home2.ultrasurfing.com Open in urlscan Pro
184.105.237.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://home2.ultrasurfing.com/
Submission Tags: falconsandbox
Submission: On July 16 via api (July 16th 2021, 10:44:50 pm UTC) from US

Summary HTTP 375 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 64 IPs in 11 countries across 47 domains to perform 375 HTTP transactions. The main IP is 184.105.237.132, located in United States and belongs to . The main domain is home2.ultrasurfing.com.

This is the only time home2.ultrasurfing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	184.105.237.132 184.105.237.132	() ()
11	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:1000:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
57	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 11	2a00:1450:400... 2a00:1450:4001:82f::2004	() ()
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:5a00:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:20e... 2600:9000:20eb:5800:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 3	13.224.96.53 13.224.96.53	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
5	52.42.241.136 52.42.241.136	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:20e... 2600:9000:20eb:3000:1e:efeb:b400:93a1	16509 (AMAZON-02) (AMAZON-02)
7	3.235.208.250 3.235.208.250	14618 (AMAZON-AES) (AMAZON-AES)
1	54.205.103.27 54.205.103.27	14618 (AMAZON-AES) (AMAZON-AES)
2 19	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	52.59.160.25 52.59.160.25	16509 (AMAZON-02) (AMAZON-02)
3 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
5 5	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 5	3.121.66.166 3.121.66.166	16509 (AMAZON-02) (AMAZON-02)
2 2	52.28.38.50 52.28.38.50	16509 (AMAZON-02) (AMAZON-02)
1	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
8	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
3 3	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
22 53	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
3 6	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
5 5	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
10 20	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
15	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 2	18.134.84.22 18.134.84.22	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
9	52.46.133.124 52.46.133.124	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	139.162.84.221 139.162.84.221	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	3.121.49.210 3.121.49.210	() ()
2 2	88.212.252.2 88.212.252.2	7979 (SERVERS-COM) (SERVERS-COM)
1	52.21.23.66 52.21.23.66	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2012	15169 (GOOGLE) (GOOGLE)
1	142.250.181.242 142.250.181.242	15169 (GOOGLE) (GOOGLE)
375	64

13 184.105.237.132 (United States)

ASN- ()

home2.ultrasurfing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:1000:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 3 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5a00:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:5800:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.53 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-53.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.42.241.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-241-136.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Bruggen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bb63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:3000:1e:efeb:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)

content1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.235.208.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-208-250.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.103.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-103-27.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-160-25.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.125 (United States) 5 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.121.66.166 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-66-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.38.50 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-38-50.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.35.65 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 184.30.21.112 (Frankfurt am Main, Germany) 22 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.63.176 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.162 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.84.22 (London, United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-22.eu-west-2.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.84.221 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1564-221.members.linode.com

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.49.210 (Frankfurt am Main, Germany) 2 redirects

ASN- ()
PTR: ec2-3-121-49-210.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.252.2 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.23.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-23-66.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.52 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i1-v6exp3.ds.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.242 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f18.1e100.net

p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i2-v6exp3.v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com c3.taboola.com sync-t1.taboola.com sync.taboola.com il-trc-events.taboola.com match.taboola.com pips.taboola.com cds.taboola.com am-wf.taboola.com	1 MB
68	stickyadstv.com 22 redirects ads.stickyadstv.com cdn.stickyadstv.com	1 MB
44	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	589 KB
43	doubleclick.net 10 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	94 KB
19	google.com 3 redirects cse.google.com www.google.com clients1.google.com adservice.google.com	166 KB
18	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com content1.avantisvideo.com	231 KB
13	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	33 KB
13	ultrasurfing.com home2.ultrasurfing.com	96 KB
11	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com	190 KB
11	ampproject.org cdn.ampproject.org	220 KB
9	amazon-adsystem.com s.amazon-adsystem.com	5 KB
8	googleapis.com imasdk.googleapis.com	1 MB
7	advertising.com 5 redirects ads.adaptv.advertising.com pixel.advertising.com	2 KB
6	yahoo.com 3 redirects ups.analytics.yahoo.com	5 KB
6	adsrvr.org 3 redirects match.adsrvr.org	2 KB
5	bidswitch.net 2 redirects x.bidswitch.net	1 KB
5	spotxchange.com 5 redirects sync.search.spotxchange.com	3 KB
4	openx.net 3 redirects us-u.openx.net u.openx.net	1 KB
4	2mdn.net s0.2mdn.net	66 KB
4	gstatic.com p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i1-v6exp3.ds.metric.gstatic.com p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i2-v6exp3.v4.metric.gstatic.com	3 KB
4	googletagservices.com www.googletagservices.com	140 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google.de www.google.de adservice.google.de	1 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	3lift.com 1 redirects eb2.3lift.com	736 B
2	betweendigital.com 2 redirects ads.betweendigital.com	955 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	819 B
2	fwmrm.net 2 redirects 1f2e7.v.fwmrm.net	1022 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	671 B
2	emxdgt.com cs.emxdgt.com e1.emxdgt.com	104 B
2	360yield.com 2 redirects ad.360yield.com	673 B
1	postrelease.com jadserve.postrelease.com	427 B
1	mookie1.com odr.mookie1.com	324 B
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	568 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	pubmatic.com simage2.pubmatic.com	546 B
1	adnxs.com ib.adnxs.com	677 B
1	avplayer.com player.avplayer.com	57 KB
1	exactag.com m.exactag.com	1 KB
1	googleadservices.com partner.googleadservices.com	662 B
1	googletagmanager.com www.googletagmanager.com	39 KB
0	id5-sync.com Failed id5-sync.com Failed
375	47

	Domain	Requested by
53	ads.stickyadstv.com	22 redirects vidstat.taboola.com home2.ultrasurfing.com cdn.stickyadstv.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	cm.g.doubleclick.net	10 redirects home2.ultrasurfing.com
20	images.taboola.com	home2.ultrasurfing.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	pagead2.googlesyndication.com	home2.ultrasurfing.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com srcdoc tpc.googlesyndication.com
15	cdn.stickyadstv.com	vidstat.taboola.com cdn.stickyadstv.com
13	cdn.taboola.com	home2.ultrasurfing.com cdn.taboola.com
13	home2.ultrasurfing.com	home2.ultrasurfing.com
11	www.google.com	3 redirects cse.google.com www.google.com home2.ultrasurfing.com tpc.googlesyndication.com
11	cdn.ampproject.org	home2.ultrasurfing.com googleads.g.doubleclick.net pagead2.googlesyndication.com
10	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
9	s.amazon-adsystem.com	home2.ultrasurfing.com
8	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
8	sync.taboola.com	2 redirects am-match.taboola.com home2.ultrasurfing.com
7	track1.aniview.com	home2.ultrasurfing.com player.aniview.com
6	ups.analytics.yahoo.com	3 redirects home2.ultrasurfing.com
6	eus.rubiconproject.com	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
6	match.adsrvr.org	3 redirects imprammp.taboola.com am-match.taboola.com
6	trc.taboola.com	cdn.taboola.com home2.ultrasurfing.com
5	pixel.advertising.com	5 redirects
5	x.bidswitch.net	2 redirects imprammp.taboola.com am-match.taboola.com
5	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com home2.ultrasurfing.com
5	sync.search.spotxchange.com	5 redirects
5	events1.avantisvideo.com	cdn.avantisvideo.com
5	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	s0.2mdn.net	imasdk.googleapis.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	secure-assets.rubiconproject.com	3 redirects
3	am-vid-events.taboola.com	home2.ultrasurfing.com vidstat.taboola.com
3	content1.avantisvideo.com	home2.ultrasurfing.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com home2.ultrasurfing.com
3	static.avantisvideo.com	cdn.avantisvideo.com home2.ultrasurfing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sync.mathtag.com	2 redirects
2	eb2.3lift.com	1 redirects home2.ultrasurfing.com
2	ads.betweendigital.com	2 redirects
2	u.openx.net	1 redirects home2.ultrasurfing.com
2	rtb.mfadsrvr.com	2 redirects
2	ce.lijit.com	1 redirects
2	bh.contextweb.com	1 redirects home2.ultrasurfing.com
2	1f2e7.v.fwmrm.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	us-u.openx.net	2 redirects
2	ad.360yield.com	2 redirects
2	ads.adaptv.advertising.com	player.aniview.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	imprammp.taboola.com	home2.ultrasurfing.com vidstat.taboola.com
2	15.taboola.com	cdn.taboola.com
2	player.aniview.com	player.avplayer.com player.aniview.com
2	p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com
2	www.google.de	home2.ultrasurfing.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	cse.google.com	home2.ultrasurfing.com www.google.com
2	cdn.avantisvideo.com	home2.ultrasurfing.com cdn.avantisvideo.com
1	am-wf.taboola.com	vidstat.taboola.com
1	p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i2-v6exp3.v4.metric.gstatic.com
1	p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i1-v6exp3.ds.metric.gstatic.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	jadserve.postrelease.com	home2.ultrasurfing.com
1	match.taboola.com
1	odr.mookie1.com	home2.ultrasurfing.com
1	bttrack.com	home2.ultrasurfing.com
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com	home2.ultrasurfing.com
1	rtb-csync.smartadserver.com	home2.ultrasurfing.com
1	simage2.pubmatic.com	home2.ultrasurfing.com
1	ib.adnxs.com	home2.ultrasurfing.com
1	pixel.rubiconproject.com	home2.ultrasurfing.com
1	cs.emxdgt.com	am-match.taboola.com
1	il-trc-events.taboola.com	home2.ultrasurfing.com
1	c3.taboola.com	home2.ultrasurfing.com
1	go1.aniview.com	player.aniview.com
1	player.avplayer.com	cdn.avantisvideo.com
1	play.aniview.com	cdn.avantisvideo.com
1	m.exactag.com	googleads.g.doubleclick.net
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	home2.ultrasurfing.com
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	www.googletagmanager.com	home2.ultrasurfing.com
0	id5-sync.com Failed
375	88

This site contains links to these domains. Also see Links.

Domain
ultrasurfing.com
apps.apple.com
play.google.com
chrome.google.com
ultrasurf.us
ourfashiontrends.com
popup.taboola.com
www.tips-and-tricks.co
hotpoptoday.com
www.poradyiwskazowki.pl
coooltech.com
lawyersfavorite.com
stunningtale.com
home-tricks.com
happy-tricks.com
dbnzd.com

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.avantisvideo.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
content.avantisvideo.com R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
outstreamedia.com R3	`2021-05-25` - `2021-08-23`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.ds.metric.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.v4.metric.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 49 frames:

Primary Page: http://home2.ultrasurfing.com/
Frame ID: ED842109A6DE9D79B3F9E3CDDFDDC492
Requests: 177 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: 5A3A7288C2BB6346A15E8F1BDD8A5287
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 0B866AC74B3367A708D574E99CD948C2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=280&slotname=7677486290&adk=2974127641&adf=2714851601&pi=t.ma~as.7677486290&w=950&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=950x280&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1626475463673&bpp=6&bdt=448&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=2455867246362&frm=20&pv=2&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=K5FT14Q4nL&p=http%3A//home2.ultrasurfing.com&dtd=109
Frame ID: E380C5972176287451A2626B92AD937E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117
Frame ID: A26D2F2DBD3237FE973CFE2981D26BD0
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=2856114808&pi=t.ma~as.1261171629&w=300&lmt=1626475463&psa=0&format=300x250&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&wgl=1&dt=1626475463680&bpp=1&bdt=455&idt=122&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=L0QCn3FfGV&p=http%3A//home2.ultrasurfing.com&dtd=126
Frame ID: EF03EE50FBA996C2E6D237BBBB52B087
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=7405560533&adk=2558915673&adf=2454318073&pi=t.ma~as.7405560533&w=300&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463680&bpp=1&bdt=454&idt=129&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xriAH0hUQn&p=http%3A//home2.ultrasurfing.com&dtd=132
Frame ID: 6E8EF9028331D0ACFA12FF164285E62A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&adk=1812271804&adf=3025194257&lmt=1626475463&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1626475463690&bpp=1&bdt=464&idt=125&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=130
Frame ID: 049AC3A0ADCD054A20CE5FCE81C90C21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F013CD61B9F99641AE39BD7588BDD49F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
Frame ID: BB43F734A4F01801B2EF3EB1F14B368D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B15A3AD668E51A878D122F8E2C82EBF8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F69B5BA0CC033C2142663A7704DB25D8
Requests: 2 HTTP requests in this frame

Frame: https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: D0D01E31D346B1A06F1BB5A4425D7396
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
Frame ID: 6BB274584E4A0E6F80D87E6B2CA7FB3E
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa
Frame ID: 00812152E74B16FB948C0BCEB6B69B53
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js
Frame ID: 70F808DEA6F5B6B421FC0094B8BD6509
Requests: 1 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=BA3EF852A31429872741221026371&cicmp=1337627&cijs=1&dast=V7FrACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHcLgrGjE1WTBWYwmy-FustssVqvdbjIcrEZLSJjFYjGazFbDKRhs4XO6u9vggabT4brXC_1ul2WuOpsuD8_rcnPafXaN3-2XAwAAAMADAFFLNMSOb0N7BAAAAIAEz8i1AkVAxb-FwAUAAAAABgCBWLgGgCqHwZmcd6fDHwAADwUgAAACGCEAf2FYIgAAAAAjAAAAACQAAomFJQAOd4smAAABerF-CNEnAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAXQ7FPfo6LlYKvRAWmRYwAAAAAhMfSxo4kdUJlUfX___9vBXAFABCgF-uXcJR1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0ISywpHSgibXC9V4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAAB89ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhziQdW5dD6vzseGWI7myuVcMVjNlctVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
Frame ID: D484CAD6A60ED6370DEB62FC1EC9D499
Requests: 1 HTTP requests in this frame

Frame: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=undefined&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=95FB9DB2CF140851869114839057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 4962413C491AD121D03EB8D6B666CC51
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D8FF2E1C8E66C47F0CFF4F24AFB17937
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7FADA35EB161EF40486F932783C2818F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7233B1D49C3C70FF5D8B3223E26E8CF6
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 7810E48AAC39AEEF84189145C79649E4
Requests: 5 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Frame ID: 78A56FB32F6407C90292D3CDE13882FD
Requests: 2 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Frame ID: 3E1CA152EE533CCD0ED7442D432F7CC8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 07D33179D7B7FCED89F3542B423CBCB5
Requests: 3 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=40f7b607-7f95-4c40-b214-789a7a6f882a
Frame ID: B66330F29B5DDC5C9C8E7D58A66365CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 868E248AB10F6050786F1B8767AB4A26
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 6828FEA8FA35943AFC2617F8DB7E94F2
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F32FF171DBCAB5D8F1277BA7A68C6110
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: DE993D69A4359E0D7D9D64BE3EBC5E18
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 8DB65DA525FD531A4D42EBF81654410F
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: DB5119821A37F57C84B772F672940840
Requests: 6 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 01924108C7B251FF862BFBEF8AEE86BC
Requests: 6 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: A3EA96246C4C282AD05345DC06CA21D6
Requests: 22 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=DJiZGmNeRZqjJ9dRB4fpPA
Frame ID: 701931B9FBDC700B3CBD2592E07E5BA9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4A6B43F20CB2510C1844D982D8132EB4
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 12E882A129EC2595BAAAAC8142E8EED5
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 64D4CE3D50FE0AB677F8D1CE81A83EDC
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 58C8ED8ACA438E792BBF56D90AED0E73
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8204F714D6D7D67FA97C24DD74BB67AA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5F5766519F754CBC913DFF69DA2D8B41
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 61644A8DC7424CB37EF4AE44CB5927FE
Requests: 3 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Frame ID: B419BA232F3783088283CCA5560202AC
Requests: 2 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html
Frame ID: BB86D036E890377A69288FBA76D70A7A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 804D0F1F2E4776835BE0E78ED2D57531
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8508D95833921E212C2B54263A4C432A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 8DD557EC87FA24BEEF82D0F2859D9DA5
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 03C15B95753BB42C06096073153353C3
Requests: 7 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: FA7CFE1B55A42CFB628B8C586F1313D9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

375
Requests

78 %
HTTPS

38 %
IPv6

47
Domains

88
Subdomains

64
IPs

11
Countries

5868 kB
Transfer

15918 kB
Size

2
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: http://ultrasurfing.com//index.html
Title: Ultrasurf

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/ultrasurf-vpn/id1563051300
Title: Ultrasurf iOS VPN

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=us.ultrasurf.mobile.ultrasurf
Title: Ultrasurf Android VPN

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/ultrasurf-security-privac/mjnbclmflcpookeapghfhapeffmpodij
Title: Ultrasurf Chrome Extenstion

Search URL Search Domain Scan URL

URL: https://ultrasurf.us/download/usf.exe
Title: Ultrasurf Windows Client

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com//top-stories/index.html
Title: Top Stories

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com//business-and-tech/index.html
Title: Business

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com//sports/index.html
Title: Sports

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com//policy/privacyandcookie/
Title: Privacy

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com//policy/termsandconditions/
Title: Terms

Search URL Search Domain Scan URL

URL: https://ourfashiontrends.com/celebrity-couples-that-prove-dx/?utm_source=taboola-dx&utm_campaign=dx-ww-a-oft-tloveen-all-300621-c35&utm_medium=tb11350538_1110515&utm_term=ultrasurf-ultrasurf&click_id=GiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCC6mlAo1O3cnJ-6vKqPAQ&cpc=0.0004
Title: OurFashionTrends

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.tips-and-tricks.co/home-and-garden/sticks-rose-stalk-potato-look-happens-week-later-amazing/?utm_campaign=v6fl8nuq&utm_source=Taboola&utm_medium=native&utm_term=ultrasurf-ultrasurf
Title: Tips and TricksAdvertisement

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=ultrasurf-ultrasurf&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://hotpoptoday.com/the-journey-of-two-adorable-sh/?utm_source=taboola-sh&utm_campaign=sh-ww-a-hpt-twinsen-all-290321-c1468&utm_medium=tb9448922_1110515&utm_term=ultrasurf-ultrasurf&click_id=GiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCCy1U4olqX8sdmTzoOWAQ&cpc=0.0004
Title: HotPopToday

Search URL Search Domain Scan URL

URL: https://www.poradyiwskazowki.pl/sprzatanie/bialy-ocet-8-korzysci/?utm_campaign=g5p38nrw&utm_source=Taboola&utm_medium=native&utm_term=ultrasurf-ultrasurf
Title: Porady I Wskazówki

Search URL Search Domain Scan URL

URL: https://www.tips-and-tricks.co/cleaning/baking-soda-washing-machine/?utm_campaign=njht26qk&utm_source=Taboola&utm_medium=native&utm_term=ultrasurf-ultrasurf
Title: Tips and tricks

Search URL Search Domain Scan URL

URL: https://www.tips-and-tricks.co/health/wow-sleeping-position-says-health/?utm_campaign=f8nliqdm&utm_source=Taboola&utm_medium=native&utm_term=ultrasurf-ultrasurf
Title: Tips and Tricks

Search URL Search Domain Scan URL

URL: http://coooltech.com/2017/05/15/15-sporty-cars-every-guy-wants-and-can-afford/?utm_source=taboola/cars&utm_medium=referral&utm_term=ultrasurf-ultrasurf&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F855fb5914ed571e8b87b1dce7f49305c.jpg%20&utm_term=ultrasurf-ultrasurf#tblciGiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCCAh0Io57CWuoDS3bG6AQ
Title: CelebsTube

Search URL Search Domain Scan URL

URL: https://lawyersfavorite.com/trending/zobacz-jak-te-piekne-gwiazdy-wygladaja-bez-makijazu-kilka-z-nich-nas-naprawde-zaszokowalo-mm/?utm_source=taboola&utm_medium=ultrasurf-ultrasurf&utm_campaign=10067634&utm_term=We%C5%BA+g%C5%82%C4%99boki+oddech+zanim+zobaczysz+Meghan+Markle+bez+makija%C5%BCu&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F207baeff14098badd847ca04fe21273f.jpg&ts=2021-07-16+22%3A44%3A25&tbv=lyANlrO97_Kq3wA62UU2YiGSnvo9dwnIXdkyeTj7ddU=&pcl=1&br=1
Title: Lawyers Favorite

Search URL Search Domain Scan URL

URL: https://stunningtale.com/campingfails-en/?utm_source=taboola&utm_term=ultrasurf-ultrasurf_1110515&utm_content=2995653160&utm_medium=referral&utm_campaign=CampingFailsSB-WW-DTM-NSF-STT-TB#tblciGiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCDHtVQoj-if4dGI4q8i
Title: StunningTale.com

Search URL Search Domain Scan URL

URL: https://home-tricks.com/dishwashtablets-en/?utm_source=taboola&utm_term=ultrasurf-ultrasurf_1110515&utm_content=2993318943&utm_medium=referral&utm_campaign=DishwashTabletsSB-WW-DTM-SF-HMT-TB#tblciGiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCDGtVQoyNfssdOmy9As
Title: Home Tricks

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/top-stories/safricas-zuma-delays-corruption-trial-with-appeal/

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/top-stories/mass-raids-target-russian-opposition-chief/

Search URL Search Domain Scan URL

URL: http://happy-tricks.com/en/boycook/?utm_source=taboola&utm_term=ultrasurf-ultrasurf_1110515&utm_content=3005834916&utm_medium=referral&utm_campaign=BoyCook-EUR-DTM-HT-TB-SB#tblciGiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCDv6koor5n7or6j7_Vf
Title: Happy-Tricks.com

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/top-stories/syria-kurds-defend-key-town-as-turkey-ignores-us/

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/top-stories/eu-britain-scramble-to-reach-brexit-deal-before-summit/

Search URL Search Domain Scan URL

URL: http://dbnzd.com/cid/0fee3ac0-275e-4d90-8710-78c40660885c?campaignid=11327663&platform=Desktop&campaignitemid=3011970733&site=ultrasurf-ultrasurf&clickid=GiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCDwrVMo_4D_guO5iqCsAQ&timestamp=2021-07-16+22%3A44%3A25&thumbnail=http%3A%2F%2Fdbnzd.com%2Fcontent%2F91a88876-3ee9-4d0c-a14e-9e818a000b37.jpg&title=Windy+schodowe+mog%C4%85+by%C4%87+spe%C5%82nieniem+marze%C5%84+senior%C3%B3w#tblciGiDoYCzsGqOew3dKzPnQa6t3LSvzhB3z-qqQfnX38NxCDCDwrVMo_4D_guO5iqCsAQ
Title: Windy Dla Osób Niepełnosprawnych | Reklamy Sponsorowane

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/business-and-tech/putin-talks-investments-and-space-in-abu-dhabi/
Title:

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/
Title:

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/sports/turkey-defends-footballers-saluting-soldiers/
Title:

Search URL Search Domain Scan URL

URL: http://ultrasurfing.com/business-and-tech/pound-surges-as-brexit-deal-speculation-heats-up/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1626475464023&ns_c=UTF-8&cv=3.5&c8=Ultrasurf%20-%20Top%20Stories&c7=http%3A%2F%2Fhome2.ultrasurfing.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626475464023&ns_c=UTF-8&cv=3.5&c8=Ultrasurf%20-%20Top%20Stories&c7=http%3A%2F%2Fhome2.ultrasurfing.com%2F&c9=

