm-HhS8XJcZkKACROvse5fKbbYbKyae7SHN3RTrRi9cfc_-UlvtjlenZVln-JDXX4jrBiajrewG39dLgtYiPSuWmLXkKbr1X5NF0x0Co2FGdxj-xMm_zN35OakKDcnEjgOvL5QWKuQzBBxDQ5hW4ojBgpZ7RlgDHBhthTsCsNx94ynEa7v4V_C29Yur2_w_huPE0ezdbd7zACAH2K13P8ee8e8rUJhbFCfrwBUkXMWa4tmXgim6G5O5MvBOGfuxUxlTHQGjDomGy-NYHIIXo5mGcXPoc8D2MOlNZ_yMRUsLLTddIP9NmNyNxGz-tl01P0iZa7EazWO5SpQxWuM68_KGPxtq5DYClpNVv41nRdgAyqw5_4zWXlOQh_p6O6QDh9tyMqglAHX-Uj2AGO2vyNpdpFJQOwCwtCFwW0VKgtDCD_YRFYcQS4dmT5Z_s_NZa33Fl-ieDFGfGApTMzoTIiicLJVcJXmk34fZEtcMvAvdsTeQttQZO9Xp04_cDqsuJmD_AEb7tld-DZ6G9IHDgzSEEh7N1FjZ9-csvf9j_40_MA05ThHlrlO1xestX2-xL0BnC7Ny38HHWRyBRy8ioKGGVQam-NqgQWkJH58vjtItmtyENg_eJKPPHnP1HKQCebivyZuxM3Z-bjEumJmIYecs9K8HcXUnSLuqwktB4e63o7whNCLTKSgsCJ5AO7EGF3juYPsKdDLvbQQTJvN91if6xPP45wgEZ0vL2y7rdxxqR4CwxSPDf2qc1ioEMJ0C0O_UR8BtkOY6ewh9fE8ytaZOQ1Bn755piHBLZUnZqPTBvCcvoLDIXZ-6OYzfiPNRjlAYuxntthvlzoSm-Q1Wpx0V3f6XLNKqXjYS0kQXLd&sai=AMfl-YRZpiNpwJ3gLpgWgd47ki6OesUSC2zzku58wy_t4sS5NSf_JSDqyOiD3R-zSIyT7nIw7yHZKi9QA7i1opUF0lrWZciBkUqNC5ghDrBm2XpsD5dqyw85hHQKlDwX9wJB5waLrj5Jmxwxqw2SG8M5VHsLGfrZ_RlUWb2pP1YwJpGCF3m9fLjLl-aIRCSudcWbsWqDIcscuxdCcs0OGBtoun9hnjSSMwsK3YJw9c2TTRvBUgmQN58gepj9jtMTt10hb9BMsoTcbifVZ5Ymdm__5kK29K5enap4DT-CjsSa1w&sig=Cg0ArKJSzJT_ykAK5R3wEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=241&cbvp=1&cstd=237&cisv=r20230111.86159&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 600D
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=354999691&d_campaign=29111912&d_bust=2053205118&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=354999691&d_campaign=29111912&d_bust=2053205118&gdpr=&gdp...

42 B
964 B

36ms
35ms

Image
image/gif

52.50.218.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=354999691&d_campaign=29111912&d_bust=2053205118&gdpr=&gdpr_consent=

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

52.50.218.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-218-77.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-024ef1325.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nNN0S81uSbc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hEgXGw1xQic=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=354999691&d_campaign=29111912&d_bust=2053205118&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 600D 43 B
1 KB 43ms
15ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1010229247&extPm=462201770&extCr=19267639401&gdpr=&gdpr_consent=&rnd=2053205118

Requested by

Host: b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
URL: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 13 Jan 2023 10:04:45 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 13 Jan 2023 10:04:45 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7D4F 22 KB
8 KB 38ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 67617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 15:17:48 GMT
expires: Fri, 12 Jan 2024 15:17:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame D9E8 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 80D9 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D4F 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame FEE0 29 KB
10 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/671891683100766080/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 11:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Jan 2023 11:55:19 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8828632559684167007/ Frame F1DB 6 KB
2 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 13:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 13:17:13 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame F1DB 109 KB
37 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 06:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Jan 2023 06:58:08 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame F1DB 59 KB
21 KB 38ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2730306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mM9sLQ%2FUuZCVn9KjTyTBQuAe5seJvKSSYv0EZRSdlqBKM7L4IDiVC8wOxdGfd8jqkMGkRn%2Be8b%2FMrfrFtN5LmwHPa27DzPZD%2BMYDAUvIAn%2BSzujwXyayQKuqpKYQ5Xvyu%2FAC4DjWq%2FhpaY%2FRcoeAi2ip"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788d4f414a2268fd-FRA
expires: Wed, 03 Jan 2024 10:04:45 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8826478595190136707/ Frame 34BD 6 KB
2 KB 40ms
40ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8826478595190136707/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b48abe5054107a01d176b16197268ae60b5cc7ce2ee5194bdeb88877141608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 13:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1810
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 13:09:07 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 34BD 109 KB
37 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 06:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 14 Jan 2023 06:58:08 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 34BD 59 KB
22 KB 26ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2730306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vESflViEIgovgQlej0HTVJLgBXzbFEow4WWC%2FveQbFAILLFXyqtuvSJV8RxaYKeCPkm7zNhLUPRSaVBSDR3ODTXBummasa9b8BaOwkwnSQjc3KYcq3BZqr45gugZ%2F8y7E3HjI0m1MCvTYBYE8m4hKMYb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 788d4f414a2668fd-FRA
expires: Wed, 03 Jan 2024 10:04:45 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C79 0
0 72ms
71ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3XyHtC7vbDAQl-g0poL0vCud2m0ZReb9a1wGt2JMkyQXNlrWwlKGUUiulgAP9J9xwIUzvsE48FsNq93nAUkG-jWVKnDwZ2uju1WKqyHntKxmF0hAxMtN1n20Zk3CDsW9evQrhoG9Nmbf9_ZTz_vtzWvnk5aAtexY89USdx8BzY5SWcOFvZknYPDkHq_Xkylsh_IzkwyzjFHq7ITPVWUcLZXM1tXUNJ6GL7D1SLG2p-pAxCEIbWL_N1A3nqDhtaLlD_iKa-hwaAdNF3R9KD93J2Czd9arOuOsQKcPDtfIxQJaUD0VKu8JBwdM8_SZie3eQhaf_ZqyAmQqQ976xte6nL2TG5jPoELW3kpKZeB1rXXh2XD6taLgleaTbQcIc460OJGl-qg31s1CvqFS9RHiGjsqMSIt9H-catyZuYLHegMS4Y6o3JBkktwC8bqGQiI-kZcU6MRsXp0ceqcZVIRDmdgDwhY7q9AgTnLamylrTnPGqSil17b7tUiUTH4s4g5xiPmZk9fCY3xz7lEwXb2_FdMrPQJd0AIO7xmMTL61H_VMV_4QV1h9A0xlK94hd2rQZUUQgJsG5tstGk6_6rvUqGeyp8pMsutpbajOklBXN90z0hcFW9mip7xLpeFXBkDWciw06jnU7qFvC_P8ICXZdt0YPysCUvdrjqjOfVDFUlj4DrH6Wg_iTtVtgfTI0vSfpN6frmWW9i-exjYojaPKSWzC-CODTkr3m9gvv5Drsj3hXC7fPeqeDMaKvvD7TD-Ds87XetMaRX-uGnoMlHL0hBjFwEz8K5vR0GbS90Yj6AlyfCizrQx3JRqwlayO3GS_AnY48ntLdcEdQCSw7eqhDYbqrJMbA7kSegclwOtR_cnSOKRUlf2fGxWq4x2eelSAHmjDGxoN_ZV6Wq7nq8a3vsuwN0LJbWKu6TNmhDdhbTO8YyzW2WTdoK0Tx-wS8IDXkunlriE4LhsZrYXrwJtnWTB0gjCUmn3QtD3g6xctUlfIDNh73m0LOSyY2HVKgORsJyAKK-WThG99Uqt1Xq1UZZSCJmPeAdXtoUSjSuxpRuXAINB1oj_h-IXkpKnUPnRKsVQuGNYmGlpl01cGcBj7P3hi9_bLtS29H5MaaCJD9T1JnGr05dKDbyUGOxfihzUaY43c-hMpuf1izYejK_kjdQKicVDa-6VRMQH7kvH5t27DCMnHfkTpdHACutDtJbuEuCg-Jh5SQ0-6LQc-F8ZKjNur6hESdEaC9Ne5jzrKNermAMyjx&sai=AMfl-YQcmiTVchj6o8TfEMk-ios6Zp-DrXarasxapISAYwf7GPMIxElouLvzh7tZClzUM2shKs5xjbzmNU94L6UxjIDpz7yKNlnFIyeZLV4Un_FKPdeZ8EvzmG1Xr4LYXxZE6SW4doPljzazOQrQ3Su0qQBOE1CliXf0fAfX5t_K90oqfhNZSa-8HzPkfuatyQqUX67QRjUyqP1NkzWIurzIpGSUZwNVbN60p0sYpgSS5J3uBOCVTq1cJj72eEVC7-rYtdGQZ-Xtyaho7GBSMg2s6Z_sJERsq4hmqc9YSoOoeA&sig=Cg0ArKJSzGa1VYn0_1XCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=514&vt=11&dtpt=258&dett=3&cstd=253&cisv=r20230111.98402&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:45 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 10ms
9ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:45 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 592D 0
0 79ms
78ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu-FJZMUAsVbnIDMN2PmfiKS5x1OZ9RpqMvEbagQpfAzmY9-NhWJlTAUYQ92kO1LhhDGN1XD07vgMLKAro_94TkVz3Y1rsJLJQhTuyO7ku7kW0tykQ5cbZHNkHv3pbOPv__YiQaTjSks7_Kgn84JEw8lKIk5gGlEn9Qobxl6_rkA6OCEfTAy52Hn1TU3sCHNMlrD-R3ITIDbXVSWHt3ande04tIVfY73z_JI0XOwGP6n2W8RVmJrOpAMzUZKRTeq7LxLtzVDkkYMbfckgAnHfUocoLkHGNHd0DRk3-aUZaWQq6rjRY5XM2u_z_XbKMCk4mzJVM37kf1cOx71cdGQW_fMywOlLFcAgjQBYoX0UO_uEE5jKjOMHyXI8MpQgaKWYibt9axyLUo4XLMdiwKN5LrCcFKeSYL4eJwUTLc63XkFx-Nmmk8Mrl0cjVolM8qiz11h083nln16KDibQ7ws6MWF-s9l_g3kJBoivGTHukyIHoQjK3T-Cbh1CMHdAWXc6MZzAqThQf23tMwPlSVwvpNql7I1KyWYrXlFhDvxC8LK-MS0pkXrKhg0YblhtWbvAJaUoPYpgWqAqp2U0Pb8_XX1fjC8VJ_OF9c0JB3jbUuiBNg_xFbFQEyIeoQGUhLcGYBmHGuGohxKnfuXqRZw_EdGaICyJGEwA1wZ8UpldDk4ENKCyyIRiLon3goe-aHHQujnDy_6pMR980IrDbumrIVBUcY5mVApKc0AW9-5BRHipUaXSBDB3m3YfFqhYuyjQfY9MDpoln5p_DG99nFIABDXdsWFPV2YiGef4YBv9pZ1VsLr6VRtVTSzKshKS4rD8tMPbf0q3Dp1rINrWqDmRlYIx-aZk4715pRUSsrKbbhFDCNDRkAU6rmjrT6emQS7rvTX0MLsmuoUZ9gKoYQLP5sjMYBz95PgSO704rtLxBc1EsVef7YA3CS7FFnSM7D22SaMH9K-e_TtPhcvWzXnbm_-fS44YtgunWgesy-Lyp9GtuXoi-EH-lnvhkuheHjj-kL24k3kbahEyQjlAohQeFkEQ162goxZPvxvDcPC74Lx2pHAgJuuqMBlOwHWBI5uDyyKq2Me6M1IineDiXVZqhZlrCXbyhQ50XJko8S2WXIev6qMtvcyc208I1YVrsgrZbzb2sUqcJ9_SBODiZjJo-hIVilz08F02fScb3XC2Fr28WmX3xZbgymZxVUxClPzqdpgGT_xNQUaX7auLAtqFwgchY5BPn&sai=AMfl-YS6lP8LuxHOiPjnon99lsqRQ3cHDabE8hW20YtMb1naF8GvU66nAKEL6I7OBDCUSd-WWQGav0CN7XOrmMEsehNHXhR4AdYNbu85RAX-qsI0n6LH6lrxsquYCS3o-rFYB7UYXVRtCHnzAgFQglBV_KcVSzeBAuEalWbgpLFjjOCLwSHXF7doTTpS5xqnwVuTt8z7x_XzxoY442PyxuMTUD-Cv1c7hdcwFzmFyF_A_raMNbBImp55XTto2oXH1pf2rgrWHEugSZV4N6SP1C53lmLQz4YQLUWdOsQMOIirQg&sig=Cg0ArKJSzIjkkMpMaP7bEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=594&vt=11&dtpt=341&dett=3&cstd=246&cisv=r20230111.40705&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 600D 0
0 71ms
70ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJOS0bDtrbHP4V9Ouf-KVCDFi8FTb1xNUetqDAIx2R7VAdOSIO6tdnhK1iBihBY2cAF7wOBj6h1IOhSLwdaYiG2b-NIoAOYLwH0vtF9cscw0ku4TgPwmB1Mv1nSsg8UScJqFR0VJ1tiKUHcf3sheIgDpvO0AfUzu0ddPb1c5SJtcRAs-VNg_zNk8xL3tCSpe-XwqTOh9CSh6N2RdZbp_PlshcWeCaJk7NshtGB7Vs_txKqzbGhHNVtdcPrOHoNpViG82P8DbZV1JXQ75W00OdnmcpUKwutZ1BJEIBPs6v89IMGn5A2L6a5aQvMVmQ9K2wK4yyq3wWA7l_UO0u9_Hgd6-78UE53yFfyfJWsbQnv3UHOufkC3yLlXW-bm-HhS8XJcZkKACROvse5fKbbYbKyae7SHN3RTrRi9cfc_-UlvtjlenZVln-JDXX4jrBiajrewG39dLgtYiPSuWmLXkKbr1X5NF0x0Co2FGdxj-xMm_zN35OakKDcnEjgOvL5QWKuQzBBxDQ5hW4ojBgpZ7RlgDHBhthTsCsNx94ynEa7v4V_C29Yur2_w_huPE0ezdbd7zACAH2K13P8ee8e8rUJhbFCfrwBUkXMWa4tmXgim6G5O5MvBOGfuxUxlTHQGjDomGy-NYHIIXo5mGcXPoc8D2MOlNZ_yMRUsLLTddIP9NmNyNxGz-tl01P0iZa7EazWO5SpQxWuM68_KGPxtq5DYClpNVv41nRdgAyqw5_4zWXlOQh_p6O6QDh9tyMqglAHX-Uj2AGO2vyNpdpFJQOwCwtCFwW0VKgtDCD_YRFYcQS4dmT5Z_s_NZa33Fl-ieDFGfGApTMzoTIiicLJVcJXmk34fZEtcMvAvdsTeQttQZO9Xp04_cDqsuJmD_AEb7tld-DZ6G9IHDgzSEEh7N1FjZ9-csvf9j_40_MA05ThHlrlO1xestX2-xL0BnC7Ny38HHWRyBRy8ioKGGVQam-NqgQWkJH58vjtItmtyENg_eJKPPHnP1HKQCebivyZuxM3Z-bjEumJmIYecs9K8HcXUnSLuqwktB4e63o7whNCLTKSgsCJ5AO7EGF3juYPsKdDLvbQQTJvN91if6xPP45wgEZ0vL2y7rdxxqR4CwxSPDf2qc1ioEMJ0C0O_UR8BtkOY6ewh9fE8ytaZOQ1Bn755piHBLZUnZqPTBvCcvoLDIXZ-6OYzfiPNRjlAYuxntthvlzoSm-Q1Wpx0V3f6XLNKqXjYS0kQXLd&sai=AMfl-YRZpiNpwJ3gLpgWgd47ki6OesUSC2zzku58wy_t4sS5NSf_JSDqyOiD3R-zSIyT7nIw7yHZKi9QA7i1opUF0lrWZciBkUqNC5ghDrBm2XpsD5dqyw85hHQKlDwX9wJB5waLrj5Jmxwxqw2SG8M5VHsLGfrZ_RlUWb2pP1YwJpGCF3m9fLjLl-aIRCSudcWbsWqDIcscuxdCcs0OGBtoun9hnjSSMwsK3YJw9c2TTRvBUgmQN58gepj9jtMTt10hb9BMsoTcbifVZ5Ymdm__5kK29K5enap4DT-CjsSa1w&sig=Cg0ArKJSzJT_ykAK5R3wEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=563&vt=11&dtpt=322&dett=3&cstd=237&cisv=r20230111.86159&arae=0&ftch=1&adurl=

Requested by

Host: ultrasurfing.com
URL: http://ultrasurfing.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 13 Jan 2023 10:04:45 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 13 Jan 2023 10:04:45 GMT
x-amz-request-id: XZ48AY8MC3YY614W
age: 3426
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ZXMXCLJsczBoyw0v63m27AWkI94Y95ukWIGwlplqNEpaniQj72rR0y3rlTEcSHyevflymKnOHpA=
x-served-by: cache-hhn-etou8220025-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1673604286.821776,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 42
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 29801

GET
H3 200 CTA-Hover-Outline.svg
s0.2mdn.net/sadbundle/671891683100766080/ Frame FEE0 5 KB
2 KB 46ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/671891683100766080/CTA-Hover-Outline.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d8ddbb8c85435a6f5cac32b71825b90fa59573b435a13cfe46015c293647f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 16:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1738
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:36:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 16:17:58 GMT

GET
H3 200 CTA.svg
s0.2mdn.net/sadbundle/671891683100766080/ Frame FEE0 5 KB
2 KB 48ms
46ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/671891683100766080/CTA.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bedc034c7f747bb99901e544c6a00cd3aac0dd2257ba1e2fcabfcabcecbf80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:36:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 10:04:43 GMT

GET
H3 200 logo_2.svg
s0.2mdn.net/sadbundle/671891683100766080/ Frame FEE0 25 KB
9 KB 46ms
44ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/671891683100766080/logo_2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

110b9e23cefb6986802408fec5a6e7423d89daf3298a15c994442853b211a160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9282
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:36:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 10:04:43 GMT

GET
H3 200 subheadline0.svg
s0.2mdn.net/sadbundle/671891683100766080/ Frame FEE0 8 KB
2 KB 47ms
45ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/671891683100766080/subheadline0.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a27a70d36db8fc5b5807cfd9083e761b59a3b195d431e64d32600da202f848ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2275
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:36:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 10:04:43 GMT

GET
H3 200 h1.svg
s0.2mdn.net/sadbundle/671891683100766080/ Frame FEE0 10 KB
4 KB 47ms
45ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/671891683100766080/h1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c547827a0f62a339254958c2a6812b51901c9b5fe22a93f7999cc1ea13d54373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:04:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3811
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:36:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 10:04:43 GMT

GET
H3 200 bg-728x90.png
s0.2mdn.net/sadbundle/671891683100766080/ Frame FEE0 433 B
460 B 46ms
44ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/671891683100766080/bg-728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b246cb9bcf9bb679ace443ffddf7a15ef8602452b7a04f5c349a6a2ef9efb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/671891683100766080/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 10:04:43 GMT
x-content-type-options: nosniff
age: 345602
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 433
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:36:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Jan 2024 10:04:43 GMT

POST
H2 204 visible Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
59 B 20ms
19ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230112-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 13 Jan 2023 10:04:45 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220025-HHN
server: nginx
x-timer: S1673604286.860162,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://ultrasurfing.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 145ms
145ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023010501&jk=2668570728063583&bg=!6uml6a3NAAYDMoyoIzI7ACkAdvg8WjU7uL3ZPcuiD8tIIFTbYEAhJjVUMNyujcfvl1Jzd8nQJiiNMwIAAAHDUgAAAANoAQeZArA0W1rjKxfi0lx45skwvC33stQfjl84k1CvXMazsor0PUkW7rJW3DPQA0i9aaWtejlx3XuuUAI3cXY9x5Ay9-U-wJcQyKnw6JvJDugKsaZ0t6TR-RBf2VIr9I-Pk_-JJanSoZ_0t-rq6ccHZy42-MFVtQ4akzH8Vn0nHFrnCWdMuvBHst1W4QGkvDB83YqqXSxjmpL-4AWQPHSO1zGvlW5Oj4PvkotHfUBwp0LAsmUu55U08DEpl2mvgxbGm7lQspwAFPSVS2ey0al_gl_pV4qvuq9wFQ0mF51HYu8adQvZ0jkcFBGayXVUQH4gTh8jhriJmiwQqxDoEXm2cZr-6Mf87De0jM87ELKqFqYiDil0GJ2ugvp86-dok6kM6VWSTXNfcnY8zCD9u64UcW_AlxDztQ02yGboOj9yDvlh31AOYRy02A3gZbDzgRh6QMUt6mDCxouDeTjVfyh5In2FCUS7sQ9bmqxGumS8vPekXg8u5XnTxHRMD49c5xncaFpRe46V5QzZor_JWShF2btSZsVmIju6Lj0UtpjDA2IoUKZk6bYlX3stg1aoAeBzfVmZHC2J5HL7O_GvTreag6U97Ky7qJSSo4bCiEJQ_GtIN2KH9vezzzgLkmMptYAacrXHNs3JqaRq_Wku5K6AeGSx9g5O6ncQNVfyjfDbyrSawEGIvuy746r1ZKa_ljM3B95EhIoj5OkgtoUXJPxuxl5DLAxE2DZVQbkLnmRj7acMogRH1fsmLVy7PE62pJwDgIabSjTfZVW6JRK5phW4Uz1Mqk5CZE97cpoJ8ZwSYDRIfuu20-FnMpNKFABqFPKIYMBNw9Ys_RufDn-vm2c7PBETyHyI_eYyT0jLgivCE0dODQgyavp0QqC2mdG00uUfuRP9FzIBXzU4mGzMc4k46bWCgMFF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 34BD 7 KB
6 KB 88ms
87ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea301085792009cad7c8a2246153ddfd1641557273cb34add7e148fd2c9846fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5648
x-xss-protection: 0

GET
H3 200 blank.png_1621951351089_blank.png
s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/ Frame 34BD 95 B
120 B 61ms
60ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/blank.png_1621951351089_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 05:08:18 GMT
x-content-type-options: nosniff
age: 104187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:02:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 05:08:18 GMT

GET
H3 200 DCO_Engagement_Test_300x600_1.jpg_1621951351089_DCO_Engagement_Test_300x600_1.jpg
s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/ Frame 34BD 81 KB
81 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/DCO_Engagement_Test_300x600_1.jpg_1621951351089_DCO_Engagement_Test_300x600_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

881e68a1be2fdf07336ba6a2e352ab94642e6d712de190d36ed4f7fec3fe9ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8826478595190136707/index.html?e=69&leftOffset=0&topOffset=0&c=DHebWtGiOE&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 15:44:09 GMT
x-content-type-options: nosniff
age: 325236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83199
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:03:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 15:44:09 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 31ms
16ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:45 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 34BD 27 KB
27 KB 52ms
42ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8826478595190136707/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8826478595190136707/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:51:15 GMT
x-content-type-options: nosniff
age: 810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Jan 2023 10:06:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F1DB 7 KB
6 KB 80ms
79ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7b6fba60b8046a1d7c44ca9e7bc49d84cf6d1ba716dbd41137b6e43198a7c30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5629
x-xss-protection: 0

GET
H3 200 blank.png_1621953238939_blank.png
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame F1DB 95 B
123 B 40ms
39ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/blank.png_1621953238939_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 22:15:00 GMT
x-content-type-options: nosniff
age: 560985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:34:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 22:15:00 GMT

GET
H3 200 DCO_Sky_ist_Wenn_160x600_1.jpg_1634118359639_DCO_Sky_ist_Wenn_160x600_1.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame F1DB 14 KB
14 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_160x600_1.jpg_1634118359639_DCO_Sky_ist_Wenn_160x600_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1319543bd5718c8d67a80c8067f5cf89af4cde765705ee7aaa5dcea4fb68a5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 20:46:45 GMT
x-content-type-options: nosniff
age: 479880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14698
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 20:46:45 GMT

GET
H3 200 DCO_Sky_ist_Wenn_QoIP_V1_160x600_2.jpg_1634118359639_DCO_Sky_ist_Wenn_QoIP_V1_160x600_2.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame F1DB 17 KB
17 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_QoIP_V1_160x600_2.jpg_1634118359639_DCO_Sky_ist_Wenn_QoIP_V1_160x600_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c3219b5aadafa3751338b7cd1f4818fd8fdae6cd4b941a3c34053fa9f6147c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 18:32:10 GMT
x-content-type-options: nosniff
age: 487955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17657
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:46:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 18:32:10 GMT

GET
H3 200 DCO_Sky_ist_Wenn_QoIP_V1_160x600_3.jpg_1634118359639_DCO_Sky_ist_Wenn_QoIP_V1_160x600_3.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame F1DB 30 KB
30 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_QoIP_V1_160x600_3.jpg_1634118359639_DCO_Sky_ist_Wenn_QoIP_V1_160x600_3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eadbd049915066c846e0a3c6a194dfb217f069ec51c9fa4a0b88bdd53ec37e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=zykAu2T0f1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 18:32:10 GMT
x-content-type-options: nosniff
age: 487955
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30678
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 18:32:10 GMT

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 33ms
6ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e334dadd70bad07e8e12bfeebcc80ff470c40cafd2547d04e36b62dfc15af6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220079-HHN
date: Fri, 13 Jan 2023 10:04:46 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: http://ultrasurfing.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame F1DB 27 KB
27 KB 38ms
38ms Font
font/woff 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:51:15 GMT
x-content-type-options: nosniff
age: 811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 13 Jan 2023 10:06:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 34BD 17 KB
6 KB 809ms
808ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:04:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F1DB 17 KB
6 KB 744ms
744ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 10:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 13 Jan 2023 10:04:46 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 464ms
147ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b&uad=7a38a8b8f2d5263ae8a8f8d1f4dbfd827e173b956e771bfbc9565941452de090
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 13 Jan 2023 10:04:46 GMT
cache-control: no-store
server: nginx

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 15ms
14ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E8 0
20 B 145ms
144ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTGs7vSzBY5c_1bz27w-kxJDgDwAAAAA4AeAEAg&bg=!srGlsfXNAAYDMoyoIzI7ACkAdvg8WiEJ06AdxpfhYGzVVTyeJLy_WtYpagFrQHY1JHfmXm8BXjSNNAIAAAGZUgAAAARoAQeZAu97KUbnrN36dDqCVdec2gGyifq-VQlofVCfMiv4BjQICetbq3lqLCC-7FnkJLXmKLOxSWAwjNoHVxpa3Fy7FydcRuMyfkem9U6SSk0fzXLBgdA5d860zY0Y31FjnKF9v-aLfuWAzIXvVK7wApxw0FPwv8k9kBDju04kwk5uUimqC0HZ89mlpX8x9MKWIJaWxh6YWj_Be6eZk9jHScDNxl9wjq9u3F9yxTNzzJsdv7wI-g55Jl6UBQdW4sBo6HfYsL6hWMskwslKekpAXGUhwSJZmAuwgslimiAG1FmBdZ18jBGxIrnvHLxLfmK8MzSlRVzJuCCraHu_DrUJrhu4-92lfswOM_LtpuqkrOmArDbXG6e7IYMJPisLgFS2jJ0cYSjF3pU5eiYjuYNAvskto_oB9Q-JR7WGOAkrxaKNe7rNWeImOceaIep0DQaaV1skZJ0-w72FfufEJdEWywC9DERqk6Iyw639E9u7IVEHpxx3K5DlKVlqOkZrluXTUXrLXQ_EnzwghnpbzM-HWq1VtvGrVaMygEl7KBnzySr_zCkvp54cGBQPdv_rweXn0mWpXXvDMHAYv_AJEhi9js0Bm2lNlzo_8p0tSZogxPHkspNy1KpWNsH8zyXtDXsj6S8vNnbeNYgOG0baxwtLu6vQCB3OHpPvY_rsaj8WhDXRJS87TGUL0HBDhOWWC8k_EMNR8ezmT89KydCFEDDqXuZQ4WJiFL8uDf-fNLTWka8vFmDFhqUhJxs6pJnDT1bfc-89W8t4-an3LQvu8L2WukUAQ1sZ8swaCsB-K7AnzscJsOxlSlbet9JH3mGTT2BeZkGhETjeSTPv8ZLDU5ULH5MttJQLDFtqjPruEbs9v8leZ2JdtdRPyNB-3MsEvlr5HHaWqLbg55Wp2eiN6exJ_PTc0svP8AqdKwwr6naAoueOcZvEvslxpd7cHqAu892c4KgwKp9NozXqewX-LZIcb0-qOEPBjty3WcL_LWFfcYiGDt61

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80D9 0
20 B 145ms
144ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4DkzvSzBY86iBsm89u8P8eeawAoAAAAAOAHgBAI&bg=!BQalBkLNAAYDMoyoIzI7ACkAdvg8WmsIE0ucwahccr9UieBusk1XyHVaVyiDnaNjRFep7BnE8mlWewIAAAHLUgAAAARoAQeZAuWckdF9xJaY-El5l4uUjsIbGrfTWqXZsBLpHM7YSz1iZgxmbV20l0hjMAIzI0xDe7l9ON2J-8qWiwEkT9-dSpOiKQNHmv1Vum2-QB5Uueph6groiL237gdxIRbGn_Y_-ygn8P2Ftvf7ejk4CQdhXnReWzC1YyUA6nFa87oQgoPjGR3xD2Da2USN6a--jKPe7UlOJb9jQmNnDNtigYE8dcENXXi03VHL7V3pjPvn0VASDZ5QPT5QWDXEg7y6DL38yt-JVIA1AlD88Wkd3Owk5HxWWCwNAtvJBN748PJg0GI4UN2lisN9H3SsFXsWIjy0zpecpQ7Xjz6QN1auhojr9dPNfQwx6CYUdfj8pMf8-_JN6wKkxSh-UkJHnnZkaTt7OEtchGYE7XH2WGnb_r76o4nf3lY4dkoFMPVlSAnsdNz6hVEFnxEb_l7r0yMPlr0bQLGjT_cTjikuCXSMtu_X_DhIEQ9xoUSzAKcqn3e5pP7MvkuVr3l-7CTznLjxJKElHZU_qK1bXUXP-xnCH17QAh1FseKZx54SPxZpwNH2IElE2NNFqxQGoZgqZB5Gkzt8u4DvigBYTn8I8Yt_tzAz6ruAM7FmX7S_9tgeIekEPVnB7t-1q3SvaY_lsHc_QyiU4JGwfXTlPUBA3-gG_fJyFPm_Rb-U4zd9kD3hEi_KItYsZDQ8NBKoN9QFjMD0jRG6GKspZ2_btV1TCODoh8RkjReGduiLXBbB8mkXrMPO_Gxy0_z2sEU2uqUI5YvopiQrdx-vjXUOe1rnY5LX3xbYi9XYzvBbQc7W3Pqhw0zj-YSYCLsgio8Nfoc06K5x-7ecOpF2UO-Xb0UcZk1pr3D9RAR19vyGNY5F9vnvJGGp6nDDMTVKi7vXdvAMmg2MbFEKx-sB0Cf4vs3CQ_dPcKInQkUMUF2HIwgtG1OcdKJbj-bpOJh2aBuVvFoQwui6qXYK5OUh6wE08zS5QfsaOLZq1PMaLHW2i00

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
servt.vidcrunch.com/ Frame 96A9 0
93 B 111ms
110ms Ping
text/plain 52.21.65.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.vidcrunch.com/track?d=Chrome&cou=DE&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=99354&t=1673604283&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=62da3b626cdcbb44f25d16d3&test=1&d64=787475968fc7da9efeb3ec9fb2ae212c&d63=787475968fc7da9efeb3ec9fb2ae212c&aafaid=&proto=http&uid=7e3caf6bbb9a201fb39da9d2aa855e31&cha=0.7&stagid=&stplid=&d35=&d36=6.2.73&cb=10978493108&d39=&d65=&d66=8.2.7&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.2.7&stagid=&stplid=&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.65.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-65-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 13 Jan 2023 10:04:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 11ms
11ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:46 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D4F 0
20 B 145ms
144ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bjz2TvSzBY8zdBrLrx_APzrqRyAYAAAAAOAHgBAI&bg=!aGulay_NAAYDMoyoIzI7ACkAdvg8Wnp0ekWrD7wnXUAfrWcz43pCdtwcGCOOg00vibD10B4fr6U5dgIAAAG9UgAAAAJoAQeZAt6MdX-zrG35ICJu4aq9Nz3S_G62SOyCnFtyjwgzdmUjHtcJuoVUNUVHddq8fZYG9h-Xw_gHAh85f7kapFU2q0J1WfMNNzxIT7be89VyfqetPhru-kJOik2KP2j68SgBg6xVy-fXVo8pdmZ0UNslAJ43fY94vPgqxTyz8mNqp1dULq6Yz_sUMQhriODNokuYrqCYkxFOKT_ArQhrw3slaPwX5ua2IEfeo0VSqyZieJSW1RXRTsXazadGW3hJ5F1KUaL-5BSDGy9bDfLY-c6bJWB5CV9NkKsOvCljbqNM573v5aBCd1ri26dxab8rgeLkKPbqf79ijDqNksUU_o0MNoo6ARzTy2STvXxYJEkaUakC40xw67lZysnAIePCMjSOmyJ5l8pbJjnoxQKwKNv3nQkrASeErzEYyxN-CDHRq0_uoHbNegOyYy9YZ5hnjZQjRFv-C0_rUI0kqGzgCT8djnIDE77aLk-jtcW0lRqDuZR82SflxKy3ZuMFHfcddrzxHcHa_2DL34szgYpUkNVIZTUh5LosGqlCsziVRItJ3IS-CSOxz_5noEYECenDxJOjUdQcR5xmDZIjDEteNcWVrR1JzHK2E2HCT7oPB2FJ4jMlFgUjqmJbh9_U-IP5s60cVeoLewjp4edF70o3Cazh1OeZgfccWXTemR4ijpTXV4nhPP1VC3-dljI5iT1ZHk-NZVdsrRGyiMvmioOurU84vb56Nyhi8RiNC0XQjZgI413lksCQsTMGgyOIaymvZAv9f_raX64ZiQdWDbIqPUOcaWsapXiZgqdVNxepHTsVX3hvHTCx5gyZewU78XVQK-gVMBOPmF_P9DKuangNn1Yit2T0ZmkNIWbJYXhQWW0AM-yYDakSAxt-I7RyE2T5sgFr7-2oLV3p1PU3Kpd_UN9zEhHkEHW-yzm67T-bxWWfNRzLfa1Rd2HMw1ipViErxqDYICDvV5kD73ZJKFxQDbMxaA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C79 42 B
64 B 144ms
144ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpLka8LT7CK26nhaClV2U5_wNlfjf8GIxRzUdrke_m3jp1tFQAFct8XnbJuK5dd_PL8JRimrgftDpKSPR0NZzJg658fpTPimvJowiDDni3uShCPVPID-jiBLcO&sai=AMfl-YTNZT2Uh5voMcyfiIfIzfYELUe0jRTC6AiEI6tEfSDUmjB9n35X_e8B5VaJJB7TdiipPXUcghzvJsrBY0bncwY7Y7x17Fk9JQ7p8AFdVQQUFlavkq2bfVC9o3SkdrnL7K1AfuZaTQpeZgjBDxah&sig=Cg0ArKJSzCf0d8_AiexHEAE&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3134511214&rs=4&la=0&cr=0&vs=4&r=v&rst=1673604284627&rpt=712&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 592D 42 B
64 B 145ms
144ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsts6pl_7Z1SxRzE3LeT-rs0KF73U9UJ991h4zEetRww-L6hLl2EGJbbqDSHGvnuI16T9apL-lUKdLk7ss_-LfPGkVjcTm2fIhZe09fZi_osypmw2FGocNhO9y49gIG6jKHX6hvOkA&sai=AMfl-YQhOOgV7hCK9q-j7Lop90E4ste46XSNmEyfEGoCDFXN9w-F0S7fiV17JGFgKETFHbQ2CcZaUimJbRdCOp5xmPSVazQVZb3nhIXonsmAVvKJ-wqBpswVNipabTJk_DlZ1VLjbPGr-KMoj0cxxHBQ&sig=Cg0ArKJSzCVBVGkquCGREAE&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&id=lidar2&mcvt=1000&p=578,444,618,485&mtos=1000,1000,1000,1000,1173&tos=1000,0,0,0,173&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3632821694&rs=4&la=0&cr=0&vs=4&r=v&rst=1673604284622&rpt=676&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 600D 42 B
64 B 146ms
146ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZGDLO3E_IdiiEEvxQbBaCzSgduzFofJ8Y-SPMRueQWDu-vc_WAvq6EsSAgtCqDVlvna_3usWDEP1cnYqQHTLIH443yes6WLNe4Ls1jsCa3w9kZBH3Ahj18sOi9bOMvzRkIqvLwg&sai=AMfl-YQYNSBX6iMVgJLSlLFTUpnBe-3-n6QeyQmhyFp-tWNLOumYWfqqRRWNxsprlmfTfMJv46p7o8mOGSdtSa0BOGmJuGiTq8cZVbHc1_H7Z8jt4EBtB4G3KK6_jhHeQeYsRNL91G8-v-usaUzxbK17&sig=Cg0ArKJSzCZ3LW4RGSNdEAE&cid=CAQSTADq26N9bCtMAnCLjkoaeQ8d1i0VMAGGiliv8lMcv1kpWm5MGlz_f6fX0MO6sUdIX3nX3T-Ow9tPuLXG-Wb7s25N3Qu62Kv4aiJ1l8wYASAT&id=lidar2&mcvt=1015&p=578,1234,618,1275&mtos=1015,1015,1015,1015,1117&tos=1015,0,0,0,102&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=345495185&rs=4&la=0&cr=0&vs=4&r=v&rst=1673604284630&rpt=761&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C79 0
20 B 139ms
138ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8456619629459&version=m202209210101&ct=76&x=1&cor=8740959834475601000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 592D 0
20 B 139ms
139ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3712257991793&version=m202209210101&ct=76&x=1&cor=12078184435898747000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 600D 0
20 B 141ms
141ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3420153940842&version=m202209210101&ct=76&x=1&cor=4209687574788538000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 00C8 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:17:48 GMT

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 36DB 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 15:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 15:17:48 GMT

POST
H/1.1 200
OK VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 10 KB
5 KB 71ms
71ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1673604287182&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1493&pt=1823294803&tz=0&viewable=true&ddast=V7rl8CFgOAlc60ad0O4QSAlc60ad0O4QUAAAAGBvQHJGSZGHYzk8MtMS1mbtFkMnIrnIuFWznaDZfL3cLj2M2MQEKWiWE3MzncEtNi5hZNJiO3wrlYuJWj3XC53C08jt3MCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bMtB0Onyue73qbLo8PK_LzWn32TV-t18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAUBwY8jcdXXaL6_Iz6C0GkctyED1cF5flHwAAAAAgAAAAACQAA4bfJQAUXZMn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0NOdL6wV8oZQ0QFukWMAAAAAHKrN0ePJnVCZVH1___fbwVwBQAQUKhqudubpTso8RYGAAAAMLZAD4vfb3bYNX63y_7_________zf7P_tGEirhS0oJEKPbUfgEBANZ-AQEA2MYNAOBNAC7oCFoxGKwugQabzWQxWw1nBwAAAHD3____rwcizpFjNBltHKuVYzfZzVwe22g2mw2XC5vJ5Nw4tvfg4kUVy60W3RciLLPfd1BQTk-P2WUQFV1vi93hNHsO4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzFYDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEQYWI5drNHK5dZvNai2aOQdr4WzkcKsGi5lrZBnZhguPW_T6mB4Wh8WymXhRMABlL5KnRTrR2Jy71czi2uwWC-PGudtNhrvVbLEYjhwTh283soglmpNFOpFd9hXnyDGajDaO1cqxm-xmLo9tNJvNhsuFzWRybhz7wmLkco1GLrdus1mtRTPnYC2cjRxu1WAxc40sI9tw4XGLXh_Tw-KwWDYTf2O228wGo8lws2_MdpvZYDQZbvYdJtMz9TkbxbWcxCOTGpPRqeHmMChcBov3JzEtpt3ZwfP7HZ069UtZ1Bn9fr_f7_f7_X6_36D1HMwGhe86jmnHJZlFW67dDmKDQRFLBBfpRHU2XR6e1-XmVp1Nl4fndblZxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR__Ehhqu5ZLGZK1aruWK2WSUAAAAAAAAAgCXMmTcBAAAAOA1ks1hsVus8iM1mNNutlgsAET-vCwAAAAAAAACwi14UNm6ll2pX3PjxRJ1Nl4fndbm5VWfT5eF5XW5WBoCIZ2fe_Jkg1mq1rAEAAASwAQAAArh18xYQZsX_____xwEAAMjI0QMAANDvA1WZmJmZmZnxE-RgtRw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=1334675&dpubid=231135&abtst=Noappq22_vB!smbs!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.9.8/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 39b827c0673492c2624c1fb101bd81bb38017b274cf20c0ea8f862c4c7b3bd77

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

Expires: Sat, 26 Jul 1997 05:00:00 GMT
Date: Fri, 13 Jan 2023 10:04:47 GMT
Content-Encoding: gzip
Via: 1.1 varnish
MachineId: 1401
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-hhn-etou8220035-HHN
Pragma: no-cache
Server: nginx
X-Timer: S1673604287.189223,VS0,VE64
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Link: <http://{"userSync">; rel=preconnect,<http://{"adUnit">; rel=preconnect
X-Cache-Hits: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 23ms
22ms XHR
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v14.9.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:46 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://ultrasurfing.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 avjp Show response
taboola-d.openx.net/v/1.0/ 106 B
170 B 43ms
42ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fultrasurfing.com&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1673604287269&gdpr_consent=&gdpr=1&us_privacy=1---&schain=1.0%2C1!taboola.com%2C1110515%2C1%2C-842785765%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A700%2C%22h%22%3A393%2C%22skippable%22%3Atrue%2C%22protocol%22%3A6%2C%22mimes%22%3A%5B%22video%2Fmp4%22%5D%7D%7D%5D%7D&auid=543963954&vwd=700&vht=393&vos=101
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v14.9.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 10:04:47 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://ultrasurfing.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 10ms
10ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 31ms
30ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 11ms
11ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 15ms
15ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:48 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame C15B 0
210 B 164ms
9ms Ping
text/plain 213.254.244.23
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=bd4567eae74b45479fc5b0ef5bb66997&flavor=0&gdpr=%24%7BGDPR%7D&gdpr_consent=%24%7BGDPR_CONSENT_126%7D&vdur=174&eoid=14&msrjs=3398&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=55&tetms=10&msltms=19&vltms=174&sei=292&vetms=67&engms=1&engisel=1&msrcanlm=712&msrcannum=7&ismms=51&isumms=50&nvr=6&elmtp=3&isbxdms=2351&b11=2585&adhgt=131&adwdth=390&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&lftb=2585&sftb=2585&msrdp=2&naral=64&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=933&isuiabvms=933&ispmxpms=933&iscvmvms=933&engalms=48&engscrlms=58&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=1&metp=1&meeid=1&ttfurm=3279&cbust=1673604288376474
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3398.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.23 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 13 Jan 2023 10:04:48 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 01/12/2023 10:04:48

POST
H/1.1 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
207 B 699ms
699ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/32_4_7/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: http://ultrasurfing.com
Date: Fri, 13 Jan 2023 10:04:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 1

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 27ms
27ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:50 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 11ms
11ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:50 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 9ms
9ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:50 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 track
servt.vidcrunch.com/ Frame 96A9 0
93 B 115ms
115ms Ping
text/plain 52.21.65.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.vidcrunch.com/track?d=Chrome&cou=DE&cos=Windows&r=ultrasurfing.com&rs=ultrasurfing.com&sid=99354&t=1673604283&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=109.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=62da3b626cdcbb44f25d16d3&test=1&d64=787475968fc7da9efeb3ec9fb2ae212c&d63=787475968fc7da9efeb3ec9fb2ae212c&aafaid=&proto=http&uid=7e3caf6bbb9a201fb39da9d2aa855e31&cha=0.7&stagid=&stplid=&d35=&d36=6.2.73&cb=10978493108&d39=&d65=&d66=8.2.7&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.2.7&stagid=&stplid=&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62da3b626cdcbb44f25d16d3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.65.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-65-105.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 13 Jan 2023 10:04:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
157 B 52ms
51ms XHR
text/plain 3.67.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.96.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-96-91.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ultrasurfing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://ultrasurfing.com
date: Fri, 13 Jan 2023 10:04:50 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.vidcrunch.com
URL: https://cdn.vidcrunch.com/integrations/62df7d0fd29282460c39aff8/62df7da6d292823c0039affb/d6932a57bc3c672a0b73ae0d14418d3e.mp4?channelId=62df7c7bac65d13f1813cc8e&veid=8d07283d1601710af947f7fb0b55d51d

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

420 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
perzua.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qjqio4d039fpbdovqd78n0obdk
ultrasurfing.com/	1970-01-20 17:39:00	Name: _uc_referrer Value: direct
ultrasurfing.com/	1970-01-20 09:36:36	Name: _pbjs_userid_consent_data Value: 3524755945110770
.prebid.a-mo.net/	1970-01-20 17:39:00	Name: __amc Value: 1_1673604282_1673604282
.rubiconproject.com/	1970-01-20 17:39:00	Name: khaos Value: LCUCS1CR-F-HYY8
.rubiconproject.com/	1970-01-20 17:39:00	Name: audit Value: 1\|naVuGyos1qr+s1rFBfU2Hz5APvdogVCbaTd6KyMQnaub55ZO9yeiczmGVnGQxSJT9o4CW9FCQy2O1cY3TuAeAeBxGCOXoSK1qthgj1jQEsHc6UO785F0Pw==
.ultrasurfing.com/	1970-01-20 18:29:24	Name: _ga Value: GA1.2.1137194237.1673604283
.ultrasurfing.com/	1970-01-20 08:54:50	Name: _gid Value: GA1.2.748575417.1673604283
.ultrasurfing.com/	1970-01-20 08:53:24	Name: _gat_gtag_UA_105623949_1 Value: 1
p2.gcprivacy.com/	1970-01-20 11:03:00	Name: gcid Value: 04ec03cc-602a-41f9-bdf1-7e3ed1b0d1e5
ultrasurfing.com/	1970-01-20 11:03:00	Name: gcid_first Value: 04ec03cc-602a-41f9-bdf1-7e3ed1b0d1e5
ultrasurfing.com/	1970-01-20 17:39:00	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D01de54de-7335-4f90-86da-501f5d2d68ac-tuctabab23b
ultrasurfing.com/	1970-01-20 08:53:27	Name: _lr_retry_request Value: true
ultrasurfing.com/	1970-01-20 09:36:36	Name: _lr_env_src_ats Value: false
.ultrasurfing.com/	1970-01-20 18:15:00	Name: cto_bundle Value: MtEU4l85d2g0MVJoJTJGMHVqeGRpVW9GSlJicUY3OWFUWGFIVkRseEFadmcweHhUeERsbzd3TTRMVTJ6aVJjVzlZR1FjRUNtVFZaOEZZczhEcHEybXhob1NZcDVvMnMlMkJGWnYlMkJiS1VUYUZYc0t3V3daT0QydEZyVktNSFo0dlFBRWgwYThJaQ
.ultrasurfing.com/	1970-01-20 18:15:00	Name: cto_bidid Value: JuT2EV8xZXNiM3pZTWlkcWJzSlJpekxjdUFNRlpJb2xGYUt3Z3p4RDNJTnNZT1VJNTlQUkdQJTJGT1AlMkZXVTgyaGlMOERoMlF0ZUtXSDhuclVhb1FMaWhKcnBYTHclM0QlM0Q
.liadm.com/	1970-01-20 18:29:24	Name: lidid Value: 0123be41-86a1-402b-bd34-6acfe954a0b8
ultrasurfing.com/	1970-01-20 08:54:50	Name: pbjs_li_nonid Value: %7B%7D
.neodatagroup.com/	1970-01-20 09:15:00	Name: cProfile Value: AQMLVS1+3AWTAAAAAAAEAAABhb8wL24AB2RlZmF1bHQ=
.neodatagroup.com/	1970-01-20 17:39:00	Name: cP Value: ARMDC1UtftwFkwAAAAABqZ6d
.neodatagroup.com/	1970-01-20 17:39:00	Name: cOptout Value: 0\|yocToken:Wu4-Judf2MyC94bZ6emx8oT90o4
.doubleclick.net/	1970-01-20 18:15:00	Name: IDE Value: AHWqTUmnJEx4jbZj00J9HB8NEb7-C2U3R8D_dNlTiIh5dOKZ4M66LWYmYYSUe5_7M5Q
.ultrasurfing.com/	1970-01-20 18:15:00	Name: __gads Value: ID=deb45e4c90139b33:T=1673604283:S=ALNI_MamNHZ3bN5-h_NAlemDprhPznvbLg
.ultrasurfing.com/	1970-01-20 18:15:00	Name: __gpi Value: UID=00000ba1fe2a3286:T=1673604283:RT=1673604283:S=ALNI_MbeXuJ6IT4irXtxo_SSLUTlHI92Ag
.yahoo.com/	1970-01-20 17:39:21	Name: A3 Value: d=AQABBLwswWMCEAHdSW_HIZxY7Y3zLkHJn3UFEgEBAQF-wmPLYwAAAAAA_eMAAA&S=AQAAAuY7rlchXcHyBrLOljMxcWw
.neodatagroup.com/	1970-01-20 17:39:00	Name: tr Value: loCAwIGjREJNzmPCfjyAgtoAKzMwYjU1MmQ3ZWRjMDU5M19DQUVTRUdScnFGcTd3Rjk5dFVfaWNBRXNjcFXOY8EsvNoANDMwYjU1MmQ3ZWRjMDU5M19lOTdiZGFiYi04NmY5LTQzZDUtYjg3Ny0xMGEzODRlYWJhZGXOY8EsvA==
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:39:00	Name: bcookie Value: "v=2&c8fc49f5-d700-4967-8fbb-77cb988d6d7b"
.linkedin.com/	1970-01-20 13:12:36	Name: li_gc Value: MTswOzE2NzM2MDQyODQ7MjswMjGwZwemEtpZTOTDaiYMqvqt9V8TvRKEx6Lz4Jlik5wIzQ==
.linkedin.com/	1970-01-20 08:54:50	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2813:u=1:x=1:i=1673604284:t=1673690684:v=2:sig=AQF-zUNlqEZk7XvLTEWXUdHd8RIsfqlM"
.casalemedia.com/	1970-01-20 17:39:00	Name: CMID Value: Y8EsvW39OM.WPrIXM-V5LAAA
.casalemedia.com/	1970-01-20 11:03:00	Name: CMPS Value: 3178
.casalemedia.com/	1970-01-20 11:03:00	Name: CMPRO Value: 3178
.adnxs.com/	1970-01-20 11:03:00	Name: uuid2 Value: 3507149144286663144
.adnxs.com/	1970-01-20 11:03:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilh?x/5G!@wnfH8K6pQK`!5=E<L5?%M5h.Bl4gm.3i2R?K:6%`=:j5bLTC#!0KUCi=_%nugO%v4VB%nnWb0vu$
m.exactag.com/	1970-01-20 11:03:00	Name: exactag_new_gk Value: 295caeffda84478c8066714a029964bd%7c14.03.2023+10%3a04%3a45
m.exactag.com/	1970-01-20 13:12:36	Name: exactag_new_uk Value: 5e3f1c65a7194961ab03da28d81a4946%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 0897a8f8f43d4edbac835fa0
.adform.net/	1970-01-20 09:38:02	Name: C Value: 1
.demdex.net/	1970-01-20 13:12:36	Name: demdex Value: 38149459216634537721969717306792166860
.adform.net/	1970-01-20 10:19:48	Name: uid Value: 7930109008555167239
.skydeutschland.demdex.net/	1970-01-20 13:12:36	Name: skydeutschland Value: 38149459216634537721969717306792166860

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://ultrasurfing.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'http://ultrasurfing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
api.rlcdn.com
at.teads.tv
b7bd4f76417291a43abc3a775e95e2e4.safeframe.googlesyndication.com
bcp.crwdcntrl.net
brightcombid.marphezis.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.neodatagroup.com
c2shb.pubgw.yahoo.com
cat2.hbwrapper.com
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidcrunch.com
cdnjs.cloudflare.com
cds.taboola.com
clients1.google.com
cloudflare.com
cm.g.doubleclick.net
cse.google.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
increaserev.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
m.exactag.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
perzua.com
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
px.ads.linkedin.com
rebrand.ly
rt.nanoook.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
serv.vidcrunch.com
servt.vidcrunch.com
skydeutschland.demdex.net
static.adsafeprotected.com
stats.g.doubleclick.net
taboola-d.openx.net
taboola-supply-partners.tremorhub.com
tag.1rx.io
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tra.neodatagroup.com
track.adform.net
track1.avplayer.com
tracker.neodatagroup.com
trc-events.taboola.com
trc.taboola.com
ultrasurfing.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.youronlinechoices.com
x.bidswitch.net
api.rlcdn.com
cdn.vidcrunch.com
104.109.78.125
104.111.217.42
104.18.33.19
13.32.27.125
13.32.28.197
13.32.28.235
141.226.228.48
141.226.230.50
142.250.186.34
142.250.201.198
143.204.215.108
146.190.197.183
147.75.85.234
151.101.1.44
151.101.129.44
151.101.193.44
151.101.65.44
162.19.138.116
162.19.138.117
178.250.2.146
185.80.39.216
185.86.138.32
20.73.234.141
2001:41d0:701:1000::2fb3
209.54.182.161
213.19.147.42
213.254.244.23
23.206.210.112
2600:1901:0:8344::
2600:1f18:612b:4216:59f0:7d1c:f2a3:a394
2600:9000:214f:9c00:8:48e:53c0:93a1
2602:803:c003:200::21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3456
2606:4700:10::ac43:17ea
2606:4700:20::681a:17e
2606:4700:20::681a:b19
2606:4700::6810:5814
2606:4700::6810:84e5
2606:4700::6811:190e
2606:4700:e4::ac40:a70f
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9c
2a00:1450:400d:802::200e
2a00:1450:400d:808::200e
2a02:2638:1::13
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:c::5c7b:6822
2a02:26f0:6c00::210:ba11
2a04:4e42:600::300
2a05:d018:d29:3601:4379:fd12:b154:f230
2a0c:5c81:5142::2
3.17.238.34
3.234.22.15
3.67.96.91
34.107.148.139
34.201.81.14
34.231.246.225
34.233.111.211
34.246.29.69
34.247.10.3
35.157.198.68
35.157.246.167
35.244.159.8
35.71.131.137
37.157.5.141
37.252.171.53
40.85.112.191
44.240.138.76
51.89.9.252
52.21.65.105
52.50.218.77
52.57.191.85
52.58.228.255
52.6.251.183
52.95.125.22
54.171.141.116
54.208.31.55
63.34.39.251
65.9.66.104
68.183.18.251
69.173.144.138
69.173.144.139
72.251.249.9
8.248.147.250
85.14.248.72
96.16.141.156
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0411d6faf719dd6fc3fc61c485cfdf82054a496e45e763c195434ea3ce0d45bf
04ac05ff740a33f2b36e77b2231d65dcf8947b15dbd68e717385233c1f63deb1
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
0b1339f0a7868e89be68636a35d678bafbb77aacd2b5e30b3242e702f0c4cc11
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d4c520d8d19c54f542db4edba9c0f2e40fb4ba83d6cbe964cc2ae2f6728602e
0fc00bc1d6d00f49fbb4a55bc78eb5c2ca2f19b22df05770f7d671d389d96035
10c004cd108fbe07488bed216ec6a06b852a5f245e3e6b8d8ce796a3d3868746
10ffc9c8622b64e687b3fe01262c01e15753c405fe03f70eea9b5ed9adb2685c
110b9e23cefb6986802408fec5a6e7423d89daf3298a15c994442853b211a160
12529dba98253a6038fe210eb7ecbea19a3d0afc00ccbe55d206b97b2f59efa2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1319543bd5718c8d67a80c8067f5cf89af4cde765705ee7aaa5dcea4fb68a5b3
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
142a6053029920f241444db9a850efc5f42283ff1cf9f13b069c504d8767f5fd
164bfdc8f24653e4dc3ae0089d8478da02a14c793a58e88608a0f24f59140c6e
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a9932bc9e169e3f42cf782e33f879d6f2108c28bd924bf01ce1bcabe6889683
1b9bc9c5d136e5e10a89c8902b5c6540cd738265af675ed3e3984e28c0c14f02
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1dc07516bb84363b41feac92819797ac2ed7c96947da75379100a309da766be4
1f6535f49cac94e0bbad2c7623a8e2431e8eb1e88bf699c96107325a3481d608
229c8c25f954a6b55c9520ce23dc578cd7693c6f9e65cb8a9345a532f14b62c5
22f04b0177cbb9f714773bda5d775e3d75bb4b8d9f339b5d7ef99e492f8cebd8
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
2717f02743430fdd34803a59bb281e76db5dfd3de1a4c93c4219e6748ac5d078
2965c9069f4f0cb213cec2572fda6ac3f8af342c67a0cd7888e9cbf05cb08ee8
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2fdf9682702b4c3c32938c5cc157c0ab6de91d53e8845743a9131a98f63a76a2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
360324b544410bf26fa483d58f96fe45341c69bfd2c3a98659862f34f23fbd97
3733f460c32545586fef09f3f8f0e2b915bf7d5f05bdfc643b1bd3349c1b94bf
375afb6a3c2719f1a86bd2dfe8dca46f101e834f2a7f4661db0c2425cbbf7a9a
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39b827c0673492c2624c1fb101bd81bb38017b274cf20c0ea8f862c4c7b3bd77
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3b41947d8ae9cd7eda97d79a9484ee4b7137353df9be94e4faa92d04e92c7a96
3b5cbe29557afdf2bc005a0b2c36ebc127fd788e43b75937a83887d5864cf42b
3b809ae8b76cc613028f1b689c184045b1b9b954c5b6dd43c3ba0f20dc876332
3ba4f669cda9b80982f2fb80790ce9ea75fcf828757af9cde491027872e0b0ef
3c196d056187fc1361d384c515c63643091d40949d8b0975556e9830468674c0
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f2192c4428f3769f43f65add5d19b70450f59435a8b1f321d174d825e235259
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d6ee9c403c5d3c4c473c930ffa509261a6c1d121eb5e1a7d5dba2e06a91106
4221598043d8b7959428615c31872bfa9ca218cb00b49404b1bf22d316664573
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
44874a36d2dea46c11509d3c1a12dcf541caf1f5347a33b638f4fc78432bc77c
4565a34b0fba23d7b5b6a6471db6b633624f13f40723acda33cc310d1f4e3515
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47ea77337f59f7b2f79f09b190d8c7654f2696b1b976d2f46947c9d48fbd00a2
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
4b0acb5b956e0838f74b55d4693710c5f2f5fb43d6ad98609eb2882ad7df92eb
4b350c06f4e2a82525846479b05b16e4d19435eb8a3f768f35f56a43476c790b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c38b1e93286684bfb817e7e90a8a5d4212e601cbc789fc4f8736745009e8ee0
4cc961613182e754b988b863e0c5c8a9adbe647ff38babaf520af0816fb4f628
4ec439b6e683200fac65cb880cbd01488a49a6d586176e5f58dc40837a17d3e2
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e2bbf14f8c2ce0f6369b672e797b6b37b09cb6e26e77027de648e73a0049f2
523b6ab0ff376b4f689627a104d831fcbf06973d6a8727cfa1b23922470753aa
5472ccccef98f1e425838285ff718b61db349a86aa6be607d451b24a25b382de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55be7604acc1e84957fea4612a7ca432120d6751898ccf3d4347f101d932969a
5a03b8e750e702131b8084c3dd6f3b4e116cd6373a60c77f6b6245fd8b512e88
5a03bc6f8a4016dbc7a0ae2347008521083839f5076118ac7789fc3cd9071458
5d1fdf690f6b1d5864513aebf6296ae49b610c73eeadd58454834d3a48ceffc3
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
601b262350b862c48dd8d4be9cae1cf7f316e52e6bbeb0b9f09a475656685e16
612af3e3b9f79a1b37a32192706a9b4cc905624ef983f9b788714802b171ea98
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620d60ef4234245c75c86066dc3f4a3226e02f59e04ff35fbcc3ad0227ad1054
656e9f7414af48519ee7d05954f6fc451e6c90bafd92cc9f4f2f73f4eb687e72
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a0282278e1fd513986e1186dd42fa7a658f69d1d624a0f5d3a89ccefa3421d9
6b4f36445f7e45774c199118fa06c0e6d65e9074d79ccad2df31fd6c904eb70a
6bedc034c7f747bb99901e544c6a00cd3aac0dd2257ba1e2fcabfcabcecbf80b
6c648469fa3b96b929523f5e66122513c5103c85b2b1759eef6a6db3f9fc406b
6ee37cf33fcc2b045ce82c93e6e85ac96ef93fffe66330b58d30f4b223e2eb54
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
772c81becaa9b251345a3d51932d166eb6c8bf2d1973ddecead1a4dbc7e0c450
7bc3dd9bce98eb79be5ff2549d86ac9a0b367955f507da9c09bc10cadcfa0cd2
7c308f9804358119c061f644f79d79a30db9dd052957401cb96bdb27ede5ebbd
7dbbf2b9885e84d05df0a819b3da15498bc90ed45c1de4c388ed5fec4541b85a
81f956a5201477197f85f87f7a3faf16c4c87d3cac75160959ab5fdfb25a0da8
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
881e68a1be2fdf07336ba6a2e352ab94642e6d712de190d36ed4f7fec3fe9ed4
88264ca8685f257c330793cbeec0ded2b8041d3b8cf7b20a16fbacd3f12749e4
89c3219b5aadafa3751338b7cd1f4818fd8fdae6cd4b941a3c34053fa9f6147c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
925c6baa3373bdbc18eaa1f62dac9de57184080f5d6ef2e9335525819ea537a7
933cae93ea528eac796f1595c228942593a262046126019a2833b485c9e7ab51
93b48abe5054107a01d176b16197268ae60b5cc7ce2ee5194bdeb88877141608
9409e8b88b7880640f02eb872b435e71ad5d79931e42cb675d098f78ee16be03
940a84f26893616e92f88def62cdd53af0f0402466ed677ae9fe9c9cb3630c86
962e14591b1134c488280aa7935148272b1c8efbd0fc00c31146138b4b42d226
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a2ee8041b7fe9c34a7914ae4a5d1025ab5ff8a239fe7e901057c8807eb3fd27
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9d83d4dbe0b8672cc931faba52f00710d9bd06031eb8aba02688984ef83f15b1
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9e3efd08dba0217aa3e2159eaa10635cea1ea363d6dd3f610b8ce9d5c4f18ab9
9e71cbb95000c2f801d05af833ac781b93fdc22d2e52495f7916af50590772f0
9eb7047c070184de27786497fc9be581ae23f3d0e94b503a278960c6129bac97
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a27a70d36db8fc5b5807cfd9083e761b59a3b195d431e64d32600da202f848ea
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a3f6995da1355f918b6b6b1801d4df9aca02bdb7f3f20c088812e2ca2fc1d1cf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7116d3fc8539c2a328a35bd9e052b2b06aa56cefbc5a58b23ecd30ce2d3cf10
a7dc68dd02e94a30a906bea6195c08db6dbb3d11a874bc3079efe1d02f2bac7f
a800c59c07101ac9e787ae10eb5d6a7124dd006d97db2ceae985a85488062556
a8565a0aa214e2ecf8ad9dba771e98012ce6303a370e05806269a1c220a0fd0b
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab32357046cf4a9d0ac14bb34f9495c42cf3589a0d126536c95ae866abd79a0b
ab6cb54388c572a1ac43e9cb6dd252aa014b24247b9a8baffea37bad795b75c7
ac82b0a0b7b97b8f77ae7168e76cb259c67adae4af7fbcdc346c846be4771af3
adab914d0e24225ab3a62d129f19a6f98ee5975f50cb99c0570848fef923034b
adf7145f1926c01c729e14e440f05b0ac8dd601c6334304781cab462db43e312
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b2bea2da9803c4ecc5861d210f88a8550399fa316e9a1d2e3e89c7319f5bbbfc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4d8ddbb8c85435a6f5cac32b71825b90fa59573b435a13cfe46015c293647f4
b4de61a022748c27fefb0b30a3175cd1e85f99fa89f084aa2a4425ca7d2e51a4
b4ebfe4996c241c46d8df13c0bf8bda4c9c9474d2a0f8caefaf46a65b2d5b711
b68157994bf47f98c0172d69cc964c44b61e4720ebd1392c4668695fc7db6f98
b6e97e9479fac90f30c5b1ee46a708056f8e4849796b07e84153c02740b8fe1b
b779b101713a30c179e06ebbd8d604cf0ecd0d1ee9fac8c93d66d239a2d9bfd4
b7b6fba60b8046a1d7c44ca9e7bc49d84cf6d1ba716dbd41137b6e43198a7c30
b874d9e2188a03080bf7363156b49d6384f320e851d60f80fed69c6f7bdcc9cf
b9723e2c421a7bdb0ec3676aa44550477c42275a45a7b6538b4794377fa33d05
baed14923754089f4780d01a03c5efa808af6d05df7aee101950a8fcef3533f9
bb0436a3823652ccb1a84b49da006524b9a0f7b276eefabcc1e6e6e252dc1fc8
bb55ccd5d6949930e396e3d7f56b6a83a191b050f3f9d5a2b9012a20d8079934
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bf2a18daa1214d848d8072b110ba113267018828bdfcd00c4e550a8c30696d63
c15a2ff03a859e1574e11e5e3b1388a733b605517d74ab01d1008e3fa3d9624d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4f4f7abc075685b0640b41b4028e011d18961af0f7382732140570334779f36
c547827a0f62a339254958c2a6812b51901c9b5fe22a93f7999cc1ea13d54373
c6a324c347a2b1da80673d4c690958c3a8701de379bc47729e0e117c01ef5956
c8537ab24a2b12ef310a6fde3c8b89167f53d0443e1f6b033c63e762608644a8
cc35271f4d6929d4d3c58f44bfa3551bf77ad7eb7b9ac2956ffaa2a9b9cad7e6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdf10f2d2c2627b33f59c5110c744cc586c01cc00616a689c81b818255de09b5
ce51b9218e28d519579023ff4be76644ca7485f5caaf2ec0cfbe27fbb9f39ffa
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d0b4f54a6680c6e605a9f513a1422e26b86f05b4df86aced7e375931c09defa8
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d139a3123fa35132cf39e48e4be2b81efde52467d5a8b0b1d96a4f8939314521
d1d0bcc4ebfb3f326f655d27586ea79f39448ca371dfd90815f187e4d716f2e9
d461b271a4d32cb22d2f5fbe661805ce5b9d572cdf2ecb955c6ba724b7ebf7de
d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4
d85d0459c46d9294e669012076dba06a2a8b72b0d1c1e26d75db954f2ebd0473
db5249b0b99f2ca1523758ca370e57da03bf66d58a18d33c184c599569f6ca0c
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddfee9200555b6719a59963646bdade89d1cb916d0b21bb6007d5ca811cce634
de314b6adaf3911dbb0b0fcda036b07fa8a0e72001b30a1f609d98e380b2b970
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb8457c6a6b0c1c904c8d4d4eafdf48e9d5e79210cc16bbde6c9da18913b4a7
e06a2540df8bea590ae6ca668ed0c32bef14e2aff46d02c96df75240794d792f
e1126a799c2e8d267e500237f8f80fc11d030de9c9c67b90d58128d43d871826
e2b246cb9bcf9bb679ace443ffddf7a15ef8602452b7a04f5c349a6a2ef9efb8
e2e407adcd1f1f76232a2feab4dd7f8cfab656a21e923ddeb41c3ed667faa725
e334dadd70bad07e8e12bfeebcc80ff470c40cafd2547d04e36b62dfc15af6de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e7adcb55d6c44e946b0de735cc6a3e2cc7c4441d7e99a6c6f9fd0b9650e89ea2
ea301085792009cad7c8a2246153ddfd1641557273cb34add7e148fd2c9846fd
eadbd049915066c846e0a3c6a194dfb217f069ec51c9fa4a0b88bdd53ec37e6b
ed2d6e6992f596765b9ef95a2deebe7a9cf2afb748e9aa5b40987c596b051462
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f074718599bf34f5103586ec36cb32499b2cd3f313bb837a63ae956da2564668
f08b3879fc4774e8de86c3f69c442f79dc1b6c239a343ef0c0fbb36fc921736b
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1d8daa45f6def59168f1d04c9f1adf8b499548ecdc5b5c1f3c65c1bd9dcb68c
f29d6a15dad119f952895a5e28b31ac92fb281d0da77d4beb056cbe74f3a5ece
f3beb329b4e2bd948ff9b1ec4baf9b1d3c7f2f12fcfe7847812d0e4f5aa2f596
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
f4caf64c71b5db98ec08e7c0f7321eab4cdd0f6684b4d98a7b2a30c3a07fe174
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7ca215de2eac1722a2ed14725316cad18214a4f41f8475e2aae2481b42ca5c9
f8e8aeab6fd022f5637f3d0362fc13beca6ac3ea036e128d0c2ced1aa80c20b8
f94b99e126b3c8acd070cc337dfa76d8f836bf5d0b8e9a36ebf6a182ea9fd481
fb9162834da3e61ea87d35c4e461db27a7e78fe51dd0e9a779898f332ffd3f6a
fd236f676bfe5a8f6aa6458beab29a81318e998ad0b24b826d89b08590d8534f

ultrasurfing.com Open in urlscan Pro 2606:4700:e4::ac40:a70f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

385 Requests

81 %HTTPS

39 %IPv6

62 Domains

112 Subdomains

95 IPs

10 Countries

11739 kBTransfer

19160 kBSize

42 Cookies

52 Outgoing links

Page URL History

Redirected requests

385 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ultrasurfing.com Open in urlscan Pro
2606:4700:e4::ac40:a70f Public Scan

Screenshot
Live screenshot

Full Image

385
Requests

81 %
HTTPS

39 %
IPv6

62
Domains

112
Subdomains

95
IPs

10
Countries

11739 kB
Transfer

19160 kB
Size

42
Cookies

385 HTTP transactions
3 data transactions