urlscan.io logo urlscan.io
SecurityTrails logo

search.ubersearch.net Open in urlscan Pro
192.241.229.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://search.ubersearch.net/
Submission: On August 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 28 HTTP transactions. The main IP is 192.241.229.243, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is search.ubersearch.net.
TLS certificate: Issued by R10 on June 13th 2024. Valid for: 3 months.
This is the only time search.ubersearch.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.241.229.243 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:2800:133... 15133 (EDGECAST)
9 2a02:6ea0:c70... 60068 (CDN77 _)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.236.135.234 14061 (DIGITALOC...)
2 209.38.175.2 14061 (DIGITALOC...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 20.114.189.70 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 14
1    192.241.229.243 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
search.ubersearch.net
1    2606:4700::6812:dc0 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.polygraph.net
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
msadsscale.azureedge.net
9    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.airfind.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.236.135.234 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
api.airfind.com
2    209.38.175.2 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
verify.polygraph.net
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
11 airfind.com
cdn.airfind.com — Cisco Umbrella Rank: 74179
api.airfind.com — Cisco Umbrella Rank: 53249
195 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
t.clarity.ms — Cisco Umbrella Rank: 8415
c.clarity.ms — Cisco Umbrella Rank: 1838
28 KB
3 polygraph.net
cdn.polygraph.net — Cisco Umbrella Rank: 263613
verify.polygraph.net — Cisco Umbrella Rank: 564190
9 KB
2 gstatic.com
fonts.gstatic.com
37 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
148 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 353
32 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
773 B
1 azureedge.net
msadsscale.azureedge.net — Cisco Umbrella Rank: 40491
24 KB
1 ubersearch.net
search.ubersearch.net
3 KB
28 10
Domain Requested by
9 cdn.airfind.com search.ubersearch.net
cdn.airfind.com
2 c.clarity.ms 1 redirects
2 t.clarity.ms www.clarity.ms
2 fonts.gstatic.com fonts.googleapis.com
2 www.clarity.ms search.ubersearch.net
www.clarity.ms
2 verify.polygraph.net cdn.polygraph.net
2 api.airfind.com search.ubersearch.net
cdn.airfind.com
2 fonts.googleapis.com search.ubersearch.net
1 securepubads.g.doubleclick.net www.googletagservices.com
1 www.googletagservices.com cdn.airfind.com
1 c.bing.com 1 redirects
1 msadsscale.azureedge.net search.ubersearch.net
1 cdn.polygraph.net search.ubersearch.net
1 search.ubersearch.net
28 14

This site contains links to these domains. Also see Links.

Domain
airfind.com
Subject Issuer Validity Valid
search.ubersearch.net
R10		 2024-06-13 -
2024-09-11		 3 months crt.sh
polygraph.net
E5		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
cdn.airfind.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-08 -
2024-12-07		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
api.airfind.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-01 -
2024-12-01		 a year crt.sh
verify.polygraph.net
E5		 2024-08-11 -
2024-11-09		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://search.ubersearch.net/
Frame ID: F700BF7AFC21F28E89A818DE8FBBCA8E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber Search

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

28
Requests

93 %
HTTPS

64 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

477 kB
Transfer

1437 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7B68F21DFFC8447F97087FD1BC29DBDB&RedC=c.clarity.ms&MXFR=3854904BC9116E3917208492CD1160B3 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B68F21DFFC8447F97087FD1BC29DBDB&MUID=03870DBF2F6C6A772A8419662EBE6BC8

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
search.ubersearch.net/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.229.243 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
8e6016090a47ead933e6a82d6e52bf73c8887199b310900e77f8ad7b511c77c1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 16:50:37 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
x-powered-by
Express
pg.a.js
cdn.polygraph.net/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polygraph.net/pg.a.js
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87f306ea4ed3eec8426e1920280876a144696329b47cfa3e1bb4b3ef11bb4f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 16:50:38 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 14:47:31 GMT
server
cloudflare
x-amz-request-id
tx000003bc8d30f0c0e6ff4-0066a7d7c1-3cca6a98-sgp1b
etag
W/"df56fa1f6d213b8bb18e0ed6c0393b47"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/x-javascript
x-do-cdn-uuid
d980c57c-e5a0-433f-91e1-94210e4485ca
x-rgw-object-type
Normal
cache-control
max-age=3600
cf-ray
8b21f72c9adc65c0-FRA
telemetryJS.js
msadsscale.azureedge.net/bingads/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://msadsscale.azureedge.net/bingads/telemetryJS.js
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4899) /
Resource Hash
29d8c61173ebf95ad101172b2b1a43db05debe0f77234eb8b0c8f40dce435195

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Aug 2024 16:50:38 GMT
content-encoding
gzip
content-md5
/jcK2jItxtW7pRLPV2YW2g==
age
130858
x-cache
HIT
content-length
24131
x-ms-lease-status
unlocked
last-modified
Wed, 17 Jan 2024 11:16:28 GMT
server
ECAcc (ama/4899)
etag
0x8DC174DC07178E4
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
0887d5bd-901e-0029-28a7-eb9960000000
access-control-expose-headers
content-length
x-ms-version
2009-09-19
vendors~core.js
cdn.airfind.com/r/ 		364 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/r/vendors~core.js?cb=8df3e8b
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c553e02f9e62799adaade1b4f35abe79e83419cba47b84f4c73c32a92ff25626

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:38 GMT
content-encoding
gzip
x-accel-date-max
1723120112
x-77-cache
HIT
x-cache
HIT
x-age
361326
x-accel-date
1723120112
x-77-nzt
EgwBisclJAH3boMFAAwB1GY4EQH3/gAAAA
x-accel-expires
@1723724658
x-77-age
361326
last-modified
Thu, 25 Jul 2024 12:43:45 GMT
server
CDN77-Turbo
etag
W/"5b068-61e11bed87017"
x-77-nzt-ray
f88df72eeae6a4315e3dba66b93ccb0e
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Thu, 15 Aug 2024 12:24:18 GMT
core.js
cdn.airfind.com/r/ 		180 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/r/core.js?cb=8df3e8b
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0a71dfdc0a883e0922ef509a6fee06ea831a83b696939f9fbee0348171417ef7

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:38 GMT
content-encoding
gzip
x-accel-date-max
1723120112
x-77-cache
HIT
x-cache
HIT
x-age
361326
x-accel-date
1723120112
x-77-nzt
EgwBisclJAH3boMFAAwBisclxAH3/gAAAA
x-accel-expires
@1723724658
x-77-age
361326
last-modified
Thu, 25 Jul 2024 12:43:45 GMT
server
CDN77-Turbo
etag
W/"2cf21-61e11bed81257"
x-77-nzt-ray
f88df72eeae6a4315e3dba664fdc4910
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Thu, 15 Aug 2024 12:24:18 GMT
core.css
cdn.airfind.com/r/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/r/core.css?cb=8df3e8b
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3712baf424dc99e59bf6f66c4cdd5e4a7e622bd85391b5ec242d7501065cff10

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:38 GMT
content-encoding
gzip
x-accel-date-max
1723120112
x-77-cache
HIT
x-cache
HIT
x-age
361326
x-accel-date
1723120112
x-77-nzt
EgwBisclJAH3boMFAAwB1GY4EQH3/gAAAA
x-accel-expires
@1723724658
x-77-age
361326
last-modified
Thu, 25 Jul 2024 12:43:45 GMT
server
CDN77-Turbo
etag
W/"cf1e-61e11bed81257"
x-77-nzt-ray
f88df72eeae6a4315e3dba66802bc40e
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Thu, 15 Aug 2024 12:24:18 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Aug 2024 16:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 16:50:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Aug 2024 16:50:38 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77b90d79a53397c06475b66eb6cd048708aac8ccd86920e0612a4e5586a635cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Aug 2024 16:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Aug 2024 15:56:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Aug 2024 16:50:38 GMT
v1
api.airfind.com/stats/pageviews/ 		48 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.airfind.com/stats/pageviews/v1?clientId=50923&brand=&path=%2F
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.135.234 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 16:50:39 GMT
cache-control
private, no-cache, proxy-revalidate, max-age=0
server
nginx
content-disposition
inline
content-length
48
content-type
image/gif
/
verify.polygraph.net/ 		0
317 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://verify.polygraph.net/
Requested by
Host: cdn.polygraph.net
URL: https://cdn.polygraph.net/pg.a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.175.2 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
date
Mon, 12 Aug 2024 16:50:39 GMT
server
nginx/1.24.0 (Ubuntu)
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
OPTIONS,GET,POST
j9j09qpkrr
www.clarity.ms/tag/ 		638 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/j9j09qpkrr
Requested by
Host: search.ubersearch.net
URL: https://search.ubersearch.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0893932a217d35930bbf451644632802985424a661b14eced5023455a71b7915

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
date
Mon, 12 Aug 2024 16:50:38 GMT
x-azure-ref
20240812T165038Z-167f4bf9998dm7rr3ku9pbze8w0000000930000000013tcr
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
638
expires
-1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://search.ubersearch.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 10:40:24 GMT
x-content-type-options
nosniff
age
454214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 10:40:24 GMT
/
verify.polygraph.net/ 		25 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://verify.polygraph.net/
Requested by
Host: cdn.polygraph.net
URL: https://cdn.polygraph.net/pg.a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.38.175.2 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) / Express
Resource Hash
fb436b6ee467b01bf320c2b0a1b7173aae503f091701c1ba8f33761b2bf87ca7

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Aug 2024 16:50:39 GMT
content-encoding
gzip
server
nginx/1.24.0 (Ubuntu)
etag
W/"19-fo8TuBWfJ7bGL6aMCeLijQBqJXU"
x-powered-by
Express
transfer-encoding
chunked
access-control-allow-methods
OPTIONS,GET,POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
v2
api.airfind.com/content/ 		42 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.airfind.com/content/v2?clientId=50923&variant=1&affiliateId=&userID=7904206b-0ee6-455f-8910-258183e8ae72&referer=https%3A%2F%2Fsearch.ubersearch.net%2F
Requested by
Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=8df3e8b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.135.234 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
38f0f898be79936242b63d0240c600f824703fb546e936fb8582d80245a9ceb8

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 16:50:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://search.ubersearch.net
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/j9j09qpkrr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 16:50:38 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 19:54:07 GMT
etag
W/"0x8DCB263B4239D88"
vary
Accept-Encoding
x-azure-ref
20240812T165038Z-167f4bf9998dm7rr3ku9pbze8w0000000930000000013tg8
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
510baef2-d01e-0018-23b9-e8f1bc000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
t.clarity.ms/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://search.ubersearch.net
Date
Mon, 12 Aug 2024 16:50:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7B68F21DFFC8447F97087FD1BC29DBDB&RedC=c.clarity.ms&MXFR=3854904BC9116E3917208492CD1160B3
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B68F21DFFC8447F97087FD1BC29DBDB&MUID=03870DBF2F6C6A772A8419662EBE6BC8
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B68F21DFFC8447F97087FD1BC29DBDB&MUID=03870DBF2F6C6A772A8419662EBE6BC8
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 16:50:39 GMT
last-modified
Thu, 01 Aug 2024 17:45:27 GMT
server
Microsoft-IIS/10.0
etag
"43fd8f983ae4da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Aug 2024 16:50:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F7AF040854074B8C9B25BA069D2E5D54 Ref B: FRAEDGE1307 Ref C: 2024-08-12T16:50:39Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7B68F21DFFC8447F97087FD1BC29DBDB&MUID=03870DBF2F6C6A772A8419662EBE6BC8
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
footer.css
cdn.airfind.com/rarch/292/archive/build/ 		759 B
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/rarch/292/archive/build/footer.css?cb=80244ca857b7df7fb861
Requested by
Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=8df3e8b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c08ba30a7acd7cf8b7ac081c4a022e93c9218afe82c84e1576765b8cc543b2ad

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:39 GMT
content-encoding
gzip
x-accel-date-max
1722246119
x-77-cache
HIT
x-cache
HIT
x-age
360210
x-accel-date
1723121229
x-77-nzt
EgwBisclJAH3En8FAAwBnJIhHwH3pBoFAA
x-accel-expires
@1723726027
x-77-age
360210
last-modified
Thu, 25 Jul 2024 12:43:45 GMT
server
CDN77-Turbo
etag
W/"2f7-61e11bed81257"
x-77-nzt-ray
f88df72eeae6a4315f3dba6636d1c311
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Thu, 01 Aug 2024 12:46:59 GMT
footer.js
cdn.airfind.com/rarch/292/archive/build/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/rarch/292/archive/build/footer.js?cb=80244ca857b7df7fb861
Requested by
Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=8df3e8b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0a1d44228dda0bbacdeb67aa1d500634808453091d9de990eb6c0962ef5321e7

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:39 GMT
content-encoding
gzip
x-accel-date-max
1722246119
x-77-cache
HIT
x-cache
HIT
x-age
360210
x-accel-date
1723121229
x-77-nzt
EgwBisclJAH3En8FAAwBJRPCMQH3pBoFAA
x-accel-expires
@1723726027
x-77-age
360210
last-modified
Thu, 25 Jul 2024 12:43:45 GMT
server
CDN77-Turbo
etag
W/"54e-61e11bed81257"
x-77-nzt-ray
f88df72eeae6a4315f3dba6678b1c811
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Thu, 01 Aug 2024 12:46:59 GMT
custom.js
cdn.airfind.com/rarch/292/archive/build/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/rarch/292/archive/build/custom.js?cb=80244ca857b7df7fb861
Requested by
Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=8df3e8b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
740901ae9be8ab2c9aff6749dd0345993c191eff1b597767f27134d792b10ad6

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:39 GMT
content-encoding
gzip
x-accel-date-max
1722247712
x-77-cache
HIT
x-cache
HIT
x-age
356027
x-accel-date
1723125412
x-77-nzt
EgwBisclJAH3u24FAAwB1GY4EQH3/x8FAA
x-accel-expires
@1723726308
x-77-age
356027
last-modified
Thu, 25 Jul 2024 12:43:45 GMT
server
CDN77-Turbo
etag
W/"25da-61e11bed81257"
x-77-nzt-ray
f88df72eeae6a4315f3dba6679accc11
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
expires
Thu, 01 Aug 2024 12:50:41 GMT
gpt.js
www.googletagservices.com/tag/js/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.airfind.com
URL: https://cdn.airfind.com/r/core.js?cb=8df3e8b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
665bf1267281f3541b59447347b5a51457d47805a7423c00adcfb1bdf793e53b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 16:50:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32108
x-xss-protection
0
server
cafe
etag
553 / 19947 / m202408060101 / config-hash: 11501360919743623629
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Aug 2024 16:50:39 GMT
1716565998761-ubersearch.net_small.png
cdn.airfind.com/ext/50923/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.airfind.com/ext/50923/1716565998761-ubersearch.net_small.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b28bf9573d66617a925b9a6bd14776645ce14a6e3ee0bd098da38b11aaa89929

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-nzt
EggBisclJAFBCAHUZjgRAYE
x-accel-expires
@1726073439
date
Mon, 12 Aug 2024 16:50:39 GMT
x-77-pop
frankfurtDE
last-modified
Fri, 24 May 2024 15:53:21 GMT
server
CDN77-Turbo
etag
"1304-619352abd03c5"
x-77-nzt-ray
f88df72eeae6a4315f3dba662955da11
x-77-cache
MISS
content-type
image/png
x-cache
MISS
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4868
expires
Wed, 11 Sep 2024 16:50:39 GMT
/
cdn.airfind.com/genericportal/public/img/ 		0
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://search.ubersearch.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 09:15:49 GMT
x-content-type-options
nosniff
age
459290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18588
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Aug 2025 09:15:49 GMT
favicon.ico
cdn.airfind.com/ext/favicons/50923/portal/1716565977872/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/ext/favicons/50923/portal/1716565977872/favicon.ico?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c2eb99c4734573b2c116bde03b12141c6265a1b64fd373d8de90d27a3c460792

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-nzt
EggBisclJAFBCAGKxyXEAUE
x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:39 GMT
last-modified
Fri, 24 May 2024 15:53:21 GMT
server
CDN77-Turbo
etag
"7b1-619352ac15928"
x-77-nzt-ray
f88df72eeae6a4315f3dba660acbfe14
x-77-cache
MISS
content-type
image/vnd.microsoft.icon
x-cache
MISS
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1969
expires
Wed, 11 Sep 2024 16:50:39 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/ 		473 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408060101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 20:40:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
72592
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151286
x-xss-protection
0
server
cafe
etag
16318545838041958494
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 11 Aug 2025 20:40:47 GMT
favicon-32x32.png
cdn.airfind.com/ext/favicons/50923/portal/1716565977872/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.airfind.com/ext/favicons/50923/portal/1716565977872/favicon-32x32.png?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fc00849e24fb746bd2c229fc36800c6ab2ecbbe5fd88f415025bc6463548b81c

Request headers

Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-nzt
EggBisclJAFBCAElE8IuAUE
x-77-pop
frankfurtDE
date
Mon, 12 Aug 2024 16:50:40 GMT
last-modified
Fri, 24 May 2024 15:53:21 GMT
server
CDN77-Turbo
etag
"404-619352ac12a48"
x-77-nzt-ray
f88df72eeae6a4315f3dba66c7e8292e
x-77-cache
MISS
content-type
image/png
x-cache
MISS
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1028
expires
Wed, 11 Sep 2024 16:50:40 GMT
collect
t.clarity.ms/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://search.ubersearch.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://search.ubersearch.net
Date
Mon, 12 Aug 2024 16:50:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.airfind.com
URL
https://cdn.airfind.com/genericportal/public/img/

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| event function| fingerprint function| test function| check object| result function| loadCSS object| googletag object| afScripts string| visitorId string| afSessionId function| clarity function| initTelemetryJS object| webpackJsonp function| clearImmediate function| setImmediate object| regeneratorRuntime object| scrollTracker string| afClientId function| afAdRequest string| BUILD object| _history object| React object| footers object| ggeac object| google_tag_data object| google_js_reporting_queue number| polygraph_result object| google_reactive_ads_global_state

15 Cookies

Domain/Path Name / Value
search.ubersearch.net/ Name: visitorId
Value: 7904206b-0ee6-455f-8910-258183e8ae72
search.ubersearch.net/ Name: homepage-variantNo
Value: 1
search.ubersearch.net/ Name: homepage-testDate
Value: 2021-01-13T18%3A21%3A56Z
search.ubersearch.net/ Name: homepage-testVersion
Value: 1
search.ubersearch.net/ Name: connect.sid
Value: s%3Ax5HVyfXq940vqiH1EYq9hPXl_2TUf4b8.9cAtWil52EAe11P%2F%2Fd6Rjl1QpfqKjNoLHFcRTYQDZPs
.cdn.polygraph.net/ Name: __cf_bm
Value: rRhjYWY2fcnQCsXZwpbMw1HMEvtiIYc29Ys5j4sL8Os-1723481438-1.0.1.1-ivKU4tV7PbKyZF_SIsshVPuBnjjiJxohoeJP8Fvdz3E1ahnHRr6NjJyZ1wlU08SbxixM_YAca67uxAhd5zmwWg
www.clarity.ms/ Name: CLID
Value: d5622f22b2c94899b2e40b543845591f.20240812.20250812
api.airfind.com/ Name: visitorId
Value: 79fd07d9-0278-45eb-8562-20549d16052f
.bing.com/ Name: MUID
Value: 03870DBF2F6C6A772A8419662EBE6BC8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 03870DBF2F6C6A772A8419662EBE6BC8
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 03870DBF2F6C6A772A8419662EBE6BC8
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.airfind.com
c.bing.com
c.clarity.ms
cdn.airfind.com
cdn.polygraph.net
fonts.googleapis.com
fonts.gstatic.com
msadsscale.azureedge.net
search.ubersearch.net
securepubads.g.doubleclick.net
t.clarity.ms
verify.polygraph.net
www.clarity.ms
www.googletagservices.com
cdn.airfind.com
104.236.135.234
13.74.129.1
192.241.229.243
20.114.189.70
209.38.175.2
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6812:dc0
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:806::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a02:6ea0:c700::18
0893932a217d35930bbf451644632802985424a661b14eced5023455a71b7915
0a1d44228dda0bbacdeb67aa1d500634808453091d9de990eb6c0962ef5321e7
0a71dfdc0a883e0922ef509a6fee06ea831a83b696939f9fbee0348171417ef7
29d8c61173ebf95ad101172b2b1a43db05debe0f77234eb8b0c8f40dce435195
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3712baf424dc99e59bf6f66c4cdd5e4a7e622bd85391b5ec242d7501065cff10
38f0f898be79936242b63d0240c600f824703fb546e936fb8582d80245a9ceb8
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
665bf1267281f3541b59447347b5a51457d47805a7423c00adcfb1bdf793e53b
740901ae9be8ab2c9aff6749dd0345993c191eff1b597767f27134d792b10ad6
77b90d79a53397c06475b66eb6cd048708aac8ccd86920e0612a4e5586a635cf
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e6016090a47ead933e6a82d6e52bf73c8887199b310900e77f8ad7b511c77c1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a87f306ea4ed3eec8426e1920280876a144696329b47cfa3e1bb4b3ef11bb4f4
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b28bf9573d66617a925b9a6bd14776645ce14a6e3ee0bd098da38b11aaa89929
c08ba30a7acd7cf8b7ac081c4a022e93c9218afe82c84e1576765b8cc543b2ad
c2eb99c4734573b2c116bde03b12141c6265a1b64fd373d8de90d27a3c460792
c553e02f9e62799adaade1b4f35abe79e83419cba47b84f4c73c32a92ff25626
ccee77f4b5d83cb6e274010848ee8baeefbb7d99199d78b22d798676591d36d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb436b6ee467b01bf320c2b0a1b7173aae503f091701c1ba8f33761b2bf87ca7
fc00849e24fb746bd2c229fc36800c6ab2ecbbe5fd88f415025bc6463548b81c