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 182

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=5f4abbac-e687-11eb-9aa9-182a6e990306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&

Request Chain 187

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=5f50cf24-e687-11eb-b7b4-199e6d820406 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&

Request Chain 189

https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=370e42a3-3ba1-4a2c-a7fb-e4727e0419ea

Request Chain 206

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 207

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=40f7b607-7f95-4c40-b214-789a7a6f882a

Request Chain 213

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 216

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&

Request Chain 219

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=4241870d-a667-498f-95d8-dff5c047a9f8&_origin=1&gdpr=1&gdpr_consent=

Request Chain 220

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4 HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4 HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078 HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078&verify=true

Request Chain 221

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1ZmIwMTIzZi1lNjg3LTExZWItOWUwMC0wMmI0ZWY4Y2QwNzg%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVA1ZmIwMTIzZi1lNjg3LTExZWItOWUwMC0wMmI0ZWY4Y2QwNzg%3D&google_tc= HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1&apid=UP60c46879-e687-11eb-b19b-06c92e45b516

Request Chain 222

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 231

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cc36559854b49e20484250754e74909c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l10fd_6985658934217215038

Request Chain 233

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cc36559854b49e20484250754e74909c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2951_6985658934217271457

Request Chain 236

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cc36559854b49e20484250754e74909c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658934217327963 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b42e48b6-fdd3-43a4-b1bc-071596c8b4e3 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=4259419890908750973 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/ddaf59394e4595d0f46108639721138&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-xumszb9E2oM7XjPm2_gn6rT8UB64a2OIMUGTM_sR~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8b7760f2-0bcd-4e00-a004-16a567ab07c5&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5155365076674725554 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4b0de098-b750-4317-a012-71644564b2ea HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3469693587413378879

Request Chain 246

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=

Request Chain 247

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=cc36559854b49e20484250754e74909c&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 249

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=

Request Chain 251

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=49b59d59eeb095d69d6fd934c4e4c7e4&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 253

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGRhZjU5Mzk0ZTQ1OTVkMGY0NjEwODYzOTcyMTEzOA==&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGRhZjU5Mzk0ZTQ1OTVkMGY0NjEwODYzOTcyMTEzOA==&gdpr=0&gdpr_consent=&google_tc=

Request Chain 255

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=ddaf59394e4595d0f46108639721138&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 258

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=jJsaz6K43ADp&ev=1&orig=trc&pid=562107

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAxA1dijwX4MlETkyUZg9bc&google_cver=1

Request Chain 262

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=dcf73a01-1eea-4e26-a922-7ab4d5569675-tuct7eb914b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=dcf73a01-1eea-4e26-a922-7ab4d5569675-tuct7eb914b&google_tc=

Request Chain 263

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b42e48b6-fdd3-43a4-b1bc-071596c8b4e3

Request Chain 264

https://ce.lijit.com/merge?pid=42&3pid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 268

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fdf7727-8515-476c-80c7-556d00c62df3

Request Chain 269

https://id5-sync.com/s/464/9.gif?puid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9HKYkhcph1lRKddkmN_FIxusb85shLoR5uWd-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9HKYkhcph1lRKddkmN_FIxusb85shLoR5uWd-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=3f55b11c-250c-481c-a862-4f1ff49046ef&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESECoHAPBq0M_7BRDBu6ViRJo&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECoHAPBq0M_7BRDBu6ViRJo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3469693587413378879&opid=apx&ops=&utidl=tech:goo:CAESECoHAPBq0M_7BRDBu6ViRJo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19068414862&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/19/4/4.gif?puid=45126063a38037a44cc6a086715a2110&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/101/3/5.gif?puid=aaa21f80-34bc-4863-8bdd-55c3c1d28bca&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/108/2/6.gif?puid=1034c52a-81bb-483d-b01e-beccbc011b2a&gdpr=1&gdpr_consent=

Request Chain 270

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZcxCTD6wDdWt7srWzQvyYA

Request Chain 272

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4ff0e06b-defc-4b31-881d-363da5f510e2&ssp=taboola&gdpr=0&gdpr_consent=

Request Chain 273

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11d746c0-998c-40f1-bbd2-64e4eb0e6c9b HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11d746c0-998c-40f1-bbd2-64e4eb0e6c9b&tbid=f16ae039-eeeb-4134-a2f0-0c1291e0d5d9-tuct7eb914d&query=taboola_hm%3D11d746c0-998c-40f1-bbd2-64e4eb0e6c9b&isDirect=0

Request Chain 274

https://u.openx.net/w/1.0/sd?id=543998486&val=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=

Request Chain 275

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=460bda47-ffeb-51c6-945a-fa13f4a8f1df

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=xPxjNGH2SxqTI9_QPm4NoQ&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148%26ui%3DxPxjNGH2SxqTI9_QPm4NoQ HTTP 302
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=xPxjNGH2SxqTI9_QPm4NoQ

Request Chain 278

https://eb2.3lift.com/xuid?mid=7772&xuid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&dongle=tbla HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

Request Chain 280

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=DJiZGmNeRZqjJ9dRB4fpPA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148%26ui%3DDJiZGmNeRZqjJ9dRB4fpPA HTTP 302
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=DJiZGmNeRZqjJ9dRB4fpPA

Request Chain 290

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=0e5d60f2-0bcc-4200-aaa9-50b4a6d6f23b&gdpr=1&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=null HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=null&_test=YPILzQACr2k4DABg HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPILzQACr2k4DABg&gdpr=1&gdpr_consent=null&_test=YPILzQACr2k4DABg HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6c828ad7db8f1e344473cdd4efd4bd96&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&45=YPILzQACr2k4DABg&529=8b7760f2-0bcd-4e00-a004-16a567ab07c5&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658947101914598 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4b0de098-b750-4317-a012-71644564b2ea HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/6c828ad7db8f1e344473cdd4efd4bd96&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-szzfeypE2oNU5RN1ahsGWsuzUe8pzcmbJfe8CgWB~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3469693587413378879 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=BcadgbA21M4wzk5&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACiQ07B5BgAAEAvNv5yhQ&gdpr=0

Request Chain 293

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=474360f2-0bcd-4600-baca-663efad0c514&gdpr=1&gdpr_consent=null

Request Chain 295

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8b7760f2-0bcd-4e00-a004-16a567ab07c5&gdpr=1&gdpr_consent=null

Request Chain 303

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTgzMzRhMzkyZTM5ZGNjZjI5OTIyY2ExNGRkZTFjYQ==&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTgzMzRhMzkyZTM5ZGNjZjI5OTIyY2ExNGRkZTFjYQ==&gdpr=0&gdpr_consent=&google_tc=

Request Chain 305

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 307

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=&google_tc=

Request Chain 309

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 311

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=

Request Chain 313

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 355

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1d72_6985658990051780879 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=c77e91e7-987b-4d5e-8a7a-b6349595ae82 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/2ec3cdaa8edc5b992f9b7e61a1db82a&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-argHSNNE2oOOwvydIomIzQ4_sYAg6INhQ_YUmlwV~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6461171285122353775 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b6fc60f2-0bd8-4900-bc0f-60f31fe2f9e8&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YPIL2AAC8kU4VgA4 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPIL2AAC8kU4VgA4&gdpr=0&gdpr_consent=&_test=YPIL2AAC8kU4VgA4 HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAB_6U7B5BgAAEA2ZZSkIw&gdpr=0 HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&26913=AAAaqE7B5BgAAEAO-L7N5g&45=YPIL2AACr0HPzABg&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658994346866481 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 358

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l10fd_6985658990051790419 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=6440e14e-c9fe-4dff-8b3d-859dc1a01fcf HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6461171285122353775 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d7f460f2-0bd8-4a00-8bb5-f0b2011bc444&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8207326203247511969 HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=TauRxI2D1M4wzu5 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YPIL2AACr0HPzABg HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPIL2AACr0HPzABg&_test=YPIL2AACr0HPzABg HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&45=YPIL2AAC8kU4VgA4 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1479_6985658994346850080

Request Chain 361

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2117_6985658990051812824 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4f852f0f-20e1-4fe4-ac73-f4e238ad0179 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/2ec3cdaa8edc5b992f9b7e61a1db82a&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-argHSNNE2oOOwvydIomIzQ4_sYAg6INhQ_YUmlwV~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6461171285122353775 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d7f460f2-0bd8-4a00-8bb5-f0b2011bc444&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=TauRxI2D1M4wzu5&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAAaqE7B5BgAAEAO-L7N5g&gdpr=0 HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&26913=AAAaqE7B5BgAAEAO-L7N5g&45=YPIL2AAC8kU4VgA4&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658994346866481 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 369

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

Request Chain 371

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 373

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

Request Chain 375

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 377

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

Request Chain 379

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

375 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
home2.ultrasurfing.com/ 11 KB
3 KB 391ms
353ms Document
text/html 184.105.237.132

General

Check archive.org

Show headers Download Go to

Full URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: eb494abbb8c017b35ccc7d08246813ba16e6fc8e65828067b6902a7985dfcd78

Request headers

Host: home2.ultrasurfing.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Fri, 16 Jul 2021 22:44:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 270 KB
71 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e1461f9560b5f5dd1a84603b0f6bf36235fc6bc76ef82457f6ada724f227bcc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71611
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 22:44:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "534b6c99c5c82543"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H2 200 amp-experiment-0.1.js Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-experiment-0.1.js

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6baa1ffcdc5ce858a33e5c5fb976364e954ad9df34a384c7e5d17c42d4b91936

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2423
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 22:44:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "eb2177d3015a5ff2"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 71 KB
20 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76e7baff5bf5bff9b2ecf29f5f185a2e60356c7bf4322b9701b7b6b46d0a14d2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20565
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 22:44:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "6390971257f1c036"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H3-29 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 8 KB
3 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d10b707c66cc6b2c15c54843a059cfb7ffcae935bb717593600eb04975fede2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3014
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 22:44:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "4dd8d057d7e34ef8"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H/1.1 200
OK reset.css
home2.ultrasurfing.com/css/ 1 KB
879 B 189ms
189ms Stylesheet
text/css 184.105.237.132

General

Check archive.org

Show headers Download Go to

Full URL: http://home2.ultrasurfing.com/css/reset.css
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5c7e52c23ed96a8fb4a491d7b2e512207c126999a34c49bb21b9d14355b16ae0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: nginx/1.16.1
ETag: W/"5f9a61f5-41a"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK style2.css
home2.ultrasurfing.com/css/ 19 KB
5 KB 378ms
353ms Stylesheet
text/css 184.105.237.132

General

Check archive.org

Show headers Download Go to

Full URL: http://home2.ultrasurfing.com/css/style2.css
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b41b5941a0652db74be1fe947e115b055a1e72d9255855abe2d1e31f0a545b31

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 16:54:51 GMT
Server: nginx/1.16.1
ETag: W/"6082fbdb-4b4a"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105623949-1

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2d83c05e08d0ebca4849129c5ec6f36f6aef6e3f3130f288970b3682f02127c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39589
x-xss-protection: 0
last-modified: Fri, 16 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 31 KB
11 KB 32ms
7ms Script
application/javascript 2600:9000:20eb:1000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 21634
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
date: Fri, 16 Jul 2021 16:43:50 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Ir8lJDHl3UCNi3cLCrLKAjverGI29rwx9r_lXLU3Vql5ROFEmOlE3g==

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 66ms
46ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-8502237298656009:1793691224

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e48e5478b43468d1e6c7f4a5ddb027e6623f62083280a58cb75c54eca4e23279

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2917
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bff7d7daab7b0e2e15cfb4777e0a550049554e9b391d519f9f2f3196275d5f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48389
x-xss-protection: 0
server: cafe
etag: 7904118586112407981
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H/1.1 200
OK c28d707a_photo0_610.jpg
home2.ultrasurfing.com/images/ 41 KB
41 KB 189ms
189ms Image
image/jpeg 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/images/c28d707a_photo0_610.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a47f8643085a849c5f7385b30046cf79bc0a201c9be5125b78d7c281c137494e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Fri, 16 Jul 2021 22:42:02 GMT
Server: nginx/1.16.1
ETag: "60f20b3a-a2e6"
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41702
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK a6e37254_photo0_190.jpg
home2.ultrasurfing.com/images/ 7 KB
7 KB 191ms
189ms Image
image/jpeg 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/images/a6e37254_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5043cd22d726edebfca67584a8383980542304374a377bbbe068d65dc688280f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Fri, 16 Jul 2021 22:42:06 GMT
Server: nginx/1.16.1
ETag: "60f20b3e-1ab9"
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6841
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK 59457151_photo0_190.jpg
home2.ultrasurfing.com/images/ 5 KB
5 KB 372ms
346ms Image
image/jpeg 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/images/59457151_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d7245d8f063d6b930496a3df67b3280d5651f1be9c6d8db4297fcd5f416a0776

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Fri, 16 Jul 2021 22:42:06 GMT
Server: nginx/1.16.1
ETag: "60f20b3e-1456"
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5206
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK c28d707a_photo0_190.jpg
home2.ultrasurfing.com/images/ 7 KB
7 KB 558ms
185ms Image
image/jpeg 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/images/c28d707a_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d5ff9167834a04c2b81fe7a88bd3101d7af7962d0eb507ef13da65a6a7b69f25

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Fri, 16 Jul 2021 22:42:02 GMT
Server: nginx/1.16.1
ETag: "60f20b3a-1aaf"
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6831
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK f5ee46ee_photo0_190.jpg
home2.ultrasurfing.com/images/ 7 KB
8 KB 566ms
188ms Image
image/jpeg 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/images/f5ee46ee_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3cb9607bca1dca9dd16ec95103698c2cf58faeae15f7ef5f4dae23d226926f76

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Fri, 16 Jul 2021 22:42:05 GMT
Server: nginx/1.16.1
ETag: "60f20b3d-1d85"
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7557
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK 8c899456_photo0_190.jpg
home2.ultrasurfing.com/images/ 5 KB
6 KB 568ms
189ms Image
image/jpeg 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/images/8c899456_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 79b8ef08d31132fce8244dd5f6f72a994abcbe60a5a3ff2959d28142d22768a5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Fri, 16 Jul 2021 22:42:04 GMT
Server: nginx/1.16.1
ETag: "60f20b3c-1560"
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5472
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK e2b34da_photo0_190.jpg
home2.ultrasurfing.com/images/ 4 KB
5 KB 350ms
189ms Image
image/jpeg 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/images/e2b34da_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 2f66f4297d5ed92afc7189a4381965280396065e2d8345884a184613ecbfb6f5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Fri, 16 Jul 2021 21:39:05 GMT
Server: nginx/1.16.1
ETag: "60f1fc79-1158"
Content-Type: image/jpeg
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4440
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105623949-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2847
date: Fri, 16 Jul 2021 21:56:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 16 Jul 2021 23:56:56 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/ultrasurf-ultrasurf/ 233 KB
28 KB 213ms
186ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.64.0 /
Resource Hash: db2fd987b90a3ad4704defd83fff15a629bbcbf927560024ebe1851288b93ac8

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Amz-Version-Id: W2Ev4fBrl7IiAADPZyr.QtTyISXd93wy
Content-Encoding: gzip
Etag: "f8f066cd1344a6ec65efcbebce45e4eed1c2ba74"
Age: 0
Via: 1.1 varnish
X-Cache: MISS
X-From-Cache: 1
Connection: keep-alive
Content-Length: 27703
X-Amz-Id-2: sLOEUIXm96x5ciN3yDwvzC6hzi22Up/+YnUnUcx3BG28GKvEPd/jW+jRKXdKtnQGxq1bNnD1t+g=
X-Served-By: cache-fra19163-FRA
Last-Modified: Fri, 16 Jul 2021 22:44:23 UTC
Server: obaker.93.1.2-11.64.0
X-Timer: S1626475464.683233,VS0,VE119
Date: Fri, 16 Jul 2021 22:44:23 GMT
Vary: Accept-Encoding, Accept-Encoding
X-Amz-Request-Id: DBA4SG7KEHKVV8PG
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 6
X-Cache-Hits: 0

GET
H/1.1 200
OK bg_header.png
home2.ultrasurfing.com/img/ 230 B
563 B 364ms
351ms Image
image/png 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/img/bg_header.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/css/style2.css
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/css/style2.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: nginx/1.16.1
ETag: "5f9a61f5-e6"
Content-Type: image/png
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK logo-new.png
home2.ultrasurfing.com/img/ 7 KB
7 KB 358ms
345ms Image
image/png 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/img/logo-new.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/css/style2.css
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/css/style2.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: nginx/1.16.1
ETag: "5f9a61f5-1c94"
Content-Type: image/png
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7316
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK bg_nav.png
home2.ultrasurfing.com/img/ 175 B
508 B 364ms
353ms Image
image/png 184.105.237.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://home2.ultrasurfing.com/img/bg_nav.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/css/style2.css
Protocol: HTTP/1.1
Server: 184.105.237.132 , United States, ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: home2.ultrasurfing.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://home2.ultrasurfing.com/css/style2.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://home2.ultrasurfing.com/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Thu, 29 Oct 2020 06:32:21 GMT
Server: nginx/1.16.1
ETag: "5f9a61f5-af"
Content-Type: image/png
Cache-Control: max-age=31536000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175
Expires: Sat, 16 Jul 2022 22:44:25 GMT

GET
H/1.1 200
OK abc.txt Show response
static.avantisvideo.com/data/ 23 KB
6 KB 41ms
8ms XHR
text/plain 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f1bf9e0338681326492f041115a6146d66f3872dc5367db7f5a330e479844bc

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Jul 2021 22:44:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jul 2021 09:11:51 GMT
Server: AmazonS3
x-amz-request-id: EXE4NJ4ET72QWC9T
ETag: "2ab00981aa37969dc2219e90a9de5b83"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 5458
x-amz-id-2: 2Jdm3Rm3SlSnD9LqTtxl26Y8N/btDMAlnOgFG3Eqrd702TwzXtTmLmZW0PPETEyAqL+JV9XT2/E=

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/b54a745638da8bbb/ 280 KB
92 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8502237298656009:1793691224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

94fc1b6f57eaec5b66d02212a4a8c63fb22b3b46c2643d76c1b39edeea337b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93992
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 09:02:43 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/b54a745638da8bbb/ 41 KB
9 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8502237298656009:1793691224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 09:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 09:02:43 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-8502237298656009:1793691224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Jul 2021 23:12:43 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=750376969&t=pageview&_s=1&dl=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=Ultrasurf%20-%20Top%20Stories&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=172779489&gjid=797759507&cid=1922633286.1626475464&tid=UA-105623949-1&_gid=1518547635.1626475464&_r=1&gtm=2ou7e0&z=1085150654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://home2.ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ 244 KB
90 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8502237298656009&plah=home2.ultrasurfing.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame 5A3A 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 16 Jul 2021 03:29:55 GMT
expires: Fri, 30 Jul 2021 03:29:55 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 69268
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 0B86 42 KB
15 KB 32ms
6ms Document
text/html 2600:9000:20eb:5a00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5a00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

content-type: text/html
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Jul 2021 18:57:36 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: W_Kfq3xCwXV8FWRiDlrCgRzujmXt0y6WIG5rHQW_2aUsKxU8nS7zZA==
age: 23709

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-105623949-1&cid=1922633286.1626475464&jid=172779489&gjid=797759507&_gid=1518547635.1626475464&_u=YEBAAUAAAAAAAC~&z=754722834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Jul 2021 22:44:23 GMT
content-type: text/plain
access-control-allow-origin: http://home2.ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 150 KB
55 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__en.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33dac5a12910577d7f2fc8ff1509e8aeb4342e5d9cc9eec47edea9cdf316223a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: sffe
X-Content-Type-Options: nosniff
ETag: "14801021920252901860"
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H3-29 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 15ms
14ms Image
image/png 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/default+en.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/b54a745638da8bbb/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 04:00:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 326606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Wed, 13 Jul 2022 04:00:57 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 13ms
13ms Image
image/png 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:33:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 339027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Wed, 13 Jul 2022 00:33:56 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 13ms
6ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:23 GMT
Content-Length: 0

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-105623949-1&cid=1922633286.1626475464&jid=172779489&_u=YEBAAUAAAAAAAC~&z=1716545993

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-105623949-1&cid=1922633286.1626475464&jid=172779489&_u=YEBAAUAAAAAAAC~&z=1716545993

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 0B86 125 B
878 B 149ms
149ms XHR
application/json 2600:9000:20eb:5800:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:5800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c8e2be0b7fbee58d5d39567bb1d459e271fe06b356afd501622de171b6fe4885

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 125
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 16 Jul 2021 22:44:24 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: cUayuj4jpOXRabkWq3_HBXA5Wfdg75lzdXBdswGvZIe-v2f8j537Ig==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 176ms
148ms Preflight 2600:9000:20eb:5800:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

2600:9000:20eb:5800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 16 Jul 2021 22:44:23 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Eg7WS4vKm_YNWL4vsbcfmUTatD581wwR-Fru6-RfnDEZa2-TKn8gNQ==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
662 B 154ms
53ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=home2.ultrasurfing.com&callback=_gfp_s_&client=ca-pub-8502237298656009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8502237298656009&plah=home2.ultrasurfing.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

5017c6583773bbb24153b051ca1ada1e36ec4f67927aea33c5fbc0c218046583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=home2.ultrasurfing.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=home2.ultrasurfing.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E380 57 KB
22 KB 442ms
440ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=280&slotname=7677486290&adk=2974127641&adf=2714851601&pi=t.ma~as.7677486290&w=950&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=950x280&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1626475463673&bpp=6&bdt=448&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=2455867246362&frm=20&pv=2&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=K5FT14Q4nL&p=http%3A//home2.ultrasurfing.com&dtd=109

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137e54b3bf159bee7ddb75e8e8a4c375fbfe0e029f0cd8efc4b8e47f4c0dab54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8502237298656009&output=html&h=280&slotname=7677486290&adk=2974127641&adf=2714851601&pi=t.ma~as.7677486290&w=950&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=950x280&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1626475463673&bpp=6&bdt=448&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=2455867246362&frm=20&pv=2&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=K5FT14Q4nL&p=http%3A//home2.ultrasurfing.com&dtd=109
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Jul 2021 22:44:24 GMT
server: cafe
content-length: 22238
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 22:59:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:24 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A26D 58 KB
22 KB 383ms
382ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82e0d38a5e1368fd1f713570f09c9a5f230f069c38ef457311a3d3fc415f9834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Jul 2021 22:44:24 GMT
server: cafe
content-length: 22591
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 22:59:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:24 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF03 107 KB
17 KB 402ms
402ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=2856114808&pi=t.ma~as.1261171629&w=300&lmt=1626475463&psa=0&format=300x250&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&wgl=1&dt=1626475463680&bpp=1&bdt=455&idt=122&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=L0QCn3FfGV&p=http%3A//home2.ultrasurfing.com&dtd=126

