pages.ubersearch.net Open in urlscan Pro
2606:4700:3030::ac43:c552 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pages.ubersearch.net/
Submission: On July 25 via automatic, source certstream-suspicious (July 25th 2024, 5:32:24 pm UTC) — Scanned from DE

Summary HTTP 26 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3030::ac43:c552, located in United States and belongs to CLOUDFLARENET, US. The main domain is pages.ubersearch.net.
TLS certificate: Issued by WE1 on July 14th 2024. Valid for: 3 months.

This is the only time pages.ubersearch.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::ac43:c552	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2ae3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
9	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 _) (CDN77 _)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	104.236.135.234 104.236.135.234	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
26	13

1 2606:4700:3030::ac43:c552 (United States)

ASN13335 (CLOUDFLARENET, US)

pages.ubersearch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2ae3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.polygraph.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

msadsscale.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.236.135.234 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

api.airfind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	airfind.com cdn.airfind.com — Cisco Umbrella Rank: 74179 api.airfind.com — Cisco Umbrella Rank: 53249	196 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 q.clarity.ms — Cisco Umbrella Rank: 8520 c.clarity.ms — Cisco Umbrella Rank: 1838	28 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	147 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 353	31 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	773 B
1	azureedge.net msadsscale.azureedge.net — Cisco Umbrella Rank: 40491	24 KB
1	polygraph.net cdn.polygraph.net — Cisco Umbrella Rank: 263613	9 KB
1	ubersearch.net pages.ubersearch.net	3 KB
26	10

	Domain	Requested by
9	cdn.airfind.com	pages.ubersearch.net cdn.airfind.com
2	c.clarity.ms	1 redirects
2	q.clarity.ms	www.clarity.ms
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	pages.ubersearch.net www.clarity.ms
2	api.airfind.com	pages.ubersearch.net cdn.airfind.com
2	fonts.googleapis.com	pages.ubersearch.net
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.googletagservices.com	cdn.airfind.com
1	c.bing.com	1 redirects
1	msadsscale.azureedge.net	pages.ubersearch.net
1	cdn.polygraph.net	pages.ubersearch.net
1	pages.ubersearch.net
26	13

This site contains links to these domains. Also see Links.

Domain
airfind.com

Subject Issuer	Validity	Valid
ubersearch.net WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
polygraph.net E6	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
cdn.airfind.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-08` - `2024-12-07`	a year	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
api.airfind.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-01` - `2024-12-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pages.ubersearch.net/
Frame ID: C849A02138AB5702044A5F7B92E5F892
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Suchen

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

92 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

471 kB
Transfer

1428 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://airfind.com/terms/
Title: Bedingungen

Search URL Search Domain Scan URL

URL: http://airfind.com/privacy/
Title: Privatrichtlinie

Search URL Search Domain Scan URL

URL: http://airfind.com/privacy/?referrer=https%3A%2F%2Fpages.ubersearch.net%2F#cookies_iba
Title: Verkaufen Sie meine Daten nicht

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E64310EBC9404E6D8332EFF188056AEA&RedC=c.clarity.ms&MXFR=2DA26AE169276D430B6A7E266D276376 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E64310EBC9404E6D8332EFF188056AEA&MUID=0B1746BD47246DE81593527A46F66CDE

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
pages.ubersearch.net/ 5 KB
3 KB 982ms
931ms Document
text/html 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.ubersearch.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7823826fc3f05aa78c8b5acefcd0c72535c388cf7db1709071efe40f344f07dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a8de36e0bd39bd0-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 25 Jul 2024 17:32:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CvCtThH6UVMJLmWV8iEpizdJn2hNJvTgdFzPfXsnk73NWex3t2jTkTeMnbK7b14yZ5gwxewCIyWy2yNmifDUxpA%2FE%2BnisjLkgTf8UN36V3lJJkEKNYgHnkZkyckBpk0IrF2fuMyijv1kfZchoh4bri%2FpNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding
x-powered-by: Express

GET
H2 200 pg.a.js Show response
cdn.polygraph.net/ 25 KB
9 KB 251ms
25ms Script
application/x-javascript 2606:4700:4400::6812:2ae3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polygraph.net/pg.a.js

Requested by

Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2ae3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87f306ea4ed3eec8426e1920280876a144696329b47cfa3e1bb4b3ef11bb4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 17:32:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx0000075991b1dd723f18a-00667ad897-3cc900c0-sgp1b
age: 1331
x-envoy-upstream-healthchecked-cluster
last-modified: Tue, 25 Jun 2024 14:47:31 GMT
server: cloudflare
etag: W/"df56fa1f6d213b8bb18e0ed6c0393b47"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/x-javascript
x-do-cdn-uuid: d980c57c-e5a0-433f-91e1-94210e4485ca
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 8a8de3754ee79bee-FRA

GET
H2 200 telemetryJS.js Show response
msadsscale.azureedge.net/bingads/ 69 KB
24 KB 80ms
15ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://msadsscale.azureedge.net/bingads/telemetryJS.js
Requested by: Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4899) /
Resource Hash: 29d8c61173ebf95ad101172b2b1a43db05debe0f77234eb8b0c8f40dce435195

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 25 Jul 2024 17:32:17 GMT
content-encoding: gzip
content-md5: /jcK2jItxtW7pRLPV2YW2g==
age: 392558
x-cache: HIT
content-length: 24131
x-ms-lease-status: unlocked
last-modified: Wed, 17 Jan 2024 11:16:28 GMT
server: ECAcc (ama/4899)
etag: 0x8DC174DC07178E4
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 8fbad0ad-401e-00ce-5e26-db896d000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 vendors~core.js Show response
cdn.airfind.com/r/ 364 KB
113 KB 10ms
9ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/r/vendors~core.js?cb=81c94f0
Requested by: Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c553e02f9e62799adaade1b4f35abe79e83419cba47b84f4c73c32a92ff25626

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: gzip
x-accel-date-max: 1721911860
x-77-cache: HIT
x-cache: HIT
x-age: 16878
x-accel-date: 1721911860
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvJwH37kEAAAwBisclxAH35wAAAA
x-accel-expires: @1722516429
x-77-age: 16878
last-modified: Thu, 25 Jul 2024 12:43:45 GMT
server: CDN77-Turbo
etag: W/"5b068-61e11bed87017"
x-77-nzt-ray: 25b02131d097637e228ca266c49bc602
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 01 Aug 2024 12:47:09 GMT

GET
H3 200 core.js Show response
cdn.airfind.com/r/ 180 KB
51 KB 7ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/r/core.js?cb=81c94f0
Requested by: Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0a71dfdc0a883e0922ef509a6fee06ea831a83b696939f9fbee0348171417ef7

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: gzip
x-accel-date-max: 1721911860
x-77-cache: HIT
x-cache: HIT
x-age: 16878
x-accel-date: 1721911860
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvJwH37kEAAAwBJRPCMQH35wAAAA
x-accel-expires: @1722516429
x-77-age: 16878
last-modified: Thu, 25 Jul 2024 12:43:45 GMT
server: CDN77-Turbo
etag: W/"2cf21-61e11bed81257"
x-77-nzt-ray: 25b0213170aa6981228ca266d43c6804
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 01 Aug 2024 12:47:09 GMT

GET
H2 200 core.css
cdn.airfind.com/r/ 52 KB
9 KB 144ms
8ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/r/core.css?cb=81c94f0
Requested by: Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3712baf424dc99e59bf6f66c4cdd5e4a7e622bd85391b5ec242d7501065cff10

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: gzip
x-accel-date-max: 1721911860
x-77-cache: HIT
x-cache: HIT
x-age: 16878
x-accel-date: 1721911860
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvJwH37kEAAAwBnJIhJwH35wAAAA
x-accel-expires: @1722516429
x-77-age: 16878
last-modified: Thu, 25 Jul 2024 12:43:45 GMT
server: CDN77-Turbo
etag: W/"cf1e-61e11bed81257"
x-77-nzt-ray: 25b02131d097637e228ca266e6452e02
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 01 Aug 2024 12:47:09 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jul 2024 17:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 17:32:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jul 2024 17:32:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
800 B 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf272a1d8385b4ce627ac1474a8998e3bff240374f0f9ef8a339664513158710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jul 2024 17:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 16:55:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jul 2024 17:32:17 GMT

GET
H2 200 v1
api.airfind.com/stats/pageviews/ 48 B
260 B 786ms
166ms Image
image/gif 104.236.135.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.airfind.com/stats/pageviews/v1?clientId=50992&brand=&path=%2F
Requested by: Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.135.234 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 17:32:18 GMT
cache-control: private, no-cache, proxy-revalidate, max-age=0
server: nginx
content-disposition: inline
content-length: 48
content-type: image/gif

GET
H2 200 j9j09qpkrr Show response
www.clarity.ms/tag/ 638 B
1002 B 240ms
200ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/j9j09qpkrr
Requested by: Host: pages.ubersearch.net
URL: https://pages.ubersearch.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a07018239badc14ef8dc785d1d7255c62ce891c850496edcdc6b9d419c10baac

