m.ubersearch.co Open in urlscan Pro
192.241.229.243  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response m.ubersearch.co/	6 KB 3 KB	1028ms 209ms	Document text/html	192.241.229.243 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://m.ubersearch.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.241.229.243 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Express Resource Hash 0d69631ba80f7b5caebdf3ec27db16aa53becfe836fb3375a56c39497cbeab5b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-origin * content-encoding gzip content-type text/html; charset=utf-8 date Mon, 20 Mar 2023 22:02:37 GMT server nginx vary Accept-Encoding Accept-Encoding x-powered-by Express
GET H2	200	icon fonts.googleapis.com/	569 B 439 B	126ms 46ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 20 Mar 2023 22:02:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Mar 2023 22:02:38 GMT
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	125ms 45ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,500,700 Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 20 Mar 2023 20:09:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Mar 2023 22:02:38 GMT
GET H2	200	v1 api.airfind.com/stats/pageviews/	48 B 260 B	770ms 166ms	Image image/gif	104.236.135.234 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://api.airfind.com/stats/pageviews/v1?clientId=50326&brand=&path=%2F Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.236.135.234 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT cache-control private, no-cache, proxy-revalidate, max-age=0 server nginx content-disposition inline content-length 48 content-type image/gif
GET H2	200	vendors~core.js Show response cdn.airfind.com/r/	261 KB 82 KB	269ms 23ms	Script text/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/r/vendors~core.js?cb=c6374eb Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash 1dac11f24446e6ff9a81bd4c1488ef76dc99c19cabe8aabc1fc333fef9988c3a Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip last-modified Mon, 20 Mar 2023 17:22:59 GMT server Apache etag "41231-5f7582db7baec" x-hw 1679349758.cds258.am5.hn,1679349758.cds201.am5.c content-type text/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 83925
GET H2	200	core.js Show response cdn.airfind.com/r/	115 KB 26 KB	295ms 49ms	Script text/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/r/core.js?cb=c6374eb Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash 0967293689ab543d36f9ae9aa7913a0b4a6d8c9ab49c18d00631f658530ccd07 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip last-modified Mon, 20 Mar 2023 17:22:59 GMT server Apache etag "1cd21-5f7582db73deb" x-hw 1679349758.cds258.am5.hn,1679349758.cds221.am5.c content-type text/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 26281
GET H2	200	core.css cdn.airfind.com/r/	36 KB 5 KB	269ms 22ms	Stylesheet text/css	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/r/core.css?cb=c6374eb Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash e52e4b4364ad2237928ec1fc6666689183be1b2248035be0845be794a2276028 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip last-modified Mon, 20 Mar 2023 17:22:59 GMT server Apache etag "91f2-5f7582db73deb" x-hw 1679349758.cds258.am5.hn,1679349758.cds221.am5.c content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 5137
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	121ms 36ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 20 Mar 2023 20:23:33 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 5945 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Mon, 20 Mar 2023 22:23:33 GMT
GET H/1.1	200 OK	aria-webjs-compact-sdk-1.2.1.min.js h6.msn.com/bingna/lib/aria-webjs-compact-sdk/	0 5 KB	94ms 9ms	Other application/javascript	2.19.84.19 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://h6.msn.com/bingna/lib/aria-webjs-compact-sdk/aria-webjs-compact-sdk-1.2.1.min.js Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 2.19.84.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-84-19.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 20 Mar 2023 22:02:38 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 22:28:46 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 CS9zzcLon7hn7JZMenV37Q== ETag 0x8D6450061D8A4D4 Vary Accept-Encoding Content-Type application/javascript x-ms-request-id 32a0d4bc-001e-00c8-6a44-4fe2ac000000 x-ms-version 2009-09-19 Connection keep-alive Content-Length 4823
GET H2	200	jquery-3.1.0.min.js ajax.aspnetcdn.com/ajax/jQuery/	0 38 KB	39ms 8ms	Other application/javascript	152.199.19.160 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.1.0.min.js Requested by Host: m.ubersearch.co URL: https://m.ubersearch.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.19.160 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C8D) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip x-content-type-options nosniff age 16152441 x-cache HIT content-length 38649 x-xss-protection 1; mode=block last-modified Mon, 31 Oct 2016 23:11:08 GMT server ECAcc (frc/4C8D) etag "a04ffffcc33d21:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 21:14:09 GMT content-encoding gzip x-content-type-options nosniff age 2909 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 20 Mar 2023 22:14:09 GMT
GET H2	200	v2 Show response api.airfind.com/content/	3 KB 1 KB	498ms 178ms	Fetch application/json	104.236.135.234 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://api.airfind.com/content/v2?clientId=50326&variant=1&affiliateId=&userID=96b67af7-fe0f-47ea-b47d-4906525920b2 Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/r/core.js?cb=c6374eb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.236.135.234 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 2a6ad41cbbe0c71e0e5fa628cf6ddb8c93753479dfc37280c036ab93fbf21e4a Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding, Origin access-control-allow-methods GET,PUT,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://m.ubersearch.co access-control-allow-credentials true access-control-allow-headers Content-Type
GET H2	200	footer.css cdn.airfind.com/rarch/176/archive/build/	979 B 515 B	24ms 23ms	Stylesheet text/css	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/rarch/176/archive/build/footer.css?cb=77365826b96b2afa3fec Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/r/core.js?cb=c6374eb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash 5bcb685d3c59b4118824c21007e91e55b191552e6833a610f1633adbb8554c88 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip last-modified Mon, 20 Mar 2023 17:22:59 GMT server Apache etag "3d3-5f7582db75d2b" x-hw 1679349758.cds258.am5.hn,1679349758.cds251.am5.c content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 403
GET H2	200	footer.js Show response cdn.airfind.com/rarch/176/archive/build/	1 KB 786 B	24ms 23ms	Script text/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.airfind.com/rarch/176/archive/build/footer.js?cb=77365826b96b2afa3fec Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/r/core.js?cb=c6374eb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash ab9d0870c782e1219049cae84d5292ee04d59647fdd6e34c862f2a2ebb689d08 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip last-modified Mon, 20 Mar 2023 17:22:59 GMT server Apache etag "53e-5f7582db75d2b" x-hw 1679349758.cds258.am5.hn,1679349758.cds275.am5.c content-type text/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 674
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	78 KB 27 KB	148ms 46ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cdn.airfind.com URL: https://cdn.airfind.com/r/core.js?cb=c6374eb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4d7009794ecbac2ca41a2fdc7c5824eb6a3ba873d0f16f25fb30fbfcf7f7c0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27372 x-xss-protection 0 server sffe etag "1517 / 138 of 1000 / last-modified: 1679343082" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 20 Mar 2023 22:02:38 GMT
GET H2	200	search-logo.png cdn.airfind.com/staging/core/public/img/	19 KB 19 KB	24ms 23ms	Image image/png	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/staging/core/public/img/search-logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash 21af6a24312d174b0536ac91dd297ca9847ca9fc506a78717ed7b82b1ff59b3d Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT last-modified Wed, 06 Jul 2022 09:45:25 GMT server Apache etag "4d65-5e31fd41fc01f" x-hw 1679349758.cds258.am5.hn,1679349758.cds227.am5.c content-type image/png access-control-allow-origin * cache-control max-age=1200 accept-ranges bytes content-length 19813
GET H2	200	enhanced_by_google.png cdn.airfind.com/genericportal/public/img/search/	15 KB 15 KB	24ms 23ms	Image image/png	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/genericportal/public/img/search/enhanced_by_google.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash 8f72ed8f3c1ceba35cbb607d4ad89c44b5b1ea6d2ce82c0ec2555ef376ef08f3 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT last-modified Fri, 29 Apr 2022 21:05:37 GMT server Apache etag "3ae9-5ddd167786bc2" x-hw 1679349758.cds258.am5.hn,1679349758.cds216.am5.c content-type image/png access-control-allow-origin * cache-control max-age=1200 accept-ranges bytes content-length 15081
GET H2	200	google.png cdn.airfind.com/genericportal/public/img/search/	3 KB 4 KB	25ms 25ms	Image image/png	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.airfind.com/genericportal/public/img/search/google.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Apache / Resource Hash 23e17646346ed5f15949132208b134981579e3433131e59b13740607a54c41a1 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:38 GMT last-modified Fri, 29 Apr 2022 21:05:37 GMT server Apache etag "db2-5ddd167786bc2" x-hw 1679349758.cds258.am5.hn,1679349758.cds274.am5.c content-type image/png access-control-allow-origin * cache-control max-age=1200 accept-ranges bytes content-length 3506
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	115ms 35ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://m.ubersearch.co accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 15 Mar 2023 16:22:50 GMT x-content-type-options nosniff age 452388 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Mar 2024 16:22:50 GMT
GET H2	200	pubads_impl_2023031501.js Show response securepubads.g.doubleclick.net/gpt/	397 KB 134 KB	132ms 42ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031501.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 010595716a334027c86b48c191484ca1ea5f758b4c239ffdedf69919ac480c6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Sat, 18 Mar 2023 09:17:35 GMT content-encoding gzip x-content-type-options nosniff age 218704 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136785 x-xss-protection 0 last-modified Wed, 15 Mar 2023 08:36:02 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sun, 17 Mar 2024 09:17:35 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	48 B 588 B	136ms 48ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=m.ubersearch.co Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4f307949ecb07572cd4159c28d4ae1faedf9e3d4512c687bb2b9b5af2188226a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://m.ubersearch.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 22:02:39 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46 x-xss-protection 0 expires Mon, 20 Mar 2023 22:02:39 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| gaAnalyticsURL string| GoogleAnalyticsObject function| ga function| loadCSS object| googletag object| afScripts string| visitorId object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime object| scrollTracker string| afClientId function| afAdRequest string| BUILD boolean| store object| _history object| React object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.ubersearch.co/	1970-01-20 20:05:09	Name: visitorId Value: 96b67af7-fe0f-47ea-b47d-4906525920b2
			m.ubersearch.co/	1970-01-20 19:14:45	Name: homepage-variantNo Value: 1
			m.ubersearch.co/	1970-01-20 19:14:45	Name: homepage-testDate Value: 2019-09-16T13%3A25%3A31Z
			m.ubersearch.co/	1970-01-20 19:14:45	Name: homepage-testVersion Value: 1
			m.ubersearch.co/	1969-12-31 23:59:59	Name: connect.sid Value: s%3Am9t0JtPOqHPZpVrG9wpGfFE2btfcevTd.yEJm778Ud3hP9xpPpHi9My%2FObB5DK1gG%2FzsuaL%2BSaFA
			.ubersearch.co/	1970-01-20 20:05:09	Name: _ga Value: GA1.2.992693440.1679349758
			.ubersearch.co/	1970-01-20 10:30:36	Name: _gid Value: GA1.2.1420903083.1679349758
			api.airfind.com/	1970-01-20 20:05:09	Name: visitorId Value: 8ec99261-d22a-414d-8f57-637fa14fb759

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
api.airfind.com
cdn.airfind.com
fonts.googleapis.com
fonts.gstatic.com
h6.msn.com
m.ubersearch.co
securepubads.g.doubleclick.net
www.google-analytics.com
www.googletagservices.com
104.236.135.234
151.139.128.10
152.199.19.160
192.241.229.243
2.19.84.19
2a00:1450:4001:802::2003
2a00:1450:4001:813::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
010595716a334027c86b48c191484ca1ea5f758b4c239ffdedf69919ac480c6e
0967293689ab543d36f9ae9aa7913a0b4a6d8c9ab49c18d00631f658530ccd07
0d69631ba80f7b5caebdf3ec27db16aa53becfe836fb3375a56c39497cbeab5b
1dac11f24446e6ff9a81bd4c1488ef76dc99c19cabe8aabc1fc333fef9988c3a
21af6a24312d174b0536ac91dd297ca9847ca9fc506a78717ed7b82b1ff59b3d
23e17646346ed5f15949132208b134981579e3433131e59b13740607a54c41a1
2a6ad41cbbe0c71e0e5fa628cf6ddb8c93753479dfc37280c036ab93fbf21e4a
47d0230fc7603fa082f5a142aac786bf60f98d83e221775640a19a61fc2b693e
4f307949ecb07572cd4159c28d4ae1faedf9e3d4512c687bb2b9b5af2188226a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bcb685d3c59b4118824c21007e91e55b191552e6833a610f1633adbb8554c88
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
8f72ed8f3c1ceba35cbb607d4ad89c44b5b1ea6d2ce82c0ec2555ef376ef08f3
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
ab9d0870c782e1219049cae84d5292ee04d59647fdd6e34c862f2a2ebb689d08
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d7009794ecbac2ca41a2fdc7c5824eb6a3ba873d0f16f25fb30fbfcf7f7c0d
e52e4b4364ad2237928ec1fc6666689183be1b2248035be0845be794a2276028