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

335ce2804f634f839fc7e5a4c578ced3b74bbdc891629f9f542a7af7dce68262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=2856114808&pi=t.ma~as.1261171629&w=300&lmt=1626475463&psa=0&format=300x250&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&wgl=1&dt=1626475463680&bpp=1&bdt=455&idt=122&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=L0QCn3FfGV&p=http%3A//home2.ultrasurfing.com&dtd=126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Jul 2021 22:44:24 GMT
server: cafe
content-length: 17545
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 22:59:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:24 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E8E 57 KB
22 KB 277ms
277ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=7405560533&adk=2558915673&adf=2454318073&pi=t.ma~as.7405560533&w=300&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463680&bpp=1&bdt=454&idt=129&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xriAH0hUQn&p=http%3A//home2.ultrasurfing.com&dtd=132

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

167e0d390ff74a4aabcc74ae7068498048978dcebd86e1dc85e09e6b3a7e724a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=7405560533&adk=2558915673&adf=2454318073&pi=t.ma~as.7405560533&w=300&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463680&bpp=1&bdt=454&idt=129&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xriAH0hUQn&p=http%3A//home2.ultrasurfing.com&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Jul 2021 22:44:24 GMT
server: cafe
content-length: 22245
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 22:59:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:24 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 049A 2 KB
536 B 70ms
69ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&adk=1812271804&adf=3025194257&lmt=1626475463&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1626475463690&bpp=1&bdt=464&idt=125&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=130

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43db6c760297f62df02365322c9401d1d70b82a51db70bea51415839050e4bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8502237298656009&output=html&adk=1812271804&adf=3025194257&lmt=1626475463&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1626475463690&bpp=1&bdt=464&idt=125&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250%2C300x600&nras=1&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 16 Jul 2021 22:44:23 GMT
server: cafe
content-length: 513
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 22:59:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:23 GMT
cache-control: private

GET
H2 200 impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js Show response
cdn.taboola.com/libtrc/ 530 KB
118 KB 129ms
43ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8da76eebddde8be6755cd5ad20fbfd9eb5dc25c5f21fe9b1d7947c66a817ec9e

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oXVW8wkcFgl14CqY6EmBjmQ4fULHffRw
content-encoding: br
etag: "dc7377233ef82f389840e574a058a22f"
age: 8768
x-cache: HIT
content-length: 120442
x-amz-id-2: i+fqJjGYnvgxoU73I5FkFmkaGISbLEzCNnZHyMZSfHX0EBuYfuLO3ocH5kQxvqtX70vwwfCwq3Q=
x-served-by: cache-fra19154-FRA
last-modified: Thu, 15 Jul 2021 11:53:05 GMT
server: AmazonS3-br
x-timer: S1626475464.976129,VS0,VE0
date: Fri, 16 Jul 2021 22:44:23 GMT
vary: Accept-Encoding
x-amz-request-id: 4FS6721MV1YNSF7M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 95
x-cache-hits: 310

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 149ms
48ms Script
application/javascript 13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:25:52 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: EzGLlPDAg7Iz6JvnanOQpLIojJ140MvTkZibqzyPFDYpmafGq0BrBA==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
179 B 128ms
42ms Image
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=fix_fpp_lr_var
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626475464.976184,VS0,VE0
x-served-by: cache-fra19154-FRA
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1626475464023&ns_c=UTF-8&cv=3.5&c8=Ultrasurf%20-%20Top%20Stories&c7=http%3A%2F%2Fhome2.ultrasurfing.com%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626475464023&ns_c=UTF-8&cv=3.5&c8=Ultrasurf%20-%20Top%20Stories&c7=http%3A%2F%2Fhome2.ultrasurfing.com%2F&c9=

64 B
329 B

63ms
62ms

Image
image/gif

13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626475464023&ns_c=UTF-8&cv=3.5&c8=Ultrasurf%20-%20Top%20Stories&c7=http%3A%2F%2Fhome2.ultrasurfing.com%2F&c9=
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: BpPo5R6l_WL8x7_4sK098s_9uIERmjlWtqkWsKM_RKnLh0Q72345Tw==

Redirect headers

date: Fri, 16 Jul 2021 22:44:24 GMT
via: 1.1 e6b325a976b10aa826ec63757afbdedb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1626475464023&ns_c=UTF-8&cv=3.5&c8=Ultrasurf%20-%20Top%20Stories&c7=http%3A%2F%2Fhome2.ultrasurfing.com%2F&c9=
content-length: 196
x-amz-cf-id: nwC08422yZunlC-VSocd3EJfNQvCzlflweMABC9h8Jcg-BIjfakiiw==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 131 KB
39 KB 7ms
7ms Script
application/javascript 2600:9000:20eb:1000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a19415bca7d20948dc84ed1c81824ad3545eb71ed53b8b5e46e14c4067e7b6f8

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HyL8A7aIi5b6S8805xIeNdhn3FBzo1IW
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 08:30:07 GMT
server: AmazonS3
age: 51243
etag: W/"806b21a25178130056c02edefeabd9f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
date: Fri, 16 Jul 2021 08:30:22 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: c6XHyH6vnoy4ycrHZpZjq-heb5fB040cOpqsIRKRda9tf0efSRc8uA==

GET
H2 200 11150108107755908711
tpc.googlesyndication.com/simgad/ Frame 6E8E 43 KB
43 KB 28ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11150108107755908711?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmUSM4H1nMZ8q6sP-kjgUZDQePipQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=7405560533&adk=2558915673&adf=2454318073&pi=t.ma~as.7405560533&w=300&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463680&bpp=1&bdt=454&idt=129&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xriAH0hUQn&p=http%3A//home2.ultrasurfing.com&dtd=132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

379728be2d7795529aeed2b55757fc1e6b00aa0513d0c2ca395e5810d14adcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 20:39:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 11:22:30 GMT
server: sffe
age: 353086
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43928
x-xss-protection: 0
expires: Tue, 12 Jul 2022 20:39:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame 6E8E 18 KB
8 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:18:28 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 6E8E 2 KB
1 KB 36ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:32:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 6E8E 14 KB
6 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:40:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E8E 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:24 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame 6E8E 26 KB
11 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56c62be9652c7b6b85be1e24dab707f15623d73cde436958c4ef74e3b5b68d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 18:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
server: cafe
etag: 11229175930449698035
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 18:47:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6E8E 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpshBxwvyYJ24MsOS3gP0wbDYCYqKtMth8sDg7boNwI23ARABIJy-tSRglQKgAZ2w7qEDyAECqQJPYlRY5dCzPqgDAcgDyQSqBOkBT9A8VXLAuzPuYAHvQNIE_-y8SfPFd625hOgxIjVWDwnna9FDP89_8HzugwYUxFqWdschmvO50bu_qM368RMdnM6pZE3mR_XMynOUQHV6T4T9gmbZMuDSIS3m5T_u9SOp4Z_3B7CpkHHFr7s4TNq7LsY-T0jNtE2MR9DPn8YzFmlrgOz9qgJ93fEjY_54fMMcjq-OS3loOQJnV-uouVoAh7kDKu78-0m5jWrmmsz7KoHcFokGjG_-A0lmkuyvtqs6mS_djh7RnhR0wZCeKOLOQlsrY4zQ9iHO4Q6bqF43pT_o8iKBINVc3hnABJqZmsPrAZIFBAgEGAGSBQQIBRgEoAYCgAf1tJteqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOu8C9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi04NTAyMjM3Mjk4NjU2MDA5&sigh=AkDUq8ojFKI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=7405560533&adk=2558915673&adf=2454318073&pi=t.ma~as.7405560533&w=300&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463680&bpp=1&bdt=454&idt=129&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xriAH0hUQn&p=http%3A//home2.ultrasurfing.com&dtd=132
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Jul 2021 22:44:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:24 GMT

OPTIONS
H2 204 generate
avm.avantisvideo.com/api/v1/tag/c532bae3-b93e-4ba7-b5e6-a0574f24b36b/1/desktop/ Frame 0
0 162ms
162ms Preflight 2600:9000:20eb:5800:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/c532bae3-b93e-4ba7-b5e6-a0574f24b36b/1/desktop/generate?subId=&browser=chrome&utm=&os=windows&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&eu=true&country=DE&hour=0

Protocol

Server

2600:9000:20eb:5800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://home2.ultrasurfing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: http://home2.ultrasurfing.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: gUsr43VFDkjrRFAR_IvhfslL2doTgY51LCwxEaz28n_rtKX1cCRnBg==

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 656ms
205ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT

GET
H2 200 generate Show response
avm.avantisvideo.com/api/v1/tag/c532bae3-b93e-4ba7-b5e6-a0574f24b36b/1/desktop/ 1 KB
1 KB 149ms
145ms XHR
application/json 2600:9000:20eb:5800:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:5800:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d06d20286b642f30cb4b7e55f0eb6c416e35e8b4280d25a3229b1ef2a71cedff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA2-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: http://home2.ultrasurfing.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: dgJ3EtudAwsNnZtktogaxJg34z9ZV9qBSnq6NxK1PhfidRtMjqjf5A==

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F013 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=7405560533&adk=2558915673&adf=2454318073&pi=t.ma~as.7405560533&w=300&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463680&bpp=1&bdt=454&idt=129&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xriAH0hUQn&p=http%3A//home2.ultrasurfing.com&dtd=132
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=7405560533&adk=2558915673&adf=2454318073&pi=t.ma~as.7405560533&w=300&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463680&bpp=1&bdt=454&idt=129&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600%2C300x250&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=667&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xriAH0hUQn&p=http%3A//home2.ultrasurfing.com&dtd=132

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Jul 2021 22:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 88
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6E8E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b30790514c9b8e3c22fc3b26b06f08cbf34f7d6b9e3c95f814afa5e79b36392c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 12514692816818614436
tpc.googlesyndication.com/simgad/ Frame A26D 54 KB
54 KB 43ms
23ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12514692816818614436?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qndwaFA5d4YO710OdWq7oT-wZuPXA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9d39f8dec3f44e3de585925573cf78fe7e086ee81423b7da8dc34829a8ce7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 15:40:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Jul 2021 14:20:27 GMT
server: sffe
age: 25424
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55092
x-xss-protection: 0
expires: Sat, 16 Jul 2022 15:40:40 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame A26D 18 KB
7 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:18:28 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame A26D 2 KB
1 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:32:08 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A26D 124 KB
37 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:24 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame A26D 14 KB
6 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:40:24 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame A26D 26 KB
11 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56c62be9652c7b6b85be1e24dab707f15623d73cde436958c4ef74e3b5b68d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 18:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
server: cafe
etag: 11229175930449698035
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 18:47:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A26D 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJAM3xwvyYPC_MayDjuwPseGBgAnm6_TmY5S-yIePDqOVz_KIAhABIJy-tSRglQKgAZSknMcCyAECqQL5UZX5S9CzPqgDAcgDyQSqBOYBT9CxxVxQH-qWVyBLU1lev9LvTTpAQ6nRcQ3HaK_yC9yPTj3F-YArFljnM6ly7WgxtzFkii0f7EHxYncKHqO9XXA8oXtSe9tQG2mPsGHMj2n34zzj4_eWRJ-qsDNH15VRhl3RVUW6v990rL58meEFCWV5uTtGWjrq1Qda1NKyCtXYkHA10lJU2z8C7CoN-shMUifFzbb_gA5ei5wV5vzXpoGSWwUigHRINXY4rKdahvJgFhW1X4MUwBHMfblGB3oq01gary_pM9A9Pguwzm70QJP87UvR8JieMHQw2p_5kU1lupTFr7jABKTuvsPXA6AGAoAH7KLj7gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ9Mds0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTg1MDIyMzcyOTg2NTYwMDk&sigh=twxt44ECHtA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Jul 2021 22:44:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012106212012000/ Frame EF03 188 KB
54 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=2856114808&pi=t.ma~as.1261171629&w=300&lmt=1626475463&psa=0&format=300x250&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&wgl=1&dt=1626475463680&bpp=1&bdt=455&idt=122&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=L0QCn3FfGV&p=http%3A//home2.ultrasurfing.com&dtd=126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55206
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 12:03:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08e7b47afdadb9c9"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 12:03:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame EF03 13 KB
5 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4815
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c6d4b511682de4a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 12:03:56 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame EF03 86 KB
27 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27658
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "89763648e638c628"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 12:03:56 GMT

GET
H3-29 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame EF03 71 KB
16 KB 24ms
18ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-animation-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb881ad28cd027cf3d912ca2a5f9ba9333484d1e747d2ff8e76506c8fd62ae99

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16640
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 12:05:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b02f0c672db8c610"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 12:05:10 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame EF03 4 KB
1 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9b373dc53e7b532"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 12:03:56 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame EF03 40 KB
13 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-form-0.1.mjs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12852
x-xss-protection: 0
server: sffe
date: Fri, 16 Jul 2021 12:03:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "432397294f345717"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jul 2022 12:03:56 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF03 2 KB
2 KB 32ms
22ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 25791
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 17 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF03 295 B
319 B 31ms
21ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 36411
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 17 Jul 2021 12:37:33 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame EF03 43 B
1 KB 235ms
60ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=zattoo-gaw&extLi=12985999821&rnd=1641653039

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.91 Bruggen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Fr, 16 Jul 2021 10:44:24 GMT
Server: Microsoft-IIS/8.5
Date: Fri, 16 Jul 2021 22:44:23 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1815
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF03 0
17 B 62ms
53ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYfNKxwvyYPWTMoiS3gPajJDoDuamidNjs_Xv2YEOv_-549cCEAEgnL61JGCVAqABjbiOiwPIAQmpArMX2jC6PrI-qAMByAMIqgTjAU_QjAFJ63s63gTrOwm4nLMbE4hmlLESaIV3jORKO5MarY2VfNvlsEG3op-aNZdbxL4eu68vbHJ12LXvYcShYIPnpVV4ogvKtUE4cFW6nTDcvjd8qEj3tbuF3UwLoNXG9VNMRLLMQbqAaKKILQ5xZ9ZzxcHaGrwd2BonmDdT-G1uq331nZCjve_a7prrTC0VG4rmwHIyuCFhio6tpnxhwWDyOCAm0DVMt8IC0AXel6V_dJvHUOvoy44A4B5V1j__b0CqcUVhk8oQVRAYk3tOdQIEfCLgSHqWHozopEQB-mdExAZCwAT496DExwOSBQQIBBgBkgUECAUYBKAGLoAH_ZqXMKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD4mAjSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItODUwMjIzNzI5ODY1NjAwOQ&sigh=O0EeS1mfTnc&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=2856114808&pi=t.ma~as.1261171629&w=300&lmt=1626475463&psa=0&format=300x250&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&wgl=1&dt=1626475463680&bpp=1&bdt=455&idt=122&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=L0QCn3FfGV&p=http%3A//home2.ultrasurfing.com&dtd=126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Jul 2021 22:44:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 01-shape.png
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 4 KB
4 KB 31ms
21ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/01-shape.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac297aaa134048f28aff7b03c9e623eaf9e2e30bbf0d09a196da91301ffbc31a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 02:57:26 GMT
x-content-type-options: nosniff
age: 330418
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4287
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 02:57:26 GMT

GET
H3-29 200 01-BigScreen_3.png
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 54 KB
54 KB 28ms
18ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/01-BigScreen_3.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de9da7cb4546ee46cfd9da4d1a1d5d153cbdaa3f20f4b84ebb02e20061f16fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 00:11:38 GMT
x-content-type-options: nosniff
age: 340366
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54917
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 00:11:38 GMT

GET
H3-29 200 01-Laptops_2.png
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 22 KB
22 KB 26ms
17ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/01-Laptops_2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f74301343a7efab9a1b67f50ac2725bb7253371e252ae4007c7d123a6e22e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 14:36:44 GMT
x-content-type-options: nosniff
age: 288460
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22981
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 14:36:44 GMT

GET
H3-29 200 01-Mobile_2.png
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 8 KB
9 KB 26ms
17ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/01-Mobile_2.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44374ac27b4f05047dddd55802504693cf09124d9acdd959236e1004bfe752f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 22:08:10 GMT
x-content-type-options: nosniff
age: 347774
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8692
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 22:08:10 GMT

GET
H3-29 200 02-shape.png
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 3 KB
3 KB 31ms
22ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/02-shape.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

226a20ea51106bdd09103a742adc9300b68fee18f98a87e8304446c4ea34705d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 23:08:27 GMT
x-content-type-options: nosniff
age: 344157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2671
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 23:08:27 GMT

GET
H3-29 200 02-Text.svg
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 7 KB
2 KB 32ms
22ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/02-Text.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99ed4e7ab95c8fe41790f3dd7fb8d45d28e8fba364fdfc71f7a1cf66c7fde562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 15:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2333
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 15:44:41 GMT

GET
H3-29 200 02-ConnectLabel.png
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 8 KB
8 KB 31ms
22ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/02-ConnectLabel.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0879a24e39cdfc40c83642329bf387001db4deb1857adcef8cdc0e8cc8f3b2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 22:01:55 GMT
x-content-type-options: nosniff
age: 261749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7854
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 22:01:55 GMT

GET
H3-29 200 02-ZattooLogo.svg
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 2 KB
1 KB 31ms
21ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/02-ZattooLogo.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5846d4207d076990b6629b3f398eb8da7720765ae5b500c120474f32c2852db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321787
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 997
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 05:21:17 GMT

GET
H3-29 200 02-CTA-DE.svg
tpc.googlesyndication.com/sadbundle/2528573978890027055/ Frame EF03 3 KB
1 KB 30ms
21ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2528573978890027055/02-CTA-DE.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7e100fc4ab5c2a400dfb7f914e9d41f0fc5d0dcc6ffe1e1c38847fbd2f1486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 02:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332411
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1402
x-xss-protection: 0
last-modified: Thu, 13 May 2021 14:51:44 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 02:24:13 GMT

GET
DATA 200
OK truncated
/ Frame EF03 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4c1d8a352e28b6d66ed683c32e2f5e944ca7ba216dda3921b5627243f603f74

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F013
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlEOnCSJQpUHopFAyqrbr0vXFXBYi6DeQqFd0bSOZi_a6W_U78RwuUdh3EeMVw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Jul 2021 22:44:24 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 16-Jul-2021 23:44:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Jul 2021 22:44:24 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js Show response
pagead2.googlesyndication.com/bg/ Frame BB43 35 KB
13 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 14:22:09 GMT

GET
H3-29 200 7196528861258492116
tpc.googlesyndication.com/simgad/ Frame E380 48 KB
48 KB 45ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7196528861258492116?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnToAX4dA_ZYVF1CPaJ8fz_hxAJ8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=280&slotname=7677486290&adk=2974127641&adf=2714851601&pi=t.ma~as.7677486290&w=950&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=950x280&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1626475463673&bpp=6&bdt=448&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=2455867246362&frm=20&pv=2&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=K5FT14Q4nL&p=http%3A//home2.ultrasurfing.com&dtd=109

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92cbdc3bc98129f24feb5bc287e7b84faa709c9741cc6d5f55dee7c47822e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 14:01:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 11:22:40 GMT
server: sffe
age: 290583
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48942
x-xss-protection: 0
expires: Wed, 13 Jul 2022 14:01:21 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame E380 18 KB
7 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:18:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:18:28 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame E380 2 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:32:08 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E380 124 KB
37 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:24 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame E380 14 KB
6 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 22:40:24 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame E380 26 KB
11 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56c62be9652c7b6b85be1e24dab707f15623d73cde436958c4ef74e3b5b68d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 18:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
server: cafe
etag: 11229175930449698035
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 18:47:47 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E380 0
0 45ms
43ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuT-NxwvyYMy6MY-IjuwP4J222A2KirTLYZK94O26DcCNtwEQASCcvrUkYJUCoAGdsO6hA8gBAqkC-VGV-UvQsz6oAwHIA8kEqgTsAU_QSCd7lN419MOYqol_5t5sr2k2jk8Uhbh_ZcythGvI8hywhbUxDo9lxIq5Jj7Atfi9hp_hiezwb_MzM5zjh44GN6u-jUH1n49EW2V-Bu2i1nviDNtSbviLrAtNdjm-imbF5PRNvNtTDNBCd5dLEXlPZAer9F2Alpi4xlQqWy_Zbvj4J6kkKmR7_2W5RZCvgPxH12R2aPQSbhIgkNhIw9AHMug87-VrYEeH82HA0hLbuc6FOvtGa-1pd4TUkC7UgB5lnXyEZ1hpZ4iZBz3ogPstimQZN8ouCblUuow3_EdzF-1JeHRNsvdQtfC7wASamZrD6wGSBQQIBBgBkgUECAUYBKAGAoAH9bSbXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD81SDSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxoKGAgAEhRwdWItODUwMjIzNzI5ODY1NjAwOQ&sigh=hfvO-afgf9Y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=280&slotname=7677486290&adk=2974127641&adf=2714851601&pi=t.ma~as.7677486290&w=950&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=950x280&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1626475463673&bpp=6&bdt=448&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=2455867246362&frm=20&pv=2&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=K5FT14Q4nL&p=http%3A//home2.ultrasurfing.com&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Jul 2021 22:44:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012106212012000/ 21 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbd0f8eff9d195eb363c39b70077cb7c4f7345d09d1cf41fa5db573916a92163

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 322325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7366
x-xss-protection: 0
server: sffe
date: Tue, 13 Jul 2021 05:12:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7145e499bf1cae68"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 05:12:19 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B15A 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlEOnCSJQpUHopFAyqrbr0vXFXBYi6DeQqFd0bSOZi_a6W_U78RwuUdh3EeMVw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Jul 2021 22:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 88
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A26D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d85f16518f624183fc49f4f71235c43da4f2edc1e49a9a67e4e11d442d60a94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F69B 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=280&slotname=7677486290&adk=2974127641&adf=2714851601&pi=t.ma~as.7677486290&w=950&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=950x280&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1626475463673&bpp=6&bdt=448&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=2455867246362&frm=20&pv=2&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=K5FT14Q4nL&p=http%3A//home2.ultrasurfing.com&dtd=109
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlEOnCSJQpUHopFAyqrbr0vXFXBYi6DeQqFd0bSOZi_a6W_U78RwuUdh3EeMVw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=280&slotname=7677486290&adk=2974127641&adf=2714851601&pi=t.ma~as.7677486290&w=950&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=950x280&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1626475463673&bpp=6&bdt=448&idt=94&shv=r20210712&ptt=9&saldr=aa&abxe=1&correlator=2455867246362&frm=20&pv=2&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=105&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=K5FT14Q4nL&p=http%3A//home2.ultrasurfing.com&dtd=109

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 16 Jul 2021 22:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 88
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D0D0 247 B
805 B 175ms
53ms Document
text/html 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

97fd72a24b0182335c4083dbea96f501f20ab938bebdd18d3101709d5755879c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/redir.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-tsliPFTnm-_5Gdy8YBrk2Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 204
date: Fri, 16 Jul 2021 22:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E380 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43aa0721a7936fea4b64b4144e09ad6af834ee7dfa77bd5c8ae756dc78433037

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
739 B 26ms
6ms Script
text/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:24 GMT
X-GUploader-UploadID: ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 16 Jul 2021 23:14:24 GMT

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 21 KB
8 KB 275ms
273ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=00%3A44%3A24.612&lti=fix_fpp_lr_var&data=%7B%22id%22%3A372%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1626339096480%2C%22vi%22%3A1626475464610%2C%22cv%22%3A%2220210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A5558%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1759%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1661%2C%22mw%22%3A610%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22fix_fpp_lr_var%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ed4b380e07015eb5901a8c0e58e28e1327652d3b403ee9f0c93a8140d8dfe42

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 230
date: Fri, 16 Jul 2021 22:44:24 GMT
content-encoding: gzip
server: nginx
x-timer: S1626475465.633085,VS0,VE230
x-served-by: cache-fra19154-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://home2.ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B15A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlEOnCSJQpUHopFAyqrbr0vXFXBYi6DeQqFd0bSOZi_a6W_U78RwuUdh3EeMVw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Jul 2021 22:44:24 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 16-Jul-2021 23:44:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Jul 2021 22:44:24 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BB2 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 14:22:09 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F69B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlEOnCSJQpUHopFAyqrbr0vXFXBYi6DeQqFd0bSOZi_a6W_U78RwuUdh3EeMVw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Jul 2021 22:44:24 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 16-Jul-2021 23:44:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Jul 2021 22:44:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 16 Jul 2021 22:44:24 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/2.73/ 239 KB
57 KB 28ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.73/avcplayer.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 365a607bc597a72cbb8b1134378bb96bfd290faaf3185191d2bb4d576d83873a

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvV9FOOjCVdTCbhxFXZ28nex-m_-RuKP6PKfHCnQh5zdawiHiGJUghSM4tU4VM-aFwiFx8HgQdIt47LmjxGVRg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 58119
last-modified: Sun, 11 Jul 2021 08:47:29 GMT
server: UploadServer
etag: "780d17cb9b64b09fcada477fc973ce30"
vary: Accept-Encoding
x-goog-hash: crc32c=7ROyig==, md5=eA0Xy5tksJ/K2kd/yXPOMA==
content-language: en
x-goog-generation: 1625993249781802
cache-control: public, max-age=300
x-goog-stored-content-length: 58119
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 16 Jul 2021 22:49:24 GMT

GET
H3-29 200 iframe.html Show response
p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame D0D0 4 KB
2 KB 98ms
50ms Document
text/html 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

74ccccd4a842947ee2022146e1f86f5154e05d9fad3e944c43efd83b396b3f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com
:scheme: https
:path: /v6exp3/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-6zYpsbXovbV6q219C-Drkg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
content-length: 1861
date: Fri, 16 Jul 2021 22:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ins.txt Show response
static.avantisvideo.com/data/ 3 KB
1 KB 6ms
6ms XHR
text/plain 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/ins.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad6a5e8776c6971ba60a4659a23aa1282c2ee721849dbe644d1bb064397f7c4a

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Jul 2021 22:44:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 08:49:33 GMT
Server: AmazonS3
x-amz-request-id: EXK16J4BD48FKGK6
ETag: "dcab740e286e110b6b586a6b30a7b1f3"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 915
x-amz-id-2: HDVbznRM2ZjUUZH2v/sHVcN+RDSeoO7VQwYG5hgvwamMVoASbnSUC1eViNkf1Nv4+XKSC6GkKqM=

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 0081 344 KB
98 KB 26ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.73/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:24 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduaDgPkp_R4LCB6X0nkLqtQRAGmWpF51Ckil2fG4W5xfkIAHKuFEF1VpjBSyXZNRUlxFUGRvikgiqoAdEmOLXvUWRKXhQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 99395
last-modified: Wed, 14 Jul 2021 08:58:16 GMT
server: UploadServer
etag: "ae36937a7d404d46344fcd812980641d"
vary: Accept-Encoding
x-goog-hash: crc32c=GfSxwg==, md5=rjaTen1ATUY0T82BKYBkHQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1626253096644759
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 99395
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 16 Jul 2021 22:49:24 GMT

GET
H2 206 food_01.mp4
content1.avantisvideo.com/content/ 64 KB
0 41ms
7ms Media
video/mp4 2600:9000:20eb:3000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/content/food_01.mp4?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tid=1&d=desktop&i=0
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://home2.ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: YDp583QdY2JJ.2BJCAljXoPAogFVBeU.
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified: Sun, 21 Feb 2021 16:44:00 GMT
server: AmazonS3
age: 65555
etag: "2b7e4ba8ea943b45f1f12804970d13ce-2"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-21260278/21260279
date: Fri, 16 Jul 2021 04:31:50 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
Content-Length: 21260279
x-amz-cf-id: caIz74Fm-tSC-t4Exp4uk2nqae7ZeqdRF_7NfNeKLA_p9SuHxLc89w==

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js Show response
pagead2.googlesyndication.com/bg/ Frame 70F8 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 14:22:09 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 44ms
44ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 2494
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19154-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1626475465.916836,VS0,VE0
date: Fri, 16 Jul 2021 22:44:24 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 95
x-cache-hits: 5462

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
990 B 45ms
45ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 23355
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19154-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1626475465.916985,VS0,VE0
date: Fri, 16 Jul 2021 22:44:24 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 95
x-cache-hits: 124933

GET
H2 200 tfa-eid.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 65ms
64ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2d5d14f409119b096f2a9e1d260d74b4a6a1ea12707d67fad5ce8e04a8a8f45

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yyfUx3IUbJwfW0X.Oiyv0BnIdB_y.TZK
content-encoding: gzip
etag: "cc265b1ca5bdf1837a68cad2f7f91f59"
age: 38
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5123
x-amz-id-2: z4scTCQDgLSx1zwQBzqT4M/L03eElgAKBjg4aE2e9a3sWdzN0uK7LfD/2xn7ZVEVi27zpIX+7YI=
x-served-by: cache-fra19154-FRA
last-modified: Thu, 15 Jul 2021 11:53:46 GMT
server: AmazonS3
x-timer: S1626475465.937745,VS0,VE1
date: Fri, 16 Jul 2021 22:44:24 GMT
vary: Accept-Encoding
x-amz-request-id: EAF4J4X05Y9V8340
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 95
x-cache-hits: 1

GET
H2 200 sha256.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 64ms
64ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c350378ef8726b9bbb16801e96fb7db68e7a26b51c7831e7c5dc04dbdb98f25c

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: LEBcJzLrBhoF5SgCwZJyeqYe9PUmmRLu
content-encoding: gzip
etag: "9cb37f420fb0b19746d06700718d2d0c"
age: 20
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 2654
x-amz-id-2: ydnyYPN50UPPI5aBkadjYd0lEScoDMaZCaESJtLCld3g9RNA8cKPl/OOgTM8DoKcYQ7e2noMMdE=
x-served-by: cache-fra19154-FRA
last-modified: Thu, 15 Jul 2021 11:53:34 GMT
server: AmazonS3
x-timer: S1626475465.937737,VS0,VE1
date: Fri, 16 Jul 2021 22:44:24 GMT
vary: Accept-Encoding
x-amz-request-id: EAF81ENJ274ZJR0W
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 95
x-cache-hits: 1

GET
H/1.1 200
OK tb Show response
15.taboola.com/ 36 KB
11 KB 121ms
94ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://15.taboola.com/tb?oid=15&pubnm=ultrasurf-ultrasurf&unitType=244&tbloc=&pageType=home&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=http%3A%2F%2Fultrasurfing.com%2F&encoded=1&uid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&variant=-100|403321658&callback=TRC.videoTagCallbacks.videoCallback1&cb=1626475464904&tagid=&cntry=PL&platform=1&sesid=9ebbf46e2fbc7224fe8e7468501b746e&itemid=/&viewid=1626475464610&geolat=&geoing=&deviceifa=&appid=&sd=v2_9ebbf46e2fbc7224fe8e7468501b746e_51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148_1626475464_1626475464_CIi3jgYQ8-NDGKKP-IurLyABKAEwrgE47qgMQPLxK0iwpNoDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ri=9529c1fe4664ce90befd4f30c23ad30d&appname=&cdb=&gdprApplies=true&rid=&sii=-1709852854480885386&oee=true&tpubid=1110515&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=22&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1110508&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6965ee60830da5507f908dc44c33c8fdca97e0aaafd1a7f6c24db987d416303a

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
MachineId: 1449
Transfer-Encoding: chunked
X-Cache: MISS
xvid-debug: mrmr - :
Connection: keep-alive
X-Served-By: cache-fra19160-FRA
Pragma: no-cache
Server: nginx
X-Timer: S1626475465.972909,VS0,VE28
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Via: 1.1 varnish
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Link: <http://am-wf.taboola.com>; rel=preconnect
X-Cache-Hits: 0

GET
H2 200 feed-card-placeholder.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 59ms
58ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f11379758af1df8c93f9009e55454747b519d75eb849390649c4eebc168a9da

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: mXJEpisgL4jK6S9smg.2VF8Wy32TMGzD
content-encoding: gzip
etag: "83df167d0dcc7b1eb68d5acecd2ef843"
age: 107
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1318
x-amz-id-2: GFANbv3mr7e03bA26OM28VXGIOr+51aFzss22Gcb1bW06aHWpX9CSCdTD/jnPUZia5GLkDbxDlg=
x-served-by: cache-fra19154-FRA
last-modified: Thu, 15 Jul 2021 11:53:15 GMT
server: AmazonS3
x-timer: S1626475465.937730,VS0,VE1
date: Fri, 16 Jul 2021 22:44:24 GMT
vary: Accept-Encoding
x-amz-request-id: 06BCVZAD85795386
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 95
x-cache-hits: 1

GET
H2 200 userx.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 51ms
50ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/ultrasurf-ultrasurf/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26e8c769dd3c7a4d67d629b682c8853b17266d9ee2c208532b26764f2754d549

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Api8X8LMyVdonmmolj_N7LX2_kP59cyc
content-encoding: gzip
etag: "bcdcb6f0f5d97846fa61bce26f931c40"
age: 74
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 8019
x-amz-id-2: 3e5u3hNmzDjB2iBLO6AVrEffYLrZFjv851XzFj40KbQBL93gDzYxMpck8pno2AhiBMDvVNJSqZ4=
x-served-by: cache-fra19154-FRA
last-modified: Thu, 15 Jul 2021 11:53:51 GMT
server: AmazonS3
x-timer: S1626475465.937702,VS0,VE1
date: Fri, 16 Jul 2021 22:44:24 GMT
vary: Accept-Encoding
x-amz-request-id: 7M505B5GYVWVA97J
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 95
x-cache-hits: 1

GET
H/1.1 200
OK f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 48ms
48ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
Content-Encoding: gzip
ETag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
Age: 26
Via: 1.1 varnish
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1758
x-amz-id-2: QvMTzrJ1sqHqbtTS38GSlbgcAwEVpb/6/VVZi7XQWhIdO7VhR40gonWNObdQTHplF21EUdzhZZA=
X-Served-By: cache-fra19163-FRA
Last-Modified: Wed, 07 Feb 2018 11:15:52 GMT
Server: AmazonS3
X-Timer: S1626475465.953416,VS0,VE0
Date: Fri, 16 Jul 2021 22:44:24 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
x-amz-request-id: QQEHSY6P3GVEQ2QG
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/svg+xml
Access-Control-Allow-Headers: *
abp: 95
X-Cache-Hits: 11

GET
H2 200 1622358867249ec1b8d040695dc7948b6f7bd2d4becd2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/ 23 KB
23 KB 54ms
45ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1622358867249ec1b8d040695dc7948b6f7bd2d4becd2.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bfe0a9999c5b22249b8d857e8ec45183a23b12d5220427632d485f11a8c378e2

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 3163729
edge-cache-tag: 382382482810191527974580219777199926276,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 159
expiration: expiry-date="Wed, 30 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1622358867249ec1b8d040695dc7948b6f7bd2d4becd2.jpg
content-length: 23328
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sun, 30 May 2021 16:19:28 GMT
server: nginx
x-timer: S1626475465.975018,VS0,VE1
etag: "14ed33c92ce864c573198eafb14372f3"
x-served-by: cache-wdc5543-WDC, cache-dca17753-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 90, 1

GET
H2 200 json Show response
trc.taboola.com/ultrasurf-ultrasurf/trc/3/ 22 KB
7 KB 460ms
459ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/trc/3/json?tim=00%3A44%3A24.950&route=AM:IL:V&lti=fix_fpp_lr_var&data=%7B%22id%22%3A245%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_9ebbf46e2fbc7224fe8e7468501b746e_51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148_1626475464_1626475464_CIi3jgYQ8-NDGKKP-IurLyABKAEwrgE47qgMQPLxK0iwpNoDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA%22%2C%22ui%22%3A%2251d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148%22%2C%22uifp%22%3A%2251d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148%22%2C%22lbt%22%3A1626339096480%2C%22vi%22%3A1626475464610%2C%22cv%22%3A%2220210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fultrasurfing.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A5558%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3181%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1664%2C%22mw%22%3A610%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22ultrasurf-ultrasurf-feed-action-bucket-1570561193204%22%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22fix_fpp_lr_var%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3bd998254f73e870e4aae70e970d8641414afda756d632c5e9e4fff9b25ff244

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 413
date: Fri, 16 Jul 2021 22:44:25 GMT
content-encoding: gzip
server: nginx
x-timer: S1626475465.970277,VS0,VE413
x-served-by: cache-fra19154-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://home2.ultrasurfing.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H/1.1 200
OK tbp Show response
15.taboola.com/ 6 KB
3 KB 109ms
81ms XHR
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d113919d9aa4589e45e06440d0362d8cff8ccaa107268e2848b331b927e53c5

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
MachineId: 1446
Transfer-Encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra19172-FRA
Pragma: no-cache
Server: nginx
X-Timer: S1626475465.014432,VS0,VE22
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Via: 1.1 varnish
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 e9f8fae7e6bb59e6d65e7449ad344e94.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 60ms
55ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9f8fae7e6bb59e6d65e7449ad344e94.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 63d18f794b79c9a717b0c4e57bdef25e19b0a0e02ea04bb690f6d77a3fad771f

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 16 Jul 2021 22:44:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2731829
edge-cache-tag: 295893597979877990047114361196785714882,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 26
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9f8fae7e6bb59e6d65e7449ad344e94.jpg
content-length: 13198
x-request-id: 70ac89312a7b34f000baf66ed8187169
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Mon, 07 Jun 2021 03:40:03 GMT
server: nginx
x-timer: S1626475465.974877,VS0,VE2
etag: "80da9c3bc4f50570055b910bca5d894e"
x-served-by: cache-wdc5548-WDC, cache-dca17729-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 1605103284641d1b91b333ad65046128ff0f4e1f1fb47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/ 24 KB
24 KB 52ms
48ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1605103284641d1b91b333ad65046128ff0f4e1f1fb47.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 09a063e6aa1a490fa6681d7cb07974d63ad6c353b93026545ffe27c4f2e1624d

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 3168439
edge-cache-tag: 522829855010074153693362294072733402321,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 109
expiration: expiry-date="Sat, 26 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.amazonaws.com/shinez-pictures/1605103284641d1b91b333ad65046128ff0f4e1f1fb47.jpg
content-length: 24244
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Wed, 26 May 2021 08:19:51 GMT
server: nginx
x-timer: S1626475465.975041,VS0,VE1
etag: "d23c1043dff20b96c0a2372277e9c8da"
x-served-by: cache-wdc5555-WDC, cache-dca17744-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 eb322d429138df39ca9a4bb4fe96ad24.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 645ms
641ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb322d429138df39ca9a4bb4fe96ad24.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cb7b94f53696acae93cb2d577f5c6fae8e2466650e6094b267ce29a060eac210

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 598
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 378093607886319250775557416541523963314,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 495
x-cache: MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb322d429138df39ca9a4bb4fe96ad24.jpg
content-length: 15358
x-request-id: ef97a4aa7bb090dd2bb3f9423e613477
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Mon, 12 Jul 2021 08:33:05 GMT
server: nginx
x-timer: S1626475465.974868,VS0,VE598
etag: "5bcbcf4a79ea9148ad71f339b6250d92"
x-served-by: cache-wdc5525-WDC, cache-dca12926-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0

GET
H2 200 e8324caf3566f4a7e5005a167fc73d49.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 47ms
43ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8324caf3566f4a7e5005a167fc73d49.jpeg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b316434b588870e087fae4c26fd219fa8c57fa78f9ea62e50ef5ea3564a6302

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 2153736
edge-cache-tag: 606752490841976932680327393514124064008,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 25
expiration: expiry-date="Sat, 17 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e8324caf3566f4a7e5005a167fc73d49.jpeg
content-length: 15100
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Wed, 16 Jun 2021 09:27:24 GMT
server: nginx
x-timer: S1626475465.975048,VS0,VE1
etag: "dde45bbb03a6f8ceea5eaf4de974caaa"
x-served-by: cache-wdc5540-WDC, cache-dca12924-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 slaaphouding-zegt-iets-over-gezondheid.png
images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_296,y_207/https%3A//content-cdn.tips-and-tricks.co/2017/12/ 9 KB
9 KB 56ms
53ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_296,y_207/https%3A//content-cdn.tips-and-tricks.co/2017/12/slaaphouding-zegt-iets-over-gezondheid.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 784ca0ce520085ea59bf6a9aa6372adfa103fa275a222fc909db5348de72c658

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:24 GMT
via: 1.1 varnish, 1.1 varnish
age: 134544
edge-cache-tag: 515237091256453951068069310693976216295,494165814672381896849860691793378769890,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 921
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/h_200,w_360,c_fill,g_xy_center,x_296,y_207/https%3A//content-cdn.tips-and-tricks.co/2017/12/slaaphouding-zegt-iets-over-gezondheid.png
content-length: 8798
x-request-id: aed038bb824ec543e8211d88c56e409f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 09 Jul 2021 17:50:43 GMT
server: nginx
x-timer: S1626475465.975026,VS0,VE1
etag: "5c7076c4cb17f5589eff530dbfdfa6c7"
x-served-by: cache-wdc5543-WDC, cache-dca17775-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 track
track1.aniview.com/ 0
71 B 410ms
133ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=home2.ultrasurfing.com&sn=&ic=0&tgt=0&app=&wi=455&he=256&test=&apppkg=&fv=3&proto=http&pid=5e7b0cd96e7f5a69710f0dfa&cid=5e7b0e2d8f481f5c4c4f785b&stagid=&stplid=&e=inventory&vi=0&cb=1626475464977
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 6 KB
2 KB 402ms
137ms XHR
application/json 54.205.103.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=http%3A%2F%2Fhome2.ultrasurfing.com%2F&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fcontent%2Ffood_01.mp4%3Fid&tid=1&d=desktop&i=0&AV_SLOTT=-2&AV_SECURED=0&AV_LANGUAGE=en&AV_PUBLISHERID=5e7b0cd96e7f5a69710f0dfa&AV_CHANNELID=5e7b0e2d8f481f5c4c4f785b&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=home2.ultrasurfing.com&AV_DADPOS=3&v=6.1.1.243&avtoken=464976&AV_WIDTH=455&AV_HEIGHT=256&AV_DNT=0&cb=1626475465080
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.103.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-103-27.compute-1.amazonaws.com
Software: /
Resource Hash: f86ed6dcc7cce7340f511a0d9364a56c29698cd5b87b23f7516c44c2036208b4

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://home2.ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 05 Jul 2021 08:57:45 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 205ms
205ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT

GET
H/1.1 200
OK UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.7/ 96 KB
28 KB 88ms
61ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e0a173ac96cd66cb5e6ade9a6a97f53262d4a883d3427e1b52062882582827

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront), 1.1 varnish
Age: 2382104
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 28132
X-Served-By: cache-fra19176-FRA
Last-Modified: Sat, 19 Jun 2021 09:01:18 GMT
Server: AmazonS3
X-Timer: S1626475465.148744,VS0,VE0
ETag: "8981cd06ff59fc3e3c16f66fb3d0cfa9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: UvVm37BTQ63gflOUTc-nL1UhfryXreShlZUgJ1cXtHfJHYrZle39Sg==
X-Cache-Hits: 283432

GET
H/1.1 200
OK creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
3 KB 86ms
60ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 varnish
Age: 1620097
x-amz-meta-mtime: 1580720676
X-Cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1580720957
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1904
X-Served-By: cache-fra19156-FRA
Last-Modified: Mon, 03 Feb 2020 09:09:18 GMT
Server: AmazonS3
X-Timer: S1626475465.150012,VS0,VE0
ETag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: fAeHO52Fy78UbxheIVGwTQpabLzTVzA-RHX2HcKYyUH5P0SAs1-vKA==
X-Cache-Hits: 82818

GET
H2 206 food_01.mp4
content1.avantisvideo.com/content/ 154 KB
155 KB 8ms
8ms Media
video/mp4 2600:9000:20eb:3000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/content/food_01.mp4?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tid=1&d=desktop&i=0
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cbc80c6745fb314b58b6654c3fb63ea2831aac0b517e634e48d9c54d69004b8

Request headers

Referer: http://home2.ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=21102592-

Response headers

x-amz-version-id: YDp583QdY2JJ.2BJCAljXoPAogFVBeU.
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified: Sun, 21 Feb 2021 16:44:00 GMT
server: AmazonS3
age: 65556
etag: "2b7e4ba8ea943b45f1f12804970d13ce-2"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 21102592-21260278/21260279
date: Fri, 16 Jul 2021 04:31:50 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
Content-Length: 157687
x-amz-cf-id: E7F58gFJHyjEo_RRrTXZzQDRValTOQWu9ocJygP-Wzn3kjE8pw2R4g==

GET
H/1.1 200
OK av.png
static.avantisvideo.com/images/ 2 KB
2 KB 29ms
6ms Image
image/png 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.avantisvideo.com/images/av.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Last-Modified: Mon, 25 Jan 2021 10:20:27 GMT
Server: AmazonS3
x-amz-request-id: V58NBT9W3D8WR5VM
ETag: "b8ce0fbf2e3e2f4f74cffe16c3b65adf"
Content-Type: image/png
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 1986
x-amz-id-2: TtRC2RP44U+Gl2/qUyhRoENlxJs5wMYUtnROBADENKrjwAaWbDdFz1yMMk99cevOgLO4bJhlbxY=

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 205ms
205ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT

GET
H2 206 food_01.mp4
content1.avantisvideo.com/content/ 128 KB
0 9ms
8ms Media
video/mp4 2600:9000:20eb:3000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/content/food_01.mp4?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tid=1&d=desktop&i=0
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://home2.ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

x-amz-version-id: YDp583QdY2JJ.2BJCAljXoPAogFVBeU.
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified: Sun, 21 Feb 2021 16:44:00 GMT
server: AmazonS3
age: 65556
etag: "2b7e4ba8ea943b45f1f12804970d13ce-2"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 65536-21260278/21260279
date: Fri, 16 Jul 2021 04:31:50 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
Content-Length: 21194743
x-amz-cf-id: qSFTCzlPlwX_wyj1Yp-yoyCYjjnFBuD-9AAqKhat5sHLozkG0kUrcw==

GET
H/1.1 200
OK st Show response
imprammp.taboola.com/ Frame D484 0
256 B 105ms
75ms Document
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=BA3EF852A31429872741221026371&cicmp=1337627&cijs=1&dast=V7FrACFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHcLgrGjE1WTBWYwmy-FustssVqvdbjIcrEZLSJjFYjGazFbDKRhs4XO6u9vggabT4brXC_1ul2WuOpsuD8_rcnPafXaN3-2XAwAAAMADAFFLNMSOb0N7BAAAAIAEz8i1AkVAxb-FwAUAAAAABgCBWLgGgCqHwZmcd6fDHwAADwUgAAACGCEAf2FYIgAAAAAjAAAAACQAAomFJQAOd4smAAABerF-CNEnAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAXQ7FPfo6LlYKvRAWmRYwAAAAAhMfSxo4kdUJlUfX___9vBXAFABCgF-uXcJR1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0ISywpHSgibXC9V4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAAB89ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhziQdW5dD6vzseGWI7myuVcMVjNlctVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: imprammp.taboola.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://home2.ultrasurfing.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

Server: nginx
Content-Length: 0
Accept-Ranges: bytes
Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-fra19130-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1626475465.252005,VS0,VE8

GET
H/1.1 200
OK cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/28_3_10/infra/ 727 KB
167 KB 89ms
59ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront), 1.1 varnish
Age: 1373297
x-amz-meta-mtime: 1605697169
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1605697291
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 170200
X-Served-By: cache-fra19128-FRA
Last-Modified: Wed, 18 Nov 2020 11:01:34 GMT
Server: AmazonS3
X-Timer: S1626475465.244765,VS0,VE0
ETag: "372eb1c4c65924583135c879a057ddd5"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Y_iWt7KFNViqJePx1_JyuVYwQxpNm-Z_RTvcrSp4FKR9RSdx-scjbg==
X-Cache-Hits: 3

GET
H/1.1 200
OK cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/ 44 KB
8 KB 43ms
42ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront), 1.1 varnish
Age: 763577
x-amz-meta-mtime: 1605697165
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1605697253
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7295
X-Served-By: cache-fra19156-FRA
Last-Modified: Wed, 18 Nov 2020 11:00:55 GMT
Server: AmazonS3
X-Timer: S1626475465.198568,VS0,VE0
ETag: "974f115b22388eba3c19a5907f61740d"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: text/css
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: cN4vkmd7LSV0zxHoCIBN3_z6kLjBhOegSK4dQrAzD1bfH-I681vpbA==
X-Cache-Hits: 2610

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E8E 42 B
64 B 55ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7eEcBrmcVAEY2E_Nj_BpXx88Hc7i1Wvo6RG4QbCbcY1zrIskhHllAM0xnM_SIwwQM1aJX2SFgBpwgsSrxN1JR3Ic8K2EQ6iPDldevN7vsa5Wtrlo5vQmVSpN7dg&sai=AMfl-YSHUsyZ3g4I3Vun8CDwbr-uszw4iWGELYtiCCeL9wC_FCpYTEaflvq2SzynbibNeFkA1lZeTpJV_ND4&sig=Cg0ArKJSzNUzW7oN3e3QEAE&id=lidar2&mcvt=1002&p=667,975,1267,1275&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&app=0&itpl=4&adk=2558915673&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1626475463814&dlt=289&rpt=39&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
18 KB 42ms
42ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront), 1.1 varnish
Age: 2428626
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17509
X-Served-By: cache-fra19128-FRA
Last-Modified: Thu, 21 Jan 2021 11:30:56 GMT
Server: AmazonS3
X-Timer: S1626475465.453454,VS0,VE0
ETag: "f237b8d35060f133ac8c595fd1234e1c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: JVAUVHZomFBOTYSmiRyONx061K0r8J89HAeMC4sUhok9f7gqiMDPAg==
X-Cache-Hits: 140083

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A26D 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYsdaxwvyYPC_MayDjuwPseGBgAnm6_TmY5S-yIePDqOVz_KIAhABIJy-tSRglQKgAZSknMcCyAECqQL5UZX5S9CzPqgDAaoE5gFP0LHFXFAf6pZXIEtTWV6_0u9NOkBDqdFxDcdor_IL3I9OPcX5gCsWWOczqXLtaDG3MWSKLR_sQfFidwoeo71dcDyhe1J721AbaY-wYcyPaffjPOPj95ZEn6qwM0fXlVGGXdFVRbq_33SsvnyZ4QUJZXm5O0ZaOurVB1rU0rIK1diQcDXSUlTbPwLsKg36yExSJ8XNtv-ADl6LnBXm_NemgZJbBSKAdEg1djisp1qG8mAWFbVfgxTAEcx9uUYHeirTWBqvL-kz0D0-C7DObvRAk_ztS9HwmJ4wdDDan_mRTWW6lMWvuMAEpO6-w9cDoAYCgAfsouPuAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD0x2zSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItODUwMjIzNzI5ODY1NjAwOQ&sigh=yY3hh19Ehs8&vt=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=600&slotname=2431794829&adk=935894321&adf=3492822401&pi=t.ma~as.2431794829&w=160&fwrn=4&fwrnh=100&lmt=1626475463&rafmt=1&psa=0&format=160x600&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1626475463679&bpp=1&bdt=454&idt=114&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=325&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Ogm7JSC46r&p=http%3A//home2.ultrasurfing.com&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 16 Jul 2021 22:44:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A26D 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCkGRK_bfW40y_6nZMHSGs3Jd148DxGFu-ompNNfvTxoYx8ZNUpOpcQVDGzcHCklZmPPRqs8SRgrYnr3_wHZUKs9vmwVH6GbVj5mdopOz-NUtvylc9uRBsNpRJMw&sai=AMfl-YRemz7mtFqCIhyvL0Who7kbQIq_e1UOczPpJCN-u4DfUHreClrVN8_6-86xhY_xlucvdlF-34lrxm6M&sig=Cg0ArKJSzCGcUMoglKolEAE&id=lidar2&mcvt=1053&p=400,325,1000,485&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=935894321&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1626475463797&dlt=413&rpt=49&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 0081 282 KB
89 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 60c420151119c997eb9f8c8c7ab0771775980aeba9e8c1deb96aaff93984c1e9

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvF1Y7SNk-aFpXWt86YLEeogYaBbO96qQO3uEYCijroD8SeXBpL96XLNojzbVwvbBfIk3BhNQgSAuh4b_L-sZCPGV3--A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Wed, 14 Jul 2021 08:57:34 GMT
server: UploadServer
etag: "23919fad16ba2ca2bfd55694eeae525a"
vary: Accept-Encoding
x-goog-hash: crc32c=AxQ1eQ==, md5=I5GfrRa6LKK/1VaU7q5SWg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1626253054480425
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 16 Jul 2021 22:49:25 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 132ms
132ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=home2.ultrasurfing.com&rs=home2.ultrasurfing.com&sid=41384&t=1626475465&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=455&he=256&app=&AV_PUBLISHERID=5e7b0cd96e7f5a69710f0dfa&test=&aafaid=&proto=http&uid=1626475465041-964868616462-008088-003-003921&cha=0.7&stagid=&stplid=&cb=54436910313&d9=1000&AV_WIDTH=455&AV_HEIGHT=256&&ppid=5e7b0cd96e7f5a69710f0dfa&nid=59918a0e073ef4782e4e347f&pcid=5e7b0e2d8f481f5c4c4f785b&ncid=5eaa9015d0f80052250e31c4&pasid=5eaa90e3dc7aab3eae0554c5&e=request&cb=1626475465512&asid=60ed8efc60f42333ff544e14%2C60e563f731f9f6195e0ca0e7%2C5eaa92abd694c6380f63c956&ofpr=%2C%2C0.75&fpo=%2C%2C
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 855fb5914ed571e8b87b1dce7f49305c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
57 KB 47ms
46ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/855fb5914ed571e8b87b1dce7f49305c.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f00fcfd8f2469b39c368fbdb641c4e8318ce49daf54b8099c1332534a5984502

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 3159438
edge-cache-tag: 368355095152475887965818720466687978715,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 155
expiration: expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/855fb5914ed571e8b87b1dce7f49305c.jpg
content-length: 57926
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Thu, 20 May 2021 16:52:11 GMT
server: nginx
x-timer: S1626475466.540573,VS0,VE1
etag: "316f0eac29887d82995e11bf863f5387"
x-served-by: cache-wdc5568-WDC, cache-dca17749-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 207baeff14098badd847ca04fe21273f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 45ms
43ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/207baeff14098badd847ca04fe21273f.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e4d0fa868377ad86cb46a5ea46a3d19dfd2a54420bce22644548e5bfc813a155

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 2028154
edge-cache-tag: 609369418486400229267099346676390336789,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 23
expiration: expiry-date="Fri, 23 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/207baeff14098badd847ca04fe21273f.jpg
content-length: 13082
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Tue, 22 Jun 2021 02:52:44 GMT
server: nginx
x-timer: S1626475466.540684,VS0,VE0
etag: "d2e6086074357dea85203c814b67cde4"
x-served-by: cache-wdc5521-WDC, cache-dca17727-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H/1.1 200
OK st Show response
imprammp.taboola.com/ Frame 4962 1 KB
924 B 56ms
56ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=undefined&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=95FB9DB2CF140851869114839057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffb0e052a82c606d04c470776d0f5841399f41e06ba2093581025a06e6387b6e

Request headers

Host: imprammp.taboola.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://home2.ultrasurfing.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

Server: nginx
Content-Type: text/html;charset=ISO-8859-1
Content-Encoding: gzip
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-fra19130-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1626475466.552079,VS0,VE10
Vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D8FF 1 KB
1 KB 146ms
49ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: d385d1ac693058a64070e63dd2e4f7afebfe7ef46c04aab5c8ca310b30fe2e5b

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

server: nginx
date: Fri, 16 Jul 2021 22:44:25 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

POST
H/1.1 200
OK VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 9 KB
6 KB 135ms
108ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4826595&noaop=3&sortOrderType=0&cb=1626475465534&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1243&pt=1139091258&tz=120&viewable=true&ddast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1334675&dpubid=231135&abtst=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&mPre=0.033&cirf=http%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75f2d94128e4159a1805e81a510b67231c4faed00a91478c78c8426b1197fd12

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
MachineId: 1466
Transfer-Encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra19153-FRA
Pragma: no-cache
Server: nginx
X-Timer: S1626475466.596204,VS0,VE48
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Via: 1.1 varnish
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Link: <http://ads.stickyadstv.com>; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect
X-Cache-Hits: 0

GET
H/1.1 200 st
am-vid-events.taboola.com/ 0
112 B 97ms
69ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=31589837&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1626475462831.9!ts:1626475465528&mntl=1
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 1dcfd2e3-bf3b-4f6a-a8f7-ccf163808d3d_1000x600_e41fc9cfaef1b44c9006c772401f0b91.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 23 KB
24 KB 44ms
44ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1dcfd2e3-bf3b-4f6a-a8f7-ccf163808d3d_1000x600_e41fc9cfaef1b44c9006c772401f0b91.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 86827b126dfc9a12bc04e847c9714fc171f80c3de0b48eba6265088ed33958c6

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 3253817
edge-cache-tag: 596308186424531246475508222813266575208,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 46
expiration: expiry-date="Mon, 21 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/1dcfd2e3-bf3b-4f6a-a8f7-ccf163808d3d_1000x600_e41fc9cfaef1b44c9006c772401f0b91.png
content-length: 23612
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Fri, 21 May 2021 11:50:21 GMT
server: nginx
x-timer: S1626475466.554492,VS0,VE1
etag: "68ff0ab5f1d8ebbb20f303efdd6ca4ee"
x-served-by: cache-wdc5529-WDC, cache-dca17726-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 494a702c-1965-4b65-acd4-42f00996256e_1000x600_89764d0479def54d952acb873b993bb0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 14 KB
15 KB 135ms
134ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/494a702c-1965-4b65-acd4-42f00996256e_1000x600_89764d0479def54d952acb873b993bb0.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c65f088fb93ec34dac0bd5d9812e2c31233eaa30d6a74d73ec8f9f8a52bb0b68

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 1226630
edge-cache-tag: 402958222343923546581724448595774777659,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 66
expiration: expiry-date="Fri, 09 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/494a702c-1965-4b65-acd4-42f00996256e_1000x600_89764d0479def54d952acb873b993bb0.png
content-length: 14424
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Tue, 08 Jun 2021 13:57:26 GMT
server: nginx
x-timer: S1626475466.554842,VS0,VE90
etag: "c311720872056849e1f3bb27d687ec74"
x-served-by: cache-wdc5553-WDC, cache-dca12926-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 404 48c257b3_photo0_190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 0
0 148ms
148ms Image
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/48c257b3_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 8157c050_photo0_190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 0
0 135ms
134ms Image
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/8157c050_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 2f5a1442-4f4f-4409-b75a-2a8aa15b07af_1000x600_ea00ad58bba466ec32fcc2c86dcfa857.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 22 KB
22 KB 45ms
44ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/2f5a1442-4f4f-4409-b75a-2a8aa15b07af_1000x600_ea00ad58bba466ec32fcc2c86dcfa857.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d9f49830cb5f6e7b35282dca00d4d8e162eb7ff9b45e0e8642f39fd11a6f05c

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 747825
edge-cache-tag: 462728171493774500348898312476926810570,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 61
expiration: expiry-date="Thu, 08 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/2f5a1442-4f4f-4409-b75a-2a8aa15b07af_1000x600_ea00ad58bba466ec32fcc2c86dcfa857.png
content-length: 22218
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Mon, 07 Jun 2021 12:35:41 GMT
server: nginx
x-timer: S1626475466.592412,VS0,VE1
etag: "c5d0586c92d3b7ac2a92fd455bb07981"
x-served-by: cache-wdc5583-WDC, cache-dca17746-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 404 53722993_photo0_190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 0
0 130ms
129ms Image
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/53722993_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 c86df91a_photo0_190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 0
0 142ms
141ms Image
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/c86df91a_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 91a88876-3ee9-4d0c-a14e-9e818a000b37.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//dbnzd.com/content/ 15 KB
16 KB 136ms
136ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//dbnzd.com/content/91a88876-3ee9-4d0c-a14e-9e818a000b37.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8f978f1c001fa3ea1447dc0496ed17331a9793d40d48cd6e83c76d4948ea1a43

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 1671198
edge-cache-tag: 313938881202956602384252905801920385755,579179033019623958066548589099963835462,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 60
expiration: expiry-date="Tue, 06 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_370%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//dbnzd.com/content/91a88876-3ee9-4d0c-a14e-9e818a000b37.jpg
content-length: 15426
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Sat, 05 Jun 2021 19:57:50 GMT
server: nginx
x-timer: S1626475466.639101,VS0,VE92
etag: "26dd8b3bbe44c89b833d9935fe7ba6b8"
x-served-by: cache-wdc5539-WDC, cache-dca17769-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 404 2eae2e69_photo0_190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 0
0 129ms
129ms Image
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/2eae2e69_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ab4aa1a8_photo0_610.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 46 KB
47 KB 45ms
44ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ab4aa1a8_photo0_610.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c66ba1e44675989f31427965bba9bf36f05c774e3359890a9cd270ef3c766a21

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 3164340
edge-cache-tag: 562952478033692737790406016026583831835,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 80
expiration: expiry-date="Sun, 04 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ab4aa1a8_photo0_610.jpg
content-length: 47506
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Thu, 03 Jun 2021 19:20:20 GMT
server: nginx
x-timer: S1626475466.704466,VS0,VE1
etag: "c837df4de35bb8b128c60bd4668e087f"
x-served-by: cache-wdc5568-WDC, cache-dca12929-DCA, cache-fra19154-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 404 e565ef45_photo0_190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 0
0 134ms
134ms Image
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/e565ef45_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 367ac7f1_photo0_190.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/ 0
0 132ms
132ms Image
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/367ac7f1_photo0_190.jpg
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 abtests
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
278 B 99ms
99ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/abtests?route=AM:IL:V&lti=fix_fpp_lr_var&ri=38afade5a24d004e93c4b5549eba1d35&sd=v2_9ebbf46e2fbc7224fe8e7468501b746e_51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148_1626475464_1626475465_CIi3jgYQ8-NDGKKP-IurLyABKAEwrgE47qgMQPLxK0iwpNoDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&pi=/&wi=-1709852854480885386&pt=home&vi=1626475464610&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1626475465542%7D&tim=00%3A44%3A25.542&id=3191&llvl=1&cv=20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT&
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 57
pragma: no-cache
date: Fri, 16 Jul 2021 22:44:25 GMT
via: 1.1 varnish
server: nginx
x-timer: S1626475466.564745,VS0,VE57
x-served-by: cache-fra19154-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
BLOB 206
Partial Content 249ad1bd-dca3-4ba9-932f-a57d3fb51b3f
http://home2.ultrasurfing.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://home2.ultrasurfing.com/249ad1bd-dca3-4ba9-932f-a57d3fb51b3f
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 5d520b03-761e-4d79-99bb-71f2527c9772
http://home2.ultrasurfing.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://home2.ultrasurfing.com/5d520b03-761e-4d79-99bb-71f2527c9772
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H/1.1 206
Partial Content wo13k3qhjb3lh2znmo7l.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1620311592/ 349 KB
350 KB 95ms
68ms Media
video/mp4 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1620311592/wo13k3qhjb3lh2znmo7l.mp4
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c3c9597379135763b47468c9cdb4bc20647d6e7ccd65a3affe1b0c3840b96db

Request headers

Referer: http://home2.ultrasurfing.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: yoZpqvo8xH2TM7plKdWU4Xe48JoS1tTM
Via: 1.1 varnish
ETag: "6bcc06afa7b0c90642a559e103976145"
Age: 12
X-Cache: HIT
Content-Range: bytes 0-357795/357796
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 357796
x-amz-id-2: mSX5TQPCBMqP1CHqJyjZpIQMc0KokunFG51NGI0dCagkHsin+IeYVNTaTmwa9MmInMt8Do5UmVc=
X-Served-By: cache-fra19153-FRA
Last-Modified: Thu, 06 May 2021 14:33:19 GMT
Server: AmazonS3
X-Timer: S1626475466.691897,VS0,VE1
Date: Fri, 16 Jul 2021 22:44:25 GMT
x-amz-request-id: 09NGGPZSEDBJDH15
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: video/mp4;codecs=avc1
abp: 95
X-Cache-Hits: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E380 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkMXEuePSLujEyzxyxz244qqcJJT9a9h3XgiK8rs4VLtEs2i7HIlUV9ASD3JMoSNN8ZZApakx5xIzjkKI9kRL8ajVsSqsbTgGGKqBPOBLsBlVTDFXN9fo1YEquuw&sai=AMfl-YSoPyLFGtokHS16xdDdKZ65nfhXC49-oFqwat9ZhtWEJeL7gS4umYy8kTG3lIC0QyxOMgvhU0zpv46g&sig=Cg0ArKJSzMnRf5BcAejCEAE&id=lidar2&mcvt=1052&p=105,325,350,1275&mtos=1052,1052,1052,1052,1052&tos=1052,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2974127641&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&eosm=0&rst=1626475463786&dlt=453&rpt=72&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
222 B 203ms
57ms XHR
application/json 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-160-25.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://home2.ultrasurfing.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EF03 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstymKNR385TriPFcPQgNvp8iWYUgW5_OP7cvqRjpXdbs-Lb7zXjCmH4ITXVsFONnlPb2RyoFMur13VGKGHdQl87IOe8PYGOYbUe9bD56kYSZDs5NzCfyvBcVVboNQ&sai=AMfl-YQTY0_Iwl4jr0M22XOTXslvbCIZU3q5gSCkJvJVy1VaHo8QVOMC5kBG4NgBQL_T0GpuisAkEw6jwc20&sig=Cg0ArKJSzNMzj6-s99OBEAE&id=ampim&o=975,400&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1016&mtos=0,0,1016,1016,1016&tos=0,0,1016,0,0&tfs=303&tls=1319&g=100&h=100&tt=1320&r=v&avms=ampa&adk=3782124154

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4962 70 B
264 B 194ms
63ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=undefined&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=95FB9DB2CF140851869114839057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4962
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&

0
255 B

49ms
47ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=undefined&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=95FB9DB2CF140851869114839057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 16 Jul 2021 22:44:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21126

Redirect headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 97
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 4962 43 B
146 B 150ms
50ms Image
image/gif 3.121.66.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=undefined&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=95FB9DB2CF140851869114839057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-66-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/29_9_7/infra/ 727 KB
154 KB 92ms
66ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/29_9_7/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb545024db2f2122965ff625f7cc21e9f51ff5788ba8d8b017dd5bbe407a1de0

Request headers

Origin: http://home2.ultrasurfing.com
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront), 1.1 varnish
Age: 221790
x-amz-meta-mtime: 1626253557
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1626253558
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 157120
X-Served-By: cache-fra19147-FRA
Last-Modified: Wed, 14 Jul 2021 09:05:59 GMT
Server: AmazonS3
X-Timer: S1626475466.760256,VS0,VE0
ETag: "3f81c934d0e37bcb23d6e1c3a9b51b84"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: O6Tvm8WR19LBQ4tHph86jEE2MBaWzQ3lwrbiara4PnOr7uLp32PL7g==
X-Cache-Hits: 30922

GET
H/1.1 200
OK cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_9_7/assets/css/ 60 KB
10 KB 47ms
47ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/units/29_9_7/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/lite-unit/3.4.7/UnitFeedManagerDesktop.min.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:25 GMT
Via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront), 1.1 varnish
Age: 221824
x-amz-meta-mtime: 1626253583
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1626253584
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 9231
X-Served-By: cache-fra19128-FRA
Last-Modified: Wed, 14 Jul 2021 09:06:25 GMT
Server: AmazonS3
X-Timer: S1626475466.711194,VS0,VE0
ETag: "332be01610736e061c892d8695dc07d9"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: text/css
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: _df3wkc4eE2u36dm7B4PzOmB_15293W2iXauPiOh8pCYZI8Lz1QaxQ==
X-Cache-Hits: 34748

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D8FF 70 B
265 B 153ms
62ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D8FF
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&

0
255 B

47ms
47ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Fri, 16 Jul 2021 22:44:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21133

Redirect headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 36
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame D8FF 43 B
145 B 109ms
51ms Image
image/gif 3.121.66.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-66-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame D8FF
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=1&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=370e42a3-3ba1-4a2c-a7fb-e4727e0419ea

0
256 B

50ms
47ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=370e42a3-3ba1-4a2c-a7fb-e4727e0419ea
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Fri, 16 Jul 2021 22:44:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21126

Redirect headers

location: https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=370e42a3-3ba1-4a2c-a7fb-e4727e0419ea
date: Fri, 16 Jul 2021 22:44:25 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 759bc49732394dde468c8d65a464e1a4.png
cdn.taboola.com/libtrc/static/thumbnails/ 72 KB
72 KB 44ms
44ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/759bc49732394dde468c8d65a464e1a4.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4544542e656ffb1a147b6e3d1539f7a7c68bfc67837f93646d12b227bd801f65

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oYKVPapWO.Q5THsF1NkO15fFwJOuxD9k
via: 1.1 varnish
etag: "b1171c296a164889861ada360adae6e1"
age: 15491
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 73270
x-amz-id-2: K5hvVXsy5yKgMAS8Pn0fCXsToN6903scvWazFPH8LYrim/Ox/yLMxCwdnK8n88tUM3eD6jKOlc4=
x-served-by: cache-fra19154-FRA
last-modified: Tue, 23 Jun 2015 22:08:00 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1376474773/atime:1435051727/md5:b1171c296a164889861ada360adae6e1/ctime:1422381685
x-timer: S1626475466.737102,VS0,VE0
date: Fri, 16 Jul 2021 22:44:25 GMT
x-amz-request-id: 204A4CD05CE9745B
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 95
x-cache-hits: 190

GET
H2 204 debug
il-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/ 0
90 B 313ms
97ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/ultrasurf-ultrasurf/log/2/debug?tim=00%3A44%3A25.841&type=warn&msg=Failed%20to%20load%20thumbnail%20https%3A%2F%2Fimages.taboola.com%2Ftaboola%2Fimage%2Ffetch%2Ff_jpg%252Cq_auto%252Ch_412%252Cw_740%252Cc_fill%252Cg_faces%3Aauto%252Ce_sharpen%2Fhttp%253A%2F%2Fultrasurfing.com%2F%2Fimages%2Fe565ef45_photo0_190.jpg%20for%20item%3D5266452803866907623%2C%20loading%20default%20thumbnail%20instead&id=5543&cv=20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT&lt=fix_fpp_lr_var&pct=0.1
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 72682

GET
H2 200 track
track1.aniview.com/ 0
70 B 133ms
132ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=home2.ultrasurfing.com&rs=home2.ultrasurfing.com&sid=41384&t=1626475465&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=455&he=256&app=&AV_PUBLISHERID=5e7b0cd96e7f5a69710f0dfa&test=&aafaid=&proto=http&uid=1626475465041-964868616462-008088-003-003921&cha=0.7&stagid=&stplid=&cb=54436910313&d9=1000&AV_WIDTH=455&AV_HEIGHT=256&&ppid=5e7b0cd96e7f5a69710f0dfa&nid=59918a0e073ef4782e4e347f&pcid=5e7b0e2d8f481f5c4c4f785b&ncid=5eaa9015d0f80052250e31c4&pasid=5eaa90e3dc7aab3eae0554c5&e=bid&cb=1626475465861&asid=60ed8efc60f42333ff544e14%2C60e563f731f9f6195e0ca0e7&ofpr=%2C&fpo=%2C
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7FAD 340 KB
117 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119593
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:25 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7233 340 KB
117 KB 39ms
20ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119593
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:25 GMT

GET
H/1.1 200
OK content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 43ms
43ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/29_9_7/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 varnish
Age: 1975050
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7638
X-Served-By: cache-fra19128-FRA
Last-Modified: Sun, 14 Oct 2018 13:31:31 GMT
Server: AmazonS3
X-Timer: S1626475466.013562,VS0,VE0
ETag: "d8d81221ec6e604811ce469d899c9c8b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 66yyU3j4fvwR2pWghuTSRe4J90AY-n2Za3iK1pdjZQmlD5ieLGYAOA==
X-Cache-Hits: 134479

GET
H/1.1 200
OK oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
6 KB 43ms
42ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/29_9_7/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront), 1.1 varnish
Age: 2661378
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5164
X-Served-By: cache-fra19156-FRA
Last-Modified: Tue, 14 Apr 2020 06:07:12 GMT
Server: AmazonS3
X-Timer: S1626475466.015798,VS0,VE0
ETag: "328b70146f77a19d2bc0172c656d921e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: dn5T0GNP1aO-b_P8C7pna3QaAbZXC_OUv0ztGQCxzCA8nHgZMgo10Q==
X-Cache-Hits: 669566

GET
H/1.1 200
OK OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/ 550 KB
142 KB 42ms
42ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/29_9_7/infra/cmTagFEED_MANAGER.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c6083384163a525570bd06adedae079b0de6a54a855a292061fdecba6c345f0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront), 1.1 varnish
Age: 394951
x-amz-meta-mtime: 1626080444
X-Cache: Hit from cloudfront, HIT
x-amz-meta-ctime: 1626080444
x-amz-meta-mode: 33188
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 144597
X-Served-By: cache-fra19176-FRA
Last-Modified: Mon, 12 Jul 2021 09:00:45 GMT
Server: AmazonS3
X-Timer: S1626475466.029650,VS0,VE0
ETag: "abf84176e4ffd2af897f63383ffc1e2a"
x-amz-meta-uid: 0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Type: application/javascript
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ctwmHRx_0lDtQYGHz8zDh6uVJjKTGDqStGrmycw_rNkgND3pHFt2CQ==
X-Cache-Hits: 89687

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 7810 1004 B
1 KB 48ms
48ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/units/29_9_7/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8ff24337a4324cf770706257114de81632bb25a90c0f74a92274af2f2e20c3b1

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

server: nginx
date: Fri, 16 Jul 2021 22:44:26 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

POST
H2 204 bulk Show response
trc.taboola.com/ultrasurf-ultrasurf/log/3/ 0
305 B 137ms
137ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ultrasurf-ultrasurf/log/3/bulk?route=AM%3AIL%3AV&lti=fix_fpp_lr_var&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 68
pragma: no-cache
date: Fri, 16 Jul 2021 22:44:26 GMT
via: 1.1 varnish
server: nginx
x-timer: S1626475466.107214,VS0,VE68
x-served-by: cache-fra19154-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://home2.ultrasurfing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK bridge3.471.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 78A5 577 KB
190 KB 13ms
7ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://home2.ultrasurfing.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193844
Date: Fri, 16 Jul 2021 07:39:09 GMT
Expires: Sat, 16 Jul 2022 07:39:09 GMT
Last-Modified: Tue, 13 Jul 2021 20:58:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 54317

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7FAD 44 KB
17 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7FAD 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=home2.ultrasurfing.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 22:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK bridge3.471.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3E1C 577 KB
190 KB 17ms
11ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://home2.ultrasurfing.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193844
Date: Fri, 16 Jul 2021 07:39:09 GMT
Expires: Sat, 16 Jul 2022 07:39:09 GMT
Last-Modified: Tue, 13 Jul 2021 20:58:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 54317

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7233 44 KB
16 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7233 107 B
122 B 32ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=home2.ultrasurfing.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 22:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 07D3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

135ms
46ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=undefined&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=95FB9DB2CF140851869114839057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Jul 2021 22:44:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Fri, 16 Jul 2021 22:44:26 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

/ Show response
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame B663
Redirect Chain

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1...
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privac...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=40f7b607-7f95-4c40-b214-789a7a6f882a

0
123 B

47ms
47ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=40f7b607-7f95-4c40-b214-789a7a6f882a
Requested by: Host: imprammp.taboola.com
URL: http://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8070195&crid=4826595&dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&cmcv=&pix=undefined&cb=1626475465528&uv=2997&tms=1626475465528&abt=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vD!ulelrt_vC&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=95FB9DB2CF140851869114839057&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync-t1.taboola.com
:scheme: https
:path: /sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=40f7b607-7f95-4c40-b214-789a7a6f882a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://imprammp.taboola.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=4eff9769-a7d4-4291-b889-b2383ea44d66-tuct7eb914a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://imprammp.taboola.com/

Response headers

server: nginx
date: Fri, 16 Jul 2021 22:44:26 GMT
tbl-x-upstream: 10.40.0.134:10213
x-fastly-to-nlb-rtt: 21136
access-control-allow-credentials: true

Redirect headers

vary: Accept, Accept-Encoding
set-cookie: i=14616a7d-3c13-42e0-9a6c-b1f4bf351f63|1626475466; Version=1; Expires=Sat, 16-Jul-2022 22:44:26 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.210.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=40f7b607-7f95-4c40-b214-789a7a6f882a
date: Fri, 16 Jul 2021 22:44:26 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
1 KB 46ms
46ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via: 1.1 varnish
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Age: 25620
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
X-Served-By: cache-fra19163-FRA
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1626475466.168398,VS0,VE0
Date: Fri, 16 Jul 2021 22:44:26 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
abp: 95
X-Cache-Hits: 10859

GET
H/1.1 200
OK 11736641 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 155ms
53ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/11736641?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4a42b0832b9ab3a89f1b4799ddeff74123ba40b7d1c3235ece5f60d12c0fbab8

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1626475466297017-561
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK 11736801 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 166ms
57ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/11736801?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1bd62fefd72133356ce09f21043fe2f81e34268f573f9729cecd9be36618f47e

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1626475466330009-553
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK 8227105 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 163ms
57ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/8227105?reqType=AdsSetup&protocolVersion=2.0&zoneId=8227105&loc=http%3A%2F%2Fultrasurfing.com&playerSize=700x393&_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd02d3bef0cec6d2bc5010f9b56c467bc38ae8f6056dee2112d1c6bb7c993f48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1262
x-sticky-vk: 1626475466069071-588
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 868E 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 16 Jul 2021 23:11:10 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6828
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

126ms
43ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Jul 2021 22:44:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Fri, 16 Jul 2021 22:44:26 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F32F 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 16 Jul 2021 23:11:10 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7810 70 B
264 B 66ms
65ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 7810
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&

0
255 B

47ms
47ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Fri, 16 Jul 2021 22:44:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21136

Redirect headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f4abb02-e687-11eb-9aa9-182a6e990306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 7810 43 B
145 B 49ms
47ms Image
image/gif 3.121.66.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.66.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-66-166.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 um Show response
cs.emxdgt.com/ Frame 7810 0
59 B 253ms
48ms Script
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:25 GMT
content-length: 0
content-type: text/html

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=4241870d-a667-498f-95d8-dff5c047a9f8&_origin=1&gdpr=1&gdpr_consent=

0
234 B

150ms
50ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=4241870d-a667-498f-95d8-dff5c047a9f8&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=4241870d-a667-498f-95d8-dff5c047a9f8&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078&verify=true

0
1 KB

83ms
49ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078&verify=true

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YPILygAC8pd_hwA4&_origin=0&gdpr=0&gdpr_consent=&_test=YPILygAC8pd_hwA4&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP5fb0123f-e687-11eb-9e00-02b4ef8cd078&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1ZmIwMTIzZi1lNjg3LTExZWItOWUwMC0wMmI0ZWY4Y2QwNzg%3D
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVA1ZmIwMTIzZi1lNjg3LTExZWItOWUwMC0wMmI0ZWY4Y2QwNzg%3D&google_tc=
https://pixel.advertising.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1
https://pixel.advertising.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1&apid=UP60c46879-e687-11eb-b19b-06c92e45b516

0
1 KB

47ms
47ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1&apid=UP60c46879-e687-11eb-b19b-06c92e45b516

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPhVohRSwbgQV4zxsJltYTo&google_cver=1&apid=UP60c46879-e687-11eb-b19b-06c92e45b516
date: Fri, 16 Jul 2021 22:44:28 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DE99
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

43ms
43ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Jul 2021 22:44:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Fri, 16 Jul 2021 22:44:26 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 8DB6 330 KB
112 KB 47ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop238.fr8.t,1626475466.cds017.fr8.shn,1626475466.cds017.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame DB51 330 KB
112 KB 57ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop238.fr8.t,1626475466.cds017.fr8.shn,1626475466.cds017.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 0192 330 KB
112 KB 66ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop238.fr8.t,1626475466.cds017.fr8.shn,1626475466.cds017.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 78A5 156 B
768 B 272ms
179ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4107203855597221&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2461288863&sdk_apis=2%2C8&sid=35B25A91-5D6E-4642-8424-230ABA3386D7&eid=44725355&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ref=http%3A%2F%2Fhome2.ultrasurfing.com%2F&dt=1626475466462&cookie=ID%3D083d5a9bcdd8fe62-22e492b47dc800ab%3AT%3D1626475463%3ART%3D1626475463%3AS%3DALNI_MbTT4X4XOiUxszDlNwRb_itL3hQhg&scor=4218663966804077&ged=ve4_td0_tt0_pd0_la0_er1085.403.1238.703_vi0.0.1200.1600_vp75_eb23147

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3E1C 156 B
185 B 282ms
193ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3553415941596663&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2517976502&sdk_apis=2%2C8&sid=A9378C8F-E727-4566-8B07-6E87B920AA2D&eid=21064201%2C44737475&top=http%3A%2F%2Fhome2.ultrasurfing.com%2F&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ref=http%3A%2F%2Fhome2.ultrasurfing.com%2F&dt=1626475466467&cookie=ID%3D083d5a9bcdd8fe62-22e492b47dc800ab%3AT%3D1626475463%3ART%3D1626475463%3AS%3DALNI_MbTT4X4XOiUxszDlNwRb_itL3hQhg&scor=3865325778939695&ged=ve4_td0_tt0_pd0_la0_er1085.403.1238.703_vi0.0.1200.1600_vp75_eb23147

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 07D3 31 KB
10 KB 48ms
47ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44980
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Sat, 17 Jul 2021 11:14:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6828 31 KB
10 KB 69ms
46ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44980
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Sat, 17 Jul 2021 11:14:06 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 8DB6 25 KB
25 KB 14ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1626475466519
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop219.fr8.t,1626475466.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cc36559854b49e20484250754e74909c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l10fd_6985658934217215038

43 B
840 B

60ms
60ms

Image
image/gif

184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l10fd_6985658934217215038
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1626475466565078-503
Expires: Fri, 16 Jul 2021 22:44:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Location: https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l10fd_6985658934217215038
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0

GET auto-user-sync
ads.stickyadstv.com/ Frame DB51 0
0

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cc36559854b49e20484250754e74909c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2951_6985658934217271457

43 B
838 B

53ms
53ms

Image
image/gif

184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2951_6985658934217271457
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1626475466911010-517
Expires: Fri, 16 Jul 2021 22:44:26 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Location: https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2951_6985658934217271457
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 07D3 284 B
536 B 185ms
46ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET auto-user-sync
ads.stickyadstv.com/ Frame 0192 0
0

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cc36559854b49e20484250754e74909c&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658934217327963
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=b42e48b6-fdd3-43a4-b1bc-071596c8b4e3
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=4259419890908750973
https://pr-bh.ybp.yahoo.com/sync/stickyads/ddaf59394e4595d0f46108639721138&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-xumszb9E2oM7XjPm2_gn6rT8UB64a2OIMUGTM_sR~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8b7760f2-0bcd-4e00-a004-16a567ab07c5&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5155365076674725554
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4b0de098-b750-4317-a012-71644564b2ea
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3469693587413378879

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DE99 31 KB
10 KB 48ms
47ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44980
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Sat, 17 Jul 2021 11:14:06 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6828 284 B
536 B 182ms
45ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 8DB6 301 B
862 B 67ms
53ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11736641&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475466269089-604
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 8DB6 67 B
726 B 104ms
61ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11736641&_fw_gdpr=1&_fw_us_privacy=1---&vav=7f845c9f4c86df929810e38fd2f0f4d9&vaviv=06ea342db0c7a60b8f31c6b9de191088&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475466505048-563
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame DB51 301 B
862 B 89ms
57ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=8227105&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475466294085-554
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame DB51 67 B
726 B 97ms
61ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8227105&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&_fw_us_privacy=1---&reqType=AdsSetup&playerSize=700x393&_fw_gdpr=1&protocolVersion=2.0&auction=1&vav=796a40cc5f6fc3e8f6eee84fb84fb64c&vaviv=42df41e515a4e9a35dc4943adae127b6&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475466461055-544
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 0192 301 B
862 B 100ms
53ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11736801&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475466462056-586
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 0192 67 B
726 B 147ms
65ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11736801&_fw_gdpr=1&_fw_us_privacy=1---&vav=e097f8068fb781c3c6dba79c5ecdb111&vaviv=348817a9e8ddcc3f6512b1041214066d&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475466388092-556
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DE99 284 B
536 B 148ms
45ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=

170 B
243 B

1413ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475466728005-515
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=cc36559854b49e20484250754e74909c&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

625ms
138ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=cc36559854b49e20484250754e74909c&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:27 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 73K699VMKFS16QTAT8B3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=cc36559854b49e20484250754e74909c&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475466680009-582
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET user-matching
ads.stickyadstv.com/ Frame DB51 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=

170 B
232 B

1353ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2MzNjU1OTg1NGI0OWUyMDQ4NDI1MDc1NGU3NDkwOWM=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475466446088-558
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET user-matching
ads.stickyadstv.com/ Frame DB51 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=49b59d59eeb095d69d6fd934c4e4c7e4&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

555ms
139ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=49b59d59eeb095d69d6fd934c4e4c7e4&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:27 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3BDAJ3B5G24BSSGCFMVX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:26 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=49b59d59eeb095d69d6fd934c4e4c7e4&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475466557093-510
Expires: Fri, 16 Jul 2021 22:44:26 GMT

GET user-matching
ads.stickyadstv.com/ Frame 0192 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGRhZjU5Mzk0ZTQ1OTVkMGY0NjEwODYzOTcyMTEzOA==&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGRhZjU5Mzk0ZTQ1OTVkMGY0NjEwODYzOTcyMTEzOA==&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

111ms
60ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGRhZjU5Mzk0ZTQ1OTVkMGY0NjEwODYzOTcyMTEzOA==&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGRhZjU5Mzk0ZTQ1OTVkMGY0NjEwODYzOTcyMTEzOA==&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET user-matching
ads.stickyadstv.com/ Frame 0192 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=ddaf59394e4595d0f46108639721138&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

223ms
137ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=ddaf59394e4595d0f46108639721138&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:27 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7ZAK2NKAADTK2E44GYZE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=ddaf59394e4595d0f46108639721138&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475466994096-542
Expires: Fri, 16 Jul 2021 22:44:27 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 209ms
209ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Jul 2021 22:44:26 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A3EA 0
239 B 1240ms
59ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame A3EA
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=jJsaz6K43ADp&ev=1&orig=trc&pid=562107

0
246 B

47ms
47ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=jJsaz6K43ADp&ev=1&orig=trc&pid=562107
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Fri, 16 Jul 2021 22:44:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26378

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=jJsaz6K43ADp&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame A3EA 43 B
677 B 485ms
46ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:27 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d23fd07c-cbc1-4438-9b71-5ea79bb64598
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame A3EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAxA1dijwX4MlETkyUZg9bc&google_cver=1

0
60 B

108ms
107ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAxA1dijwX4MlETkyUZg9bc&google_cver=1
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 58
date: Fri, 16 Jul 2021 22:44:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1626475468.340067,VS0,VE58
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19154-FRA

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAxA1dijwX4MlETkyUZg9bc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A3EA 42 B
546 B 1225ms
63ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148:$UID
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:28 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:390
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A3EA
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=dcf73a01-1eea-4e26-a922-7ab4d5569675-tuct7eb914b
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=dcf73a01-1eea-4e26-a922-7ab4d5569675-tuct7eb914b&google_tc=

170 B
188 B

107ms
58ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=dcf73a01-1eea-4e26-a922-7ab4d5569675-tuct7eb914b&google_tc=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc=&gdpr=0&gdpr_consent=&google_hm=dcf73a01-1eea-4e26-a922-7ab4d5569675-tuct7eb914b&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame A3EA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b42e48b6-fdd3-43a4-b1bc-071596c8b4e3

0
206 B

106ms
105ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b42e48b6-fdd3-43a4-b1bc-071596c8b4e3
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 57
date: Fri, 16 Jul 2021 22:44:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1626475468.231737,VS0,VE57
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19154-FRA

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b42e48b6-fdd3-43a4-b1bc-071596c8b4e3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame A3EA
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

66ms
65ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:31 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:31 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame A3EA 49 B
406 B 386ms
130ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-589cbd599f-tlp76
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A3EA 43 B
697 B 433ms
60ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame A3EA 0
45 B 52ms
45ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:27 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A3EA
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fdf7727-8515-476c-80c7-556d00c62df3

0
256 B

47ms
47ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fdf7727-8515-476c-80c7-556d00c62df3
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 16 Jul 2021 22:44:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21139

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4fdf7727-8515-476c-80c7-556d00c62df3
cache-control: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3871
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 16 Jul 2021 00:00:00 GMT

GET

6.gif
id5-sync.com/c/464/108/2/ Frame A3EA
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9HKYkhcph1lRKddkmN_FIxusb85shLoR5uWd-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO9HKYkhcph1lRKddkmN_FIxusb85shLoR5uWd-w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=3f55b11c-250c-481c-a862-4f1ff49046ef&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESECoHAPBq0M_7BRDBu6ViRJo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3469693587413378879&opid=apx&ops=&utidl=tech:goo:CAESECoHAPBq0M_7BRDBu6ViRJo&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A19068414862&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/19/4/4.gif?puid=45126063a38037a44cc6a086715a2110&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/101/3/5.gif?puid=aaa21f80-34bc-4863-8bdd-55c3c1d28bca&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
https://id5-sync.com/c/464/108/2/6.gif?puid=1034c52a-81bb-483d-b01e-beccbc011b2a&gdpr=1&gdpr_consent=

0
0

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame A3EA
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZcxCTD6wDdWt7srWzQvyYA

0
246 B

47ms
47ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZcxCTD6wDdWt7srWzQvyYA
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Fri, 16 Jul 2021 22:44:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24208

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZcxCTD6wDdWt7srWzQvyYA
date: Fri, 16 Jul 2021 22:44:29 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame A3EA 35 B
380 B 3540ms
131ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:12 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame A3EA
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4ff0e06b-defc-4b31-881d-363da5f510e2&ssp=taboola&gdpr=0&gdpr_consent=

43 B
324 B

410ms
58ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4ff0e06b-defc-4b31-881d-363da5f510e2&ssp=taboola&gdpr=0&gdpr_consent=
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4ff0e06b-defc-4b31-881d-363da5f510e2&ssp=taboola&gdpr=0&gdpr_consent=
date: Fri, 16 Jul 2021 22:44:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame A3EA
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11d746c0-998c-40f1-bbd2-64e4eb0e6c9b
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11d746c0-998c-40f1-bbd2-64e4eb0e6c9b&tbid=f16ae039-eeeb-4134-a2f0-0c1291e0d5d9-tuct7eb914d&query=taboola_hm%3D11d746c0-998c-...

0
81 B

55ms
51ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11d746c0-998c-40f1-bbd2-64e4eb0e6c9b&tbid=f16ae039-eeeb-4134-a2f0-0c1291e0d5d9-tuct7eb914d&query=taboola_hm%3D11d746c0-998c-40f1-bbd2-64e4eb0e6c9b&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1626475472.961465,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19154-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=11d746c0-998c-40f1-bbd2-64e4eb0e6c9b&tbid=f16ae039-eeeb-4134-a2f0-0c1291e0d5d9-tuct7eb914d&query=taboola_hm%3D11d746c0-998c-40f1-bbd2-64e4eb0e6c9b&isDirect=0
tbl-x-upstream: 10.41.14.95:10213
date: Fri, 16 Jul 2021 22:44:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23817

GET
H2

200

sd
u.openx.net/w/1.0/ Frame A3EA
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=

43 B
180 B

55ms
55ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.210.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
via: 1.1 google
server: OXGW/16.210.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&gdpr=0&gdpr_consent=
date: Fri, 16 Jul 2021 22:44:28 GMT
via: 1.1 google
server: OXGW/16.210.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame A3EA
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=460bda47-ffeb-51c6-945a-fa13f4a8f1df

0
256 B

47ms
47ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=460bda47-ffeb-51c6-945a-fa13f4a8f1df
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Fri, 16 Jul 2021 22:44:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25144

Redirect headers

location: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=460bda47-ffeb-51c6-945a-fa13f4a8f1df
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame A3EA 43 B
427 B 655ms
134ms Image
image/gif 52.21.23.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.23.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-23-66.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame A3EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=xPxjNGH2SxqTI9_QPm4NoQ&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=xPxjNGH2SxqTI9_QPm4NoQ

0
115 B

52ms
52ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=xPxjNGH2SxqTI9_QPm4NoQ
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Fri, 16 Jul 2021 22:44:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25721

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=xPxjNGH2SxqTI9_QPm4NoQ
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame A3EA
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&dongle=tbla
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

47ms
47ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 16 Jul 2021 22:44:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 43ms
42ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 738
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19154-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1626475469.083243,VS0,VE0
date: Fri, 16 Jul 2021 22:44:29 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 70
x-cache-hits: 1751

GET
H2

204

/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 7019
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=DJiZGmNeRZqjJ9dRB4fpPA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=DJiZGmNeRZqjJ9dRB4fpPA

0
114 B

47ms
47ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=DJiZGmNeRZqjJ9dRB4fpPA
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.134:10213
date: Fri, 16 Jul 2021 22:44:29 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 25144

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&ui=DJiZGmNeRZqjJ9dRB4fpPA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 9 KB
5 KB 102ms
101ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4826595&noaop=3&sortOrderType=0&cb=1626475468450&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1243&pt=-637058757&tz=120&viewable=true&ddast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1334675&dpubid=231135&abtst=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vG!ulelrt_vC&mPre=0.033&cirf=http%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b611e6c82e6c199b6b12773a8506574766e58e2b77baa0148e43af2edef1677d

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Date: Fri, 16 Jul 2021 22:44:28 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
MachineId: 1408
Transfer-Encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra19153-FRA
Pragma: no-cache
Server: nginx
X-Timer: S1626475468.471349,VS0,VE57
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Via: 1.1 varnish
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Link: <http://ads.stickyadstv.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect
X-Cache-Hits: 0

GET
H/1.1 200
OK 11736641 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 53ms
53ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/11736641?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 96c62b969450bb9b1e4538d1ccf5f0044574bd847ce6c6b8aab470dd4bdee7a5

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1626475468482020-513
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK 8227105 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 53ms
53ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/8227105?reqType=AdsSetup&protocolVersion=2.0&zoneId=8227105&loc=http%3A%2F%2Fultrasurfing.com&playerSize=700x393&_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7958c58b9ead2487e441b8652495b3e0d19d5dd05edad01e9bb579c30cc19688

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1262
x-sticky-vk: 1626475468375059-537
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK 7042993 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 58ms
57ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7042993?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bf4e37ab85da61ada8b2a99b11d75650a585e1ae069db665f067da2793595014

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1062
x-sticky-vk: 1626475468598002-528
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 4A6B 330 KB
112 KB 7ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop238.fr8.t,1626475468.cds017.fr8.shn,1626475468.cds017.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 12E8 330 KB
112 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop205.fr8.t,1626475468.cds041.fr8.shn,1626475468.cds041.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 64D4 330 KB
112 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop238.fr8.t,1626475468.cds017.fr8.shn,1626475468.cds017.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 4A6B 25 KB
25 KB 7ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1626475468660
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:28 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop219.fr8.t,1626475468.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 4A6B 0
0

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=...
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=0e5d60f2-0bcc-4200-aaa9-50b4a6d6f23b&gdpr=1&gdpr_consent=null
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&gdp...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=1&...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPILzQACr2k4DABg&gdpr=1&gdpr_consent=null&_test=YPILzQACr2k4DABg
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=6c828ad7db8f1e344473cdd4efd4bd96&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658947101914598
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4b0de098-b750-4317-a012-71644564b2ea
https://pr-bh.ybp.yahoo.com/sync/stickyads/6c828ad7db8f1e344473cdd4efd4bd96&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-szzfeypE2oNU5RN1ahsGWsuzUe8pzcmbJfe8CgWB~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3469693587413378879
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=BcadgbA21M4wzk5&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACiQ07B5BgAAEAvNv5yhQ&gdpr=0

0
0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 12E8 25 KB
25 KB 6ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1626475468680
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:28 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475466.dop219.fr8.t,1626475468.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 12E8 0
0

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=...
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=474360f2-0bcd-4600-baca-663efad0c514&gdpr=1&gdpr_consent=null

43 B
731 B

54ms
53ms

Image
image/gif

184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=474360f2-0bcd-4600-baca-663efad0c514&gdpr=1&gdpr_consent=null
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1626475469279022-595
Expires: Fri, 16 Jul 2021 22:44:29 GMT

Redirect headers

Date: Fri, 16 Jul 2021 22:44:24 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=474360f2-0bcd-4600-baca-663efad0c514&gdpr=1&gdpr_consent=null
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 16 Jul 2021 22:44:23 GMT

GET auto-user-sync
ads.stickyadstv.com/ Frame 64D4 0
0

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=1&gdpr_consent=null&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=1&gdpr_consent=...
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8b7760f2-0bcd-4e00-a004-16a567ab07c5&gdpr=1&gdpr_consent=null

43 B
732 B

53ms
52ms

Image
image/gif

184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8b7760f2-0bcd-4e00-a004-16a567ab07c5&gdpr=1&gdpr_consent=null
Requested by: Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1626475469042085-572
Expires: Fri, 16 Jul 2021 22:44:29 GMT

Redirect headers

Date: Fri, 16 Jul 2021 22:44:24 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=8b7760f2-0bcd-4e00-a004-16a567ab07c5&gdpr=1&gdpr_consent=null
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 16 Jul 2021 22:44:23 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 4A6B 301 B
815 B 58ms
58ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11736641&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475468370099-596
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 4A6B 67 B
725 B 62ms
62ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11736641&_fw_gdpr=1&_fw_us_privacy=1---&vav=27cb09ef2a70a9f3129fd159ccd43bbc&vaviv=254ac71f33d0897b61a0513ccc712f7a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475468507054-564
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 12E8 301 B
861 B 54ms
54ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=8227105&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475468342091-577
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 12E8 67 B
725 B 57ms
57ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8227105&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&_fw_us_privacy=1---&reqType=AdsSetup&playerSize=700x393&_fw_gdpr=1&protocolVersion=2.0&auction=1&vav=4ec9eebf8e6b0c31eea025ad5d2b8c6a&vaviv=6659450078f719c0fd5f36163538b72f&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475468688012-508
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 64D4 301 B
861 B 104ms
53ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7042993&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475468662042-505
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 64D4 67 B
725 B 115ms
67ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7042993&_fw_gdpr=1&_fw_us_privacy=1---&vav=e557c0296e84b99f103766108621b692&vaviv=f148f746799e55dc231112fd322c21d9&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:28 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475468443080-598
Expires: Fri, 16 Jul 2021 22:44:28 GMT

GET user-matching
ads.stickyadstv.com/ Frame 4A6B 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTgzMzRhMzkyZTM5ZGNjZjI5OTIyY2ExNGRkZTFjYQ==&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTgzMzRhMzkyZTM5ZGNjZjI5OTIyY2ExNGRkZTFjYQ==&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTgzMzRhMzkyZTM5ZGNjZjI5OTIyY2ExNGRkZTFjYQ==&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTgzMzRhMzkyZTM5ZGNjZjI5OTIyY2ExNGRkZTFjYQ==&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET user-matching
ads.stickyadstv.com/ Frame 4A6B 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

137ms
136ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FRYA6AZFQ012729CCWS2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475469257050-554
Expires: Fri, 16 Jul 2021 22:44:29 GMT

GET user-matching
ads.stickyadstv.com/ Frame 12E8 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=&google_tc=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 363
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET user-matching
ads.stickyadstv.com/ Frame 12E8 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

137ms
137ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V3T249NFNS9W3MNQVQ48
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475469305072-543
Expires: Fri, 16 Jul 2021 22:44:29 GMT

GET user-matching
ads.stickyadstv.com/ Frame 64D4 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=

170 B
188 B

54ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NmM4MjhhZDdkYjhmMWUzNDQ0NzNjZGQ0ZWZkNGJkOTY=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475469286079-569
Expires: Fri, 16 Jul 2021 22:44:29 GMT

GET user-matching
ads.stickyadstv.com/ Frame 64D4 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

134ms
133ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: home2.ultrasurfing.com
URL: http://home2.ultrasurfing.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GGJWC5M6E7YH3JP0HH0N
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6c828ad7db8f1e344473cdd4efd4bd96&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475469327074-558
Expires: Fri, 16 Jul 2021 22:44:29 GMT

GET
H2 200 / Show response
pips.taboola.com/ 64 B
244 B 19ms
5ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:29 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19172-FRA
access-control-allow-methods: GET
access-control-allow-origin: http://home2.ultrasurfing.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 3381ms
119ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=51d9acfe-2689-410e-b951-49963420b5ff-tuct7eb9148&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Jul 2021 22:44:32 GMT
Cache-Control: no-store
Server: nginx
Connection: close

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 387ms
130ms XHR
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=home2.ultrasurfing.com&rs=home2.ultrasurfing.com&sid=41384&t=1626475465&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=455&he=256&app=&AV_PUBLISHERID=5e7b0cd96e7f5a69710f0dfa&test=&aafaid=&proto=http&uid=1626475465041-964868616462-008088-003-003921&cha=0.7&stagid=&stplid=&cb=54436910313&d9=1000&AV_WIDTH=455&AV_HEIGHT=256
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 16 Jul 2021 22:44:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 35ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56c32ee7b0ca504152dbb9c6ce5a2d9d2762388cd7c804444c60ce1ca272509b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 22:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8493
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
89 B 13ms
12ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=750376969&t=timing&_s=2&dl=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ul=en-us&de=UTF-8&dt=Ultrasurf%20-%20Top%20Stories&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=8172&pdt=1&dns=13&rrt=0&srt=353&tcp=25&dit=814&clt=816&_gst=781&_gbt=819&_cst=777&_cbt=646&_u=YEBAAUABAAAAAC~&jid=1610726352&gjid=1984400871&cid=1922633286.1626475464&tid=UA-105623949-1&_gid=1518547635.1626475464&_r=1&gtm=2ou7e0&z=904294321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://home2.ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-105623949-1&cid=1922633286.1626475464&jid=1610726352&gjid=1984400871&_gid=1518547635.1626475464&_u=YEBAAUABAAAAAC~&z=458835407

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Jul 2021 22:44:31 GMT
content-type: text/plain
access-control-allow-origin: http://home2.ultrasurfing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:31 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-105623949-1&cid=1922633286.1626475464&jid=1610726352&_u=YEBAAUABAAAAAC~&z=878026453

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 15ms
15ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-105623949-1&cid=1922633286.1626475464&jid=1610726352&_u=YEBAAUABAAAAAC~&z=878026453

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 58C8 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 16 Jul 2021 20:11:12 GMT
expires: Sat, 16 Jul 2022 20:11:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8204 783 B
827 B 17ms
16ms Document
text/html 2a00:1450:4001:82f::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

GSE /

Resource Hash

2ae05ac0274ab800f64264f13cb7a7cd266976da386e69ce0ba81ae920c1baa2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z7yLSpiZIyRo61IokReVfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://home2.ultrasurfing.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

expires: Fri, 16 Jul 2021 22:44:31 GMT
date: Fri, 16 Jul 2021 22:44:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-z7yLSpiZIyRo61IokReVfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js Show response
pagead2.googlesyndication.com/bg/ Frame 58C8 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s-OE46cnkXGFQoo4r8zhnqxzG88VmeLG6mk72mZMPyg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 14:22:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13247
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 14:22:09 GMT

POST
H/1.1 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
213 B 134ms
109ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Date: Fri, 16 Jul 2021 22:44:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 1

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=461059893195248&bg=!lZalltLNAAZjFomlYxY7ACkAdvg8WjiAv4q9mrJxppUmDvcaHaLmCRN2RMPycCJho8HwUVy96ESVrQIAAABuUgAAABVoAQcKALPjE5J-gbPRx1STIJptcHB2TQfuFkGeUha_AI97bOwOZ7vwOLTefEesNzmkvlfmJTk1QlXwvg2ReExFG0xPT5N_k8r6RwzL80AfYgYD7pHvitMy5uQRkRQR-MpmiMGJKU5eddJtZYGr6WetNXtzV6BH0-3FYtTE_VeRI5ULGO_xKE_kuvqTJVnxeXwagn5ZJni0-Hf1fWTWwAw4O4s5xFV6GJoMuLgGJ29BTYeo1U6I0PVVpJkCfvyYAciCHT43kljTlrTmHjOLbOfv_pjDbcaS8rO1Pv1BLe7gT-uHYRK0GBXZeY0mTLkbLRW2CO6XWKuM2DKfkEch6xm5-V2-2wIKSDRaHio6Gniq6NuPKcQSPx5GEMNOVaDPJY8PLjRtgxs39k19_oqALjMNOgAJctWYFZMuVojsN_gD2KM3Xadw25BVNHJzf7BVIh5AB-x6Ozh2tbcK_lSfxDTew467mQ3-25hL9Hf1kpmxwAKg2SZyB7dwwEDBOAWHA63731y1qA-xMxNitgfEQtNkVbA2ZAhnaeWkCnnLjbqY-mPferVccfj25PBCv5r9eKXAZOLbxnStBhDhSU-bgLANecyCj2RSY3w3RLqeuhfn_6sHFUKU4d5Gu0uinxUCAy6XO9qetJS53JYDvaz0DUsS8o9lcr9l3GJUZgXepUfvdYPzFycD4Yzv0o_hFIgZKzxwifawMI2zaOeFx2bW2jVtoAJVfxSiSPjKjhqai3rFB8baCSs9yNw4kad8MuqEaWXTZ1O7k-ECt7_S6cA6k6Xhz_UjvC4Ov57ABN9IJ8i_0q4SmizqFy4Efa6OL5aPH8fptFWdF2iIlXStvyGiFZ3-OUfzUYydULdWb1seg7OX85oD7h_OnhXGOxaLZJczAe4_OZUc0huQ-1hA7i7DVdl2ubPGLj0UhpRMzgbHe6HzUfbdKSoKGTVmYP6XyTavuf7I3iv1uVWJ6bprx9w2MYkRFIEofxiTCh0MyBbbeepXIEN6OcW905RsjdK-16BlNtvtPEh42QhACeWVtKfzGZ8bOibdUl5cebMOYqcnOSGT1Z7lrFZ7xQcgpm4o_4yhiTNJwnW4UkN09sgw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i1-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame D0D0 35 B
427 B 48ms
14ms Image
image/gif 2a00:1450:4001:809::2012
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i1-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6.gif
p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i2-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame D0D0 35 B
427 B 153ms
48ms Image
image/gif 142.250.181.242
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i2-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f18.1e100.net

Software

sffe /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 132ms
132ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=home2.ultrasurfing.com&rs=home2.ultrasurfing.com&sid=41384&t=1626475465&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=455&he=256&app=&AV_PUBLISHERID=5e7b0cd96e7f5a69710f0dfa&test=&aafaid=&proto=http&uid=1626475465041-964868616462-008088-003-003921&cha=0.7&stagid=&stplid=&cb=54436910313&d9=1000&AV_WIDTH=455&AV_HEIGHT=256&&ppid=5e7b0cd96e7f5a69710f0dfa&nid=59918a0e073ef4782e4e347f&pcid=5e7b0e2d8f481f5c4c4f785b&ncid=5eaa9015d0f80052250e31c4&pasid=5eaa90e3dc7aab3eae0554c5&e=request&cb=1626475478777&asid=60ed8efc60f42333ff544e14%2C60e563f731f9f6195e0ca0e7%2C5eaa92abd694c6380f63c956&ofpr=%2C%2C0.75&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:38 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
222 B 53ms
53ms XHR
application/json 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-160-25.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://home2.ultrasurfing.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 track
track1.aniview.com/ 0
70 B 140ms
140ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=home2.ultrasurfing.com&rs=home2.ultrasurfing.com&sid=41384&t=1626475465&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=455&he=256&app=&AV_PUBLISHERID=5e7b0cd96e7f5a69710f0dfa&test=&aafaid=&proto=http&uid=1626475465041-964868616462-008088-003-003921&cha=0.7&stagid=&stplid=&cb=54436910313&d9=1000&AV_WIDTH=455&AV_HEIGHT=256&&ppid=5e7b0cd96e7f5a69710f0dfa&nid=59918a0e073ef4782e4e347f&pcid=5e7b0e2d8f481f5c4c4f785b&ncid=5eaa9015d0f80052250e31c4&pasid=5eaa90e3dc7aab3eae0554c5&e=bid&cb=1626475478837&asid=60ed8efc60f42333ff544e14%2C60e563f731f9f6195e0ca0e7&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:38 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5F57 340 KB
117 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119593
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:38 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6164 340 KB
117 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119593
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:38 GMT

GET
H/1.1 200
OK bridge3.471.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame B419 577 KB
190 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://home2.ultrasurfing.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193844
Date: Fri, 16 Jul 2021 07:39:09 GMT
Expires: Sat, 16 Jul 2022 07:39:09 GMT
Last-Modified: Tue, 13 Jul 2021 20:58:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 54329

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6164 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6164 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=home2.ultrasurfing.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 22:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK bridge3.471.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame BB86 577 KB
190 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://home2.ultrasurfing.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://home2.ultrasurfing.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193844
Date: Fri, 16 Jul 2021 07:39:09 GMT
Expires: Sat, 16 Jul 2022 07:39:09 GMT
Last-Modified: Tue, 13 Jul 2021 20:58:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 54329

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5F57 44 KB
16 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 16 Jul 2021 22:44:38 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5F57 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=home2.ultrasurfing.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Jul 2021 22:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 804D 36 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 16 Jul 2021 23:11:10 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8508 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 16 Jul 2021 23:11:10 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B419 156 B
287 B 212ms
212ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1950181338590092&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2517976502&sdk_apis=2%2C8&sid=DAF57637-ABA8-4706-8A2F-645A36ED5223&eid=31061775%2C44737475&top=http%3A%2F%2Fhome2.ultrasurfing.com%2F&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ref=http%3A%2F%2Fhome2.ultrasurfing.com%2F&dt=1626475479039&cookie_enabled=1&scor=3583432545901178&ged=ve4_td0_er1085.403.1238.703_vi0.0.1200.1600_vp75_eb23144_ct2

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame BB86 156 B
287 B 177ms
177ms XHR
text/xml 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2313134041206274&sdkv=h.3.471.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2461288863&sdk_apis=2%2C8&sid=6E3B0310-F972-45CD-9896-AB95D2FEC565&eid=31061774%2C44725356&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&ref=http%3A%2F%2Fhome2.ultrasurfing.com%2F&dt=1626475479075&cookie_enabled=1&scor=3276285729695049&ged=ve4_td0_tt0_pd0_la0_er1085.403.1238.703_vi0.0.1200.1600_vp75_eb23147

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.471.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 16 Jul 2021 22:44:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 205ms
205ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=c532bae3-b93e-4ba7-b5e6-a0574f24b36b&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Jul 2021 22:44:39 GMT

POST
H/1.1 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 9 KB
6 KB 136ms
110ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=4826595&noaop=3&sortOrderType=0&cb=1626475479476&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1243&pt=-637058757&tz=120&viewable=true&ddast=V7vVgCFgNlzd7nQBMEnARlzd7nQBMEnAUAAAAGBvQHHLmaUZgjCmVDY4wGw9ViOFsuFqPhZjlY7YbAkasZhTmiUDY0xmgwXC2Gs-FmuZssdpvJbAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzDQdDpc93rV2XR5eF6Xm9Pus2v8br8cAAAAAB4AkkrHIX4AAQAiAAAAACQAAAAAKAIq_i0ELgAAAAAwAAq0xzUAVDkMzuS8Ox3-AAB4KAABABDAIAEYMPwuAaDomjwBAAAAAAAAAGD5____jwHYI5mRAcBAXOoBePABeCAqSC1iBAAAACA8ljZ2JKkTKosqAACCdCuAKwCAAL1Yv4SLMAAAAICxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJpQVjpQWNLleqPYLCACw9gsIAMA2bgAAbwJwQUfQisFgdQk02Gwmi9lqODsAAACAu____389kFxZLDbTbGWZWTy-yWQ0cxlXvtFsuBosJr7RbOU9IV2LlMy3hZC-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPA5QAnYrBcTiaLyW41Wo02w91oNligQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGFqMXIuPDaXWzIbLteixWDlljhXi7VouZxtRpPBxDWzuUWvj-m3sjgXo-EUD-bjcu5rFy4KBoTsRXCRTlRn0-XheV1ubtXZdHl4XpebRSzRnCzSieyyb64sFptptrLMLB7fZDKauYwr32g2XA0WE99otvK3FiPnwmNzuSWz4XItWgxWbolztViLlsvZZjQZTFwzm1v0-ph-K4tzMRruG7PJbLRbjWajfWM2mY12q9FstO8wmZ6pz9koruUkHpdLaCtZlzPzQeEyWLzLz0XaLX5uRqFM_BKWvsOdb2IV-v1-v9_v9_v9fu_GbPAYDIaZR7tNjF1-zeanPGq8B4MilghOF-lE6He7LGKJ5GmRTpSryXLjmLlMs9lo43IOJi6byTTzDDaWzcLkGYwsYonSdJFO9BL1HxtiOZorl3PFYDVXLlcJAAAAAAAAAGAJc-ZNAAAAAE4D2SwWm9VyASDi53WBQQAAAAAAAHbRi8LGrfRS7YobP56os-ny8LwuN7fqbLo8PK_LzcoAEPHszJs9E8RarZY1AACAADYAAEAAt27eAjIZOQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1334675&dpubid=231135&abtst=adh5c-1_vA!insc_vA!rff_vA!scec9_vB!spa2_vB!t45!ufm_vG!ulelrt_vC&mPre=0.033&cirf=http%3A%2F%2Fultrasurfing.com&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 26a048c42a0b90643a6cde2d7f444c1fd674d89befaad2c5fe092a8c04cc7db3

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Content-Encoding: gzip
Server: nginx
MachineId: 1402
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Link: <http://ads.stickyadstv.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect,<http://ads.stickyadstv.com>; rel=preconnect
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 11736641 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 50ms
49ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/11736641?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fe1290b76f10e6355cd067ac46290609019828d9b2cc595df43f6c87afa41799

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1626475479633005-577
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK 8227105 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 54ms
53ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/8227105?reqType=AdsSetup&protocolVersion=2.0&zoneId=8227105&loc=http%3A%2F%2Fultrasurfing.com&playerSize=700x393&_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dc26884c91ab227ba03063472105259d07edb6c993056866c28a771ef0c7347d

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1262
x-sticky-vk: 1626475479391062-570
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK 11736801 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 57ms
56ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/11736801?_fw_gdpr=1&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0a8224d0351d760d94e4c75ec221b0d4ecb22be46828d0e6419713ce27917e6e

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1626475479335086-543
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 8DD5 330 KB
112 KB 19ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475479.dop205.fr8.shc,1626475479.dop205.fr8.t,1626475479.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 03C1 330 KB
112 KB 20ms
8ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475479.dop148.fr8.shc,1626475479.dop148.fr8.t,1626475479.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame FA7C 330 KB
112 KB 19ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475479.dop148.fr8.shc,1626475479.dop148.fr8.t,1626475479.cds006.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 8DD5 25 KB
25 KB 13ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1626475479736
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:39 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475479.dop223.fr8.t,1626475479.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 8DD5 0
0

GET

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1d72_6985658990051780879
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=c77e91e7-987b-4d5e-8a7a-b6349595ae82
https://pr-bh.ybp.yahoo.com/sync/stickyads/2ec3cdaa8edc5b992f9b7e61a1db82a&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-argHSNNE2oOOwvydIomIzQ4_sYAg6INhQ_YUmlwV~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6461171285122353775
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b6fc60f2-0bd8-4900-bc0f-60f31fe2f9e8&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPIL2AAC8kU4VgA4&gdpr=0&gdpr_consent=&_test=YPIL2AAC8kU4VgA4
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAB_6U7B5BgAAEA2ZZSkIw&gdpr=0
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658994346866481
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 03C1 25 KB
25 KB 7ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1626475479760
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:39 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475479.dop223.fr8.t,1626475479.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 03C1 0
0

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l10fd_6985658990051790419
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=6440e14e-c9fe-4dff-8b3d-859dc1a01fcf
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6461171285122353775
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d7f460f2-0bd8-4a00-8bb5-f0b2011bc444&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8207326203247511969
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=TauRxI2D1M4wzu5
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=YPIL2...
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YPIL2AACr0HPzABg&_test=YPIL2AACr0HPzABg
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1479_6985658994346850080

0
0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame FA7C 25 KB
25 KB 8ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1626475479783
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 22:44:39 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1626475479.dop223.fr8.t,1626475479.cds212.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame FA7C 0
0

GET

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2117_6985658990051812824
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=4f852f0f-20e1-4fe4-ac73-f4e238ad0179
https://pr-bh.ybp.yahoo.com/sync/stickyads/2ec3cdaa8edc5b992f9b7e61a1db82a&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-argHSNNE2oOOwvydIomIzQ4_sYAg6INhQ_YUmlwV~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=6461171285122353775
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=d7f460f2-0bd8-4a00-8bb5-f0b2011bc444&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=TauRxI2D1M4wzu5&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAAaqE7B5BgAAEAO-L7N5g&gdpr=0
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=2ec3cdaa8edc5b992f9b7e61a1db82a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l0d86_6985658994346866481
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 8DD5 301 B
860 B 54ms
54ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11736641&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475479558071-602
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 8DD5 67 B
724 B 61ms
61ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11736641&_fw_gdpr=1&_fw_us_privacy=1---&vav=6787ec3b4c5a7f59edd8198b42b695f0&vaviv=093eb8744a45a6feb6dae63c3ddb7e38&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475479621059-601
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 03C1 301 B
860 B 49ms
49ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=8227105&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475479692046-573
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 03C1 67 B
655 B 71ms
65ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=8227105&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&_fw_us_privacy=1---&reqType=AdsSetup&playerSize=700x393&_fw_gdpr=1&protocolVersion=2.0&auction=1&vav=981d0246f66cfd44b074292d489a3a63&vaviv=7d6aad0ba4c5a07d08080f95df345298&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475479612062-596
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame FA7C 301 B
860 B 96ms
53ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=11736801&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1626475479578070-557
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame FA7C 67 B
724 B 100ms
58ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11736801&_fw_gdpr=1&_fw_us_privacy=1---&vav=cdece4a5be8581ec7e418095d0614517&vaviv=18ec98be83ce66a4206505d70ccd2572&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=http%3A%2F%2Fhome2.ultrasurfing.com%2F&playerSize=700x393&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1626475479569074-578
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET user-matching
ads.stickyadstv.com/ Frame 8DD5 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

170 B
232 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475479594088-567
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET user-matching
ads.stickyadstv.com/ Frame 8DD5 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

134ms
134ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:40 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AFGTCY723KQ7A19FTKA3
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475479606090-534
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET user-matching
ads.stickyadstv.com/ Frame 03C1 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

170 B
232 B

50ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:39 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475479897016-502
Expires: Fri, 16 Jul 2021 22:44:39 GMT

GET user-matching
ads.stickyadstv.com/ Frame 03C1 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

137ms
137ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:40 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CM6NKTJJBPJF66BSE57G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:40 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475479959028-602
Expires: Fri, 16 Jul 2021 22:44:40 GMT

GET user-matching
ads.stickyadstv.com/ Frame FA7C 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jul 2021 22:44:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:40 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmVjM2NkYWE4ZWRjNWI5OTJmOWI3ZTYxYTFkYjgyYQ==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475479922038-595
Expires: Fri, 16 Jul 2021 22:44:40 GMT

GET user-matching
ads.stickyadstv.com/ Frame FA7C 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

134ms
133ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:40 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GXFCMMF11M069AMRW1VX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Jul 2021 22:44:40 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=2ec3cdaa8edc5b992f9b7e61a1db82a&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1626475479901059-588
Expires: Fri, 16 Jul 2021 22:44:40 GMT

POST
H/1.1 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
213 B 122ms
97ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: http://vidstat.taboola.com/vpaid/vPlayer/player/v12.4.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: http://home2.ultrasurfing.com
Date: Fri, 16 Jul 2021 22:44:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 1

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 130ms
130ms XHR
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=home2.ultrasurfing.com&rs=home2.ultrasurfing.com&sid=41384&t=1626475465&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=455&he=256&app=&AV_PUBLISHERID=5e7b0cd96e7f5a69710f0dfa&test=&aafaid=&proto=http&uid=1626475465041-964868616462-008088-003-003921&cha=0.7&stagid=&stplid=&cb=54436910313&d9=1000&AV_WIDTH=455&AV_HEIGHT=256
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e7b0cd96e7f5a69710f0dfa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://home2.ultrasurfing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 16 Jul 2021 22:44:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3469693587413378879

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: id5-sync.com
URL: https://id5-sync.com/c/464/108/2/6.gif?puid=1034c52a-81bb-483d-b01e-beccbc011b2a&gdpr=1&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACiQ07B5BgAAEAvNv5yhQ&gdpr=0

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1479_6985658994346850080

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.taboola.com/	1970-01-20 04:33:31	Name: t_gid Value: f16ae039-eeeb-4134-a2f0-0c1291e0d5d9-tuct7eb914d
			.doubleclick.net/	1970-01-19 19:47:56	Name: test_cookie Value: CheckForPermission

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/v0.js(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107030008001 http://home2.ultrasurfing.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2106212012000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8502237298656009&output=html&h=250&slotname=1261171629&adk=3782124154&adf=2856114808&pi=t.ma~as.1261171629&w=300&lmt=1626475463&psa=0&format=300x250&url=http%3A%2F%2Fhome2.ultrasurfing.com%2F&flash=0&wgl=1&dt=1626475463680&bpp=1&bdt=455&idt=122&shv=r20210712&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280%2C160x600&correlator=2455867246362&frm=20&pv=1&ga_vid=1922633286.1626475464&ga_sid=1626475464&ga_hid=750376969&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=975&ady=400&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=461059893195248&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=L0QCn3FfGV&p=http%3A//home2.ultrasurfing.com&dtd=126
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js(Line 3) Message: Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/48c257b3_photo0_190.jpg for item=1099092458760230833, loading default thumbnail instead
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js(Line 3) Message: Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/8157c050_photo0_190.jpg for item=715344776812066205, loading default thumbnail instead
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js(Line 3) Message: Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/53722993_photo0_190.jpg for item=2367503862617444860, loading default thumbnail instead
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js(Line 3) Message: Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/c86df91a_photo0_190.jpg for item=-7388958973737294290, loading default thumbnail instead
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js(Line 3) Message: Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/2eae2e69_photo0_190.jpg for item=2857291150637004484, loading default thumbnail instead
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js(Line 3) Message: Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/e565ef45_photo0_190.jpg for item=5266452803866907623, loading default thumbnail instead
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210715-12_b2-DEV-94825-fpp-does-not-disable-lr-for-none-feed-placements-b9b84a53d8a-SNAPSHOT.js(Line 3) Message: Failed to load thumbnail https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ultrasurfing.com//images/367ac7f1_photo0_190.jpg for item=-2304297834766885135, loading default thumbnail instead
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:26,516 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:26,568 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:26,585 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:28,659 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:28,679 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:28,698 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:39,736 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:39,759 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null
console-api	warning	URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js(Line 62) Message: 00:44:39,782 com.stickyadstv.utils.Browser GDPR 2.0 - TCFAPI function cannot be found. _fw_gdpr: null, _fw_gdpr_consent: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
1f2e7.v.fwmrm.net
ad.360yield.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
avm.avantisvideo.com
bh.contextweb.com
bttrack.com
c3.taboola.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn.stickyadstv.com
cdn.taboola.com
cdn1.avantisvideo.com
cds.taboola.com
ce.lijit.com
clients1.google.com
cm.g.doubleclick.net
content1.avantisvideo.com
cs.emxdgt.com
cse.google.com
dis.criteo.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
events1.avantisvideo.com
go1.aniview.com
googleads.g.doubleclick.net
home2.ultrasurfing.com
ib.adnxs.com
id5-sync.com
il-trc-events.taboola.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
jadserve.postrelease.com
m.exactag.com
match.adsrvr.org
match.taboola.com
odr.mookie1.com
p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i1-v6exp3.ds.metric.gstatic.com
p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-262632-i2-v6exp3.v4.metric.gstatic.com
p4-ey2n3ceyuwgxc-s3ctf45ca6juyq5q-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.advertising.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
player.avplayer.com
pubads.g.doubleclick.net
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.c.appier.net
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
simage2.pubmatic.com
static.avantisvideo.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.stickyadstv.com
id5-sync.com
match.adsrvr.org
104.109.78.125
13.224.96.53
13.248.245.213
139.162.84.221
141.226.224.32
141.226.228.48
142.250.181.242
142.250.185.162
142.250.186.34
142.250.186.67
151.101.13.44
151.101.14.49
172.217.23.98
178.250.2.151
18.134.84.22
18.156.0.31
18.195.155.181
184.105.237.132
184.30.21.112
185.106.33.48
185.29.133.52
185.33.221.89
185.64.190.80
185.86.137.132
185.94.180.125
192.132.33.46
198.148.27.139
2.19.35.65
2001:4de0:ac19::1:b:3b
2600:9000:20eb:1000:1c:38a0:8a40:93a1
2600:9000:20eb:3000:1e:efeb:b400:93a1
2600:9000:20eb:5800:3:748e:7940:93a1
2600:9000:20eb:5a00:1c:38a0:8a40:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2012
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9a
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:ba12
2a02:26f0:6c00::210:bb63
2a04:4e42:3::300
3.121.49.210
3.121.66.166
3.126.63.176
3.235.208.250
34.98.64.218
34.98.67.61
52.21.23.66
52.28.38.50
52.42.241.136
52.46.133.124
52.59.160.25
54.205.103.27
69.173.144.138
69.173.144.139
72.251.249.9
76.223.111.131
85.14.248.91
88.212.252.2
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
0879a24e39cdfc40c83642329bf387001db4deb1857adcef8cdc0e8cc8f3b2e9
09a063e6aa1a490fa6681d7cb07974d63ad6c353b93026545ffe27c4f2e1624d
0a8224d0351d760d94e4c75ec221b0d4ecb22be46828d0e6419713ce27917e6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d85f16518f624183fc49f4f71235c43da4f2edc1e49a9a67e4e11d442d60a94
137e54b3bf159bee7ddb75e8e8a4c375fbfe0e029f0cd8efc4b8e47f4c0dab54
167e0d390ff74a4aabcc74ae7068498048978dcebd86e1dc85e09e6b3a7e724a
17c95dda6af1a7e1e5cf6d3f17df342ab4a3136715e9d470b9285889009c475f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bd62fefd72133356ce09f21043fe2f81e34268f573f9729cecd9be36618f47e
1cbc80c6745fb314b58b6654c3fb63ea2831aac0b517e634e48d9c54d69004b8
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
226a20ea51106bdd09103a742adc9300b68fee18f98a87e8304446c4ea34705d
26a048c42a0b90643a6cde2d7f444c1fd674d89befaad2c5fe092a8c04cc7db3
26e8c769dd3c7a4d67d629b682c8853b17266d9ee2c208532b26764f2754d549
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2ae05ac0274ab800f64264f13cb7a7cd266976da386e69ce0ba81ae920c1baa2
2d9f49830cb5f6e7b35282dca00d4d8e162eb7ff9b45e0e8642f39fd11a6f05c
2f66f4297d5ed92afc7189a4381965280396065e2d8345884a184613ecbfb6f5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
335ce2804f634f839fc7e5a4c578ced3b74bbdc891629f9f542a7af7dce68262
33dac5a12910577d7f2fc8ff1509e8aeb4342e5d9cc9eec47edea9cdf316223a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
365a607bc597a72cbb8b1134378bb96bfd290faaf3185191d2bb4d576d83873a
379728be2d7795529aeed2b55757fc1e6b00aa0513d0c2ca395e5810d14adcec
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3bd998254f73e870e4aae70e970d8641414afda756d632c5e9e4fff9b25ff244
3c3c9597379135763b47468c9cdb4bc20647d6e7ccd65a3affe1b0c3840b96db
3cb9607bca1dca9dd16ec95103698c2cf58faeae15f7ef5f4dae23d226926f76
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4
43aa0721a7936fea4b64b4144e09ad6af834ee7dfa77bd5c8ae756dc78433037
43db6c760297f62df02365322c9401d1d70b82a51db70bea51415839050e4bdf
44374ac27b4f05047dddd55802504693cf09124d9acdd959236e1004bfe752f1
4544542e656ffb1a147b6e3d1539f7a7c68bfc67837f93646d12b227bd801f65
48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a42b0832b9ab3a89f1b4799ddeff74123ba40b7d1c3235ece5f60d12c0fbab8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4d113919d9aa4589e45e06440d0362d8cff8ccaa107268e2848b331b927e53c5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
4ed4b380e07015eb5901a8c0e58e28e1327652d3b403ee9f0c93a8140d8dfe42
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5017c6583773bbb24153b051ca1ada1e36ec4f67927aea33c5fbc0c218046583
5043cd22d726edebfca67584a8383980542304374a377bbbe068d65dc688280f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0
56c32ee7b0ca504152dbb9c6ce5a2d9d2762388cd7c804444c60ce1ca272509b
5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48
5846d4207d076990b6629b3f398eb8da7720765ae5b500c120474f32c2852db1
5c7e52c23ed96a8fb4a491d7b2e512207c126999a34c49bb21b9d14355b16ae0
5e1461f9560b5f5dd1a84603b0f6bf36235fc6bc76ef82457f6ada724f227bcc
5f1bf9e0338681326492f041115a6146d66f3872dc5367db7f5a330e479844bc
5f9d39f8dec3f44e3de585925573cf78fe7e086ee81423b7da8dc34829a8ce7c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60c420151119c997eb9f8c8c7ab0771775980aeba9e8c1deb96aaff93984c1e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
63d18f794b79c9a717b0c4e57bdef25e19b0a0e02ea04bb690f6d77a3fad771f
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
6775ae3a750e03d17aef17361eb2ff327abc112796226aafc0dba8f3d7845d0d
6965ee60830da5507f908dc44c33c8fdca97e0aaafd1a7f6c24db987d416303a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6baa1ffcdc5ce858a33e5c5fb976364e954ad9df34a384c7e5d17c42d4b91936
6c6083384163a525570bd06adedae079b0de6a54a855a292061fdecba6c345f0
6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a
6f11379758af1df8c93f9009e55454747b519d75eb849390649c4eebc168a9da
6f74301343a7efab9a1b67f50ac2725bb7253371e252ae4007c7d123a6e22e31
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
74ccccd4a842947ee2022146e1f86f5154e05d9fad3e944c43efd83b396b3f35
75f2d94128e4159a1805e81a510b67231c4faed00a91478c78c8426b1197fd12
76e7baff5bf5bff9b2ecf29f5f185a2e60356c7bf4322b9701b7b6b46d0a14d2
784ca0ce520085ea59bf6a9aa6372adfa103fa275a222fc909db5348de72c658
7958c58b9ead2487e441b8652495b3e0d19d5dd05edad01e9bb579c30cc19688
79b8ef08d31132fce8244dd5f6f72a994abcbe60a5a3ff2959d28142d22768a5
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
82e0d38a5e1368fd1f713570f09c9a5f230f069c38ef457311a3d3fc415f9834
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86827b126dfc9a12bc04e847c9714fc171f80c3de0b48eba6265088ed33958c6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b316434b588870e087fae4c26fd219fa8c57fa78f9ea62e50ef5ea3564a6302
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da76eebddde8be6755cd5ad20fbfd9eb5dc25c5f21fe9b1d7947c66a817ec9e
8f978f1c001fa3ea1447dc0496ed17331a9793d40d48cd6e83c76d4948ea1a43
8ff24337a4324cf770706257114de81632bb25a90c0f74a92274af2f2e20c3b1
94fc1b6f57eaec5b66d02212a4a8c63fb22b3b46c2643d76c1b39edeea337b71
96c62b969450bb9b1e4538d1ccf5f0044574bd847ce6c6b8aab470dd4bdee7a5
97fd72a24b0182335c4083dbea96f501f20ab938bebdd18d3101709d5755879c
99e0a173ac96cd66cb5e6ade9a6a97f53262d4a883d3427e1b52062882582827
99ed4e7ab95c8fe41790f3dd7fb8d45d28e8fba364fdfc71f7a1cf66c7fde562
9d10b707c66cc6b2c15c54843a059cfb7ffcae935bb717593600eb04975fede2
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a19415bca7d20948dc84ed1c81824ad3545eb71ed53b8b5e46e14c4067e7b6f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a47f8643085a849c5f7385b30046cf79bc0a201c9be5125b78d7c281c137494e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56c62be9652c7b6b85be1e24dab707f15623d73cde436958c4ef74e3b5b68d7
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac297aaa134048f28aff7b03c9e623eaf9e2e30bbf0d09a196da91301ffbc31a
ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c
ad6a5e8776c6971ba60a4659a23aa1282c2ee721849dbe644d1bb064397f7c4a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2957b4f8c84f766ac63fc7f0b774f04d8a92f49e7fab7572990170fd6843135
b2d5d14f409119b096f2a9e1d260d74b4a6a1ea12707d67fad5ce8e04a8a8f45
b2d83c05e08d0ebca4849129c5ec6f36f6aef6e3f3130f288970b3682f02127c
b30790514c9b8e3c22fc3b26b06f08cbf34f7d6b9e3c95f814afa5e79b36392c
b3e384e3a727917185428a38afcce19eac731bcf1599e2c6ea693bda664c3f28
b41b5941a0652db74be1fe947e115b055a1e72d9255855abe2d1e31f0a545b31
b4c1d8a352e28b6d66ed683c32e2f5e944ca7ba216dda3921b5627243f603f74
b611e6c82e6c199b6b12773a8506574766e58e2b77baa0148e43af2edef1677d
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd02d3bef0cec6d2bc5010f9b56c467bc38ae8f6056dee2112d1c6bb7c993f48
bf4e37ab85da61ada8b2a99b11d75650a585e1ae069db665f067da2793595014
bfe0a9999c5b22249b8d857e8ec45183a23b12d5220427632d485f11a8c378e2
bff7d7daab7b0e2e15cfb4777e0a550049554e9b391d519f9f2f3196275d5f34
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c350378ef8726b9bbb16801e96fb7db68e7a26b51c7831e7c5dc04dbdb98f25c
c65f088fb93ec34dac0bd5d9812e2c31233eaa30d6a74d73ec8f9f8a52bb0b68
c66ba1e44675989f31427965bba9bf36f05c774e3359890a9cd270ef3c766a21
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c8e2be0b7fbee58d5d39567bb1d459e271fe06b356afd501622de171b6fe4885
cb7b94f53696acae93cb2d577f5c6fae8e2466650e6094b267ce29a060eac210
cbd0f8eff9d195eb363c39b70077cb7c4f7345d09d1cf41fa5db573916a92163
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06d20286b642f30cb4b7e55f0eb6c416e35e8b4280d25a3229b1ef2a71cedff
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d385d1ac693058a64070e63dd2e4f7afebfe7ef46c04aab5c8ca310b30fe2e5b
d5ff9167834a04c2b81fe7a88bd3101d7af7962d0eb507ef13da65a6a7b69f25
d7245d8f063d6b930496a3df67b3280d5651f1be9c6d8db4297fcd5f416a0776
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d92cbdc3bc98129f24feb5bc287e7b84faa709c9741cc6d5f55dee7c47822e66
db2fd987b90a3ad4704defd83fff15a629bbcbf927560024ebe1851288b93ac8
dc26884c91ab227ba03063472105259d07edb6c993056866c28a771ef0c7347d
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9da7cb4546ee46cfd9da4d1a1d5d153cbdaa3f20f4b84ebb02e20061f16fcf
e15422f05cbcde9d0d0753658f6e095c40ca06db76f84e74ab191c4d6f8fa560
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48e5478b43468d1e6c7f4a5ddb027e6623f62083280a58cb75c54eca4e23279
e4d0fa868377ad86cb46a5ea46a3d19dfd2a54420bce22644548e5bfc813a155
e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
e607d08076b9cdc2c3f973f3a2dd96884fd878c643b8c49212b9e823f590833a
e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb494abbb8c017b35ccc7d08246813ba16e6fc8e65828067b6902a7985dfcd78
eb545024db2f2122965ff625f7cc21e9f51ff5788ba8d8b017dd5bbe407a1de0
eb881ad28cd027cf3d912ca2a5f9ba9333484d1e747d2ff8e76506c8fd62ae99
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00fcfd8f2469b39c368fbdb641c4e8318ce49daf54b8099c1332534a5984502
f0cd3732ca0e287e964e94a3635317a3c6c494906163013a24fb88b316e5270a
f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f86ed6dcc7cce7340f511a0d9364a56c29698cd5b87b23f7516c44c2036208b4
fe1290b76f10e6355cd067ac46290609019828d9b2cc595df43f6c87afa41799
ff7e100fc4ab5c2a400dfb7f914e9d41f0fc5d0dcc6ffe1e1c38847fbd2f1486
ffb0e052a82c606d04c470776d0f5841399f41e06ba2093581025a06e6387b6e

home2.ultrasurfing.com Open in urlscan Pro 184.105.237.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

375 Requests

78 %HTTPS

38 %IPv6

47 Domains

88 Subdomains

64 IPs

11 Countries

5868 kBTransfer

15918 kBSize

2 Cookies

39 Outgoing links

Redirected requests

375 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

home2.ultrasurfing.com Open in urlscan Pro
184.105.237.132 Public Scan

Screenshot
Live screenshot

Full Image

375
Requests

78 %
HTTPS

38 %
IPv6

47
Domains

88
Subdomains

64
IPs

11
Countries

5868 kB
Transfer

15918 kB
Size

2
Cookies

375 HTTP transactions
8 data transactions