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 25 Jul 2024 17:32:18 GMT
x-azure-ref: 20240725T173218Z-16b8f8f97cft9fcpq1eky64axn00000009wg00000000fzd1
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 638
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.ubersearch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 11:48:58 GMT
x-content-type-options: nosniff
age: 193400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 11:48:58 GMT

GET
H2 200 v2 Show response
api.airfind.com/content/ 42 KB
7 KB 692ms
185ms Fetch
application/json 104.236.135.234
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.airfind.com/content/v2?clientId=50992&variant=1&affiliateId=&userID=606d6d02-a76d-467a-bd24-ba89e3129f7e&referer=https%3A%2F%2Fpages.ubersearch.net%2F
Requested by: Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=81c94f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.236.135.234 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c5374b13611e64a820c2ce7488baf2e57999afb1f9c547a638e29823cd61d88

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pages.ubersearch.net
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 17ms
17ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/j9j09qpkrr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 00:36:01 GMT
etag: W/"0x8DCAB7897E68837"
vary: Accept-Encoding
x-azure-ref: 20240725T173218Z-16b8f8f97cft9fcpq1eky64axn00000009wg00000000fzdp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d758b9a5-e01e-003c-7065-dd071c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
284 B 325ms
109ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.ubersearch.net
Date: Thu, 25 Jul 2024 17:32:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E64310EBC9404E6D8332EFF188056AEA&RedC=c.clarity.ms&MXFR=2DA26AE169276D430B6A7E266D276376
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E64310EBC9404E6D8332EFF188056AEA&MUID=0B1746BD47246DE81593527A46F66CDE

42 B
442 B

28ms
27ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E64310EBC9404E6D8332EFF188056AEA&MUID=0B1746BD47246DE81593527A46F66CDE
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 17:32:18 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jul 2024 17:32:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3F1CBC2C1CF4DA0ABAD384DB044063E Ref B: FRAEDGE1211 Ref C: 2024-07-25T17:32:18Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E64310EBC9404E6D8332EFF188056AEA&MUID=0B1746BD47246DE81593527A46F66CDE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 favicon.ico
cdn.airfind.com/ext/favicons/50992/portal/1701110412489/ 3 KB
3 KB 333ms
332ms Other
image/vnd.microsoft.icon 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/ext/favicons/50992/portal/1701110412489/favicon.ico?
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 25f74461a6c80971c69edba2800f0f82e4484dc79703c7b932ff2da8b8e375eb

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:19 GMT
x-77-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3226
x-77-nzt: EggBw7WvJwFBCAGKxyXEAYE
x-accel-expires: @1724520739
last-modified: Mon, 27 Nov 2023 18:40:57 GMT
server: CDN77-Turbo
etag: "c9a-60b26a490c15a"
x-77-nzt-ray: 25b0213170aad6b6228ca266da3da934
content-type: image/vnd.microsoft.icon
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 17:32:19 GMT

GET
H3 200 footer.css
cdn.airfind.com/rarch/292/archive/build/ 759 B
809 B 8ms
8ms Stylesheet
text/css 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/rarch/292/archive/build/footer.css?cb=80244ca857b7df7fb861
Requested by: Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=81c94f0
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c08ba30a7acd7cf8b7ac081c4a022e93c9218afe82c84e1576765b8cc543b2ad

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: gzip
x-accel-date-max: 1721911877
x-77-cache: HIT
x-cache: HIT
x-age: 16861
x-accel-date: 1721911877
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvJwH33UEAAAwBnJIhHwH3AgEAAA
x-accel-expires: @1722516419
x-77-age: 16861
last-modified: Thu, 25 Jul 2024 12:43:45 GMT
server: CDN77-Turbo
etag: W/"2f7-61e11bed81257"
x-77-nzt-ray: 25b0213170aa62b8228ca26676490936
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Thu, 01 Aug 2024 12:46:59 GMT

GET
H3 200 footer.js Show response
cdn.airfind.com/rarch/292/archive/build/ 1 KB
1 KB 8ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/rarch/292/archive/build/footer.js?cb=80244ca857b7df7fb861
Requested by: Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=81c94f0
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0a1d44228dda0bbacdeb67aa1d500634808453091d9de990eb6c0962ef5321e7

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: gzip
x-accel-date-max: 1721911876
x-77-cache: HIT
x-cache: HIT
x-age: 16862
x-accel-date: 1721911876
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBw7WvJwH33kEAAAwBJRPCMQH3AQEAAA
x-accel-expires: @1722516419
x-77-age: 16862
last-modified: Thu, 25 Jul 2024 12:43:45 GMT
server: CDN77-Turbo
etag: W/"54e-61e11bed81257"
x-77-nzt-ray: 25b0213170aa66b8228ca26637e00d36
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 01 Aug 2024 12:46:59 GMT

GET
H3 200 custom.js Show response
cdn.airfind.com/rarch/292/archive/build/ 9 KB
4 KB 9ms
9ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/rarch/292/archive/build/custom.js?cb=80244ca857b7df7fb861
Requested by: Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=81c94f0
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 740901ae9be8ab2c9aff6749dd0345993c191eff1b597767f27134d792b10ad6

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1721911841
alt-svc: h3=":443"; ma=86400
x-77-nzt: EggBw7WvJwFBDAHUZjgRAfcBQgAA
x-accel-expires: @1722516641
x-77-age: 16897
last-modified: Thu, 25 Jul 2024 12:43:45 GMT
server: CDN77-Turbo
etag: W/"25da-61e11bed81257"
x-77-nzt-ray: 25b0213170aa68b8228ca2669e361136
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
expires: Thu, 01 Aug 2024 12:50:41 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
31 KB 77ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=81c94f0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8df01531c3aedb6e4d1701e647b96612738a1079ed8a84bd3ab1076440ab71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 17:32:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31658
x-xss-protection: 0
server: cafe
etag: 772 / 19929 / m202407220101 / config-hash: 4488175205968778647
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 17:32:18 GMT

GET
H3 200 1701110457721-Frame%2060%20(1).png
cdn.airfind.com/ext/50992/ 4 KB
5 KB 322ms
321ms Image
image/png 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.airfind.com/ext/50992/1701110457721-Frame%2060%20(1).png
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5d818ccdc2aa80459ae6f0e7675ee97d1d2e294e6008f063ed53efe1575feafb

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-nzt: EggBw7WvJwFBCAHUZjgRAUE
x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:19 GMT
last-modified: Mon, 27 Nov 2023 18:40:57 GMT
server: CDN77-Turbo
etag: "117e-60b26a490e09a"
x-77-nzt-ray: 25b0213170aa79b8228ca26612242136
x-77-cache: MISS
content-type: image/png
x-cache: MISS
cache-control: max-age=2592000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4478
expires: Sat, 24 Aug 2024 17:32:19 GMT

GET /
cdn.airfind.com/genericportal/public/img/ 0
0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.ubersearch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:21:50 GMT
x-content-type-options: nosniff
age: 180628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:21:50 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/ 473 KB
147 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407220101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf36a20212b88f70aa6e9bb80ffba53a4d1af8df6e985a3a4474b1214aa85060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 13:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16001
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 150948
x-xss-protection: 0
server: cafe
etag: 13023782884208594292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 25 Jul 2025 13:05:38 GMT

GET
H3 200 favicon-32x32.png
cdn.airfind.com/ext/favicons/50992/portal/1701110412489/ 2 KB
2 KB 318ms
317ms Other
image/png 2a02:6ea0:c700::11
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.airfind.com/ext/favicons/50992/portal/1701110412489/favicon-32x32.png?
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8316c1133a3bf6369ae6faf658ce0c0a5a85f65cfe807ab86b23d251bfbf7e6c

Request headers

Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 25 Jul 2024 17:32:19 GMT
x-77-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1762
x-77-nzt: EggBw7WvJwFBCAGKxyXEAYE
x-accel-expires: @1724520739
last-modified: Mon, 27 Nov 2023 18:40:57 GMT
server: CDN77-Turbo
etag: "6e2-60b26a490b1ba"
x-77-nzt-ray: 25b0213170aaddcd238ca266ac1e3f0d
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 17:32:19 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ 0
284 B 101ms
100ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pages.ubersearch.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pages.ubersearch.net
Date: Thu, 25 Jul 2024 17:32:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.airfind.com
URL: https://cdn.airfind.com/genericportal/public/img/

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.ubersearch.net/	1970-01-21 07:54:48	Name: visitorId Value: 606d6d02-a76d-467a-bd24-ba89e3129f7e
pages.ubersearch.net/	1970-01-21 07:04:24	Name: homepage-variantNo Value: 1
pages.ubersearch.net/	1970-01-21 07:04:24	Name: homepage-testDate Value: 2021-01-13T18%3A21%3A56Z
pages.ubersearch.net/	1970-01-21 07:04:24	Name: homepage-testVersion Value: 1
pages.ubersearch.net/	1969-12-31 23:59:59	Name: connect.sid Value: s%3Ax1nNvG8DaXvNV-23mnsgJq3wqyS7YtJV.UUl0iJvA5av7YJdCNn9xjcACK1N7UQTJDWOku8p%2BQvc
.cdn.polygraph.net/	1970-01-20 22:18:50	Name: __cf_bm Value: TROuoS8SpyM.YANPiQfEkqdiCev9ZWhw2L2bF9jvp8k-1721928738-1.0.1.1-XZkvCt75SHotB_zS7NZFJ7xNDxZ_MSCaKMZDnFu6W0etiDIIcUzvo5hB_AqZ0FioSYLFZOFc3F.c76DUbyge4A
www.clarity.ms/	1970-01-21 07:04:24	Name: CLID Value: efea711c949042d78463b545635f8346.20240725.20250725
api.airfind.com/	1970-01-21 07:54:48	Name: visitorId Value: e86e1c3c-d675-4e51-adfc-7b4342bebf6c
.bing.com/	1970-01-21 07:40:24	Name: MUID Value: 0B1746BD47246DE81593527A46F66CDE
.c.bing.com/	1970-01-20 22:28:53	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:40:24	Name: SRM_B Value: 0B1746BD47246DE81593527A46F66CDE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:40:24	Name: MUID Value: 0B1746BD47246DE81593527A46F66CDE
.c.clarity.ms/	1970-01-20 22:28:53	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:18:49	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.airfind.com
c.bing.com
c.clarity.ms
cdn.airfind.com
cdn.polygraph.net
fonts.googleapis.com
fonts.gstatic.com
msadsscale.azureedge.net
pages.ubersearch.net
q.clarity.ms
securepubads.g.doubleclick.net
www.clarity.ms
www.googletagservices.com
cdn.airfind.com
104.236.135.234
13.74.129.1
20.231.53.73
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:3030::ac43:c552
2606:4700:4400::6812:2ae3
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a02:6ea0:c700::11
0a1d44228dda0bbacdeb67aa1d500634808453091d9de990eb6c0962ef5321e7
0a71dfdc0a883e0922ef509a6fee06ea831a83b696939f9fbee0348171417ef7
25f74461a6c80971c69edba2800f0f82e4484dc79703c7b932ff2da8b8e375eb
29d8c61173ebf95ad101172b2b1a43db05debe0f77234eb8b0c8f40dce435195
2c5374b13611e64a820c2ce7488baf2e57999afb1f9c547a638e29823cd61d88
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3712baf424dc99e59bf6f66c4cdd5e4a7e622bd85391b5ec242d7501065cff10
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e
5d818ccdc2aa80459ae6f0e7675ee97d1d2e294e6008f063ed53efe1575feafb
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
740901ae9be8ab2c9aff6749dd0345993c191eff1b597767f27134d792b10ad6
7823826fc3f05aa78c8b5acefcd0c72535c388cf7db1709071efe40f344f07dc
8316c1133a3bf6369ae6faf658ce0c0a5a85f65cfe807ab86b23d251bfbf7e6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a07018239badc14ef8dc785d1d7255c62ce891c850496edcdc6b9d419c10baac
a87f306ea4ed3eec8426e1920280876a144696329b47cfa3e1bb4b3ef11bb4f4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bf272a1d8385b4ce627ac1474a8998e3bff240374f0f9ef8a339664513158710
c08ba30a7acd7cf8b7ac081c4a022e93c9218afe82c84e1576765b8cc543b2ad
c553e02f9e62799adaade1b4f35abe79e83419cba47b84f4c73c32a92ff25626
c8df01531c3aedb6e4d1701e647b96612738a1079ed8a84bd3ab1076440ab71d
cf36a20212b88f70aa6e9bb80ffba53a4d1af8df6e985a3a4474b1214aa85060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

pages.ubersearch.net Open in urlscan Pro 2606:4700:3030::ac43:c552 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

92 %HTTPS

77 %IPv6

10 Domains

13 Subdomains

13 IPs

3 Countries

471 kBTransfer

1428 kBSize

15 Cookies

3 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

15 Cookies

Indicators

pages.ubersearch.net Open in urlscan Pro
2606:4700:3030::ac43:c552 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

92 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

471 kB
Transfer

1428 kB
Size

15
Cookies

26 HTTP transactions
0 data transactions