ust.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/Login.ID-26641
Effective URL:
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Submission: On February 05 via automatic, source openphish (February 5th 2023, 1:06:00 am UTC) — Scanned from DE

Summary HTTP 110 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 110 HTTP transactions. The main IP is 2606:4700:3030::6815:3954, located in United States and belongs to CLOUDFLARENET, US. The main domain is ust.aly2um.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time ust.aly2um.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	100.21.95.251 100.21.95.251	16509 (AMAZON-02) (AMAZON-02)
1 1	190.115.26.9 190.115.26.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
16	2606:4700:303... 2606:4700:3030::6815:3954	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
110	16

1 100.21.95.251 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: host.nohasslecoaching.com

nhw3staging.serenitybirthstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.115.26.9 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

99pw.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3030::6815:3954 (United States)

ASN13335 (CLOUDFLARENET, US)

ust.aly2um.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	534 KB
16	aly2um.com ust.aly2um.com	108 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	121 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 358	130 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	98 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	145 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 mts0.google.com — Cisco Umbrella Rank: 3981 www.google.com — Cisco Umbrella Rank: 2	19 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8741	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	603 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	43 KB
1	t.co t.co — Cisco Umbrella Rank: 531	594 B
1	99pw.pw 1 redirects 99pw.pw	215 B
1	serenitybirthstudio.com nhw3staging.serenitybirthstudio.com	450 B
110	15

	Domain	Requested by
44	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
16	ust.aly2um.com	t.co ust.aly2um.com nhw3staging.serenitybirthstudio.com
11	pagead2.googlesyndication.com	ust.aly2um.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	mts0.google.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	ust.aly2um.com
1	t.co	nhw3staging.serenitybirthstudio.com
1	99pw.pw	1 redirects
1	nhw3staging.serenitybirthstudio.com
110	19

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
nhw3staging.serenitybirthstudio.com R3	`2023-01-04` - `2023-04-04`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Frame ID: 61BB0CCEB829565FC1555FA7A77C5592
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: 3C2BF74D5653AD4A5B273906B5154F6E
Requests: 1 HTTP requests in this frame

Frame: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675555200
Frame ID: D217B4876A8F5AFF4EA34978B5CDFE77
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1675559149&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149544&bpp=2&bdt=426&idt=341&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2329683726711&frm=20&pv=2&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=360
Frame ID: 2F7E72064EBD74436E0470C9FD4B20B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1675559149&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149546&bpp=1&bdt=428&idt=361&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=neXnWCSTxG&p=https%3A//ust.aly2um.com&dtd=364
Frame ID: 03D467320447D8ED9C725A7F68F6494C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368
Frame ID: 48281C868CA5C98B205F4986F02BCF60
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149567&bpp=1&bdt=449&idt=352&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hLJmIHeoQi&p=https%3A//ust.aly2um.com&dtd=354
Frame ID: 9E80A7200E333CC7313D8E63005E3F3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149569&bpp=5&bdt=451&idt=355&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JhO8NIbnnV&p=https%3A//ust.aly2um.com&dtd=358
Frame ID: 9C7455A12C65CA6AD9E61FCDCB3B9A2D
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: DF2347DF7139D4C212B12A2442B6551B
Requests: 38 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 5E894B33B275ED583C8A93B1A06A96E8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 0C5EE0F73A0E61B280F258F10EBEBEF6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: C95B9B27A41AA2517157C95B6B757A50
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 861BF46499C9E77DD0B745DABF4E2BFC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 459799D4471EAAE78CD03528E006DA21
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USDT outperforms both MasterCard and Visa in terms of transaction settlement - Digital Currency News

Page URL History Show full URLs

https://nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/Login.ID-26641 Page URL
https://99pw.pw/Epo0r2 HTTP 302
https://t.co/KgdLpz31TG Page URL
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

100 %
HTTPS

81 %
IPv6

15
Domains

19
Subdomains

16
IPs

4
Countries

1223 kB
Transfer

3004 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/Login.ID-26641 Page URL
https://99pw.pw/Epo0r2 HTTP 302
https://t.co/KgdLpz31TG Page URL
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://99pw.pw/Epo0r2 HTTP 302
https://t.co/KgdLpz31TG

110 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Login.ID-26641
nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/ 672 B
450 B 619ms
208ms Document
text/html 100.21.95.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/Login.ID-26641
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 100.21.95.251 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: host.nohasslecoaching.com
Software: Apache / PHP/7.4.32
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 325
content-type: text/html; charset=UTF-8
date: Sun, 05 Feb 2023 01:05:47 GMT
server: Apache
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.32

GET
H2

200

KgdLpz31TG
t.co/
Redirect Chain

https://99pw.pw/Epo0r2
https://t.co/KgdLpz31TG

402 B
594 B

251ms
153ms

Document
text/html

104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/KgdLpz31TG

Requested by

Host: nhw3staging.serenitybirthstudio.com
URL: https://nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/Login.ID-26641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Referer: https://nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/Login.ID-26641
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 221
content-type: text/html; charset=utf-8
date: Sun, 05 Feb 2023 01:05:47 GMT
expires: Sun, 05 Feb 2023 01:10:48 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 15ab2545a2d73197fc32655772cd25f9b0a21afd8318748b8e794d6f35aded00
x-response-time: 113
x-transaction-id: 13c068f24e57748e
x-xss-protection: 0

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Sun, 05 Feb 2023 01:05:48 GMT
location: https://t.co/KgdLpz31TG
server: ddos-guard

GET
H2 200 Primary Request usdt-outperforms-mastercard-terms-transaction-settlement Show response
ust.aly2um.com/17/ 31 KB
7 KB 641ms
405ms Document
text/html 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Requested by: Host: t.co
URL: https://t.co/KgdLpz31TG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0344f9ab448da29af26a94a17dd93289cf6fd806cd5b4bc1b4667b227e65d24e

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7947bd678dc5372d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 05 Feb 2023 01:05:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yY0KSh9Yhqq9Z6kBGJ4S7DkJQgzaOtsU1SqYQIBoLtgns3jGSpcd6VQ5AD8WCw2XZa1KAsVN2K%2BcL9K%2FnPJNeMs9drdQPzCrxkCmC1VtOH12rrqem2%2B78%2F929qURkyzRNLDjj49qgc9VCCfVyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
ust.aly2um.com/qa-theme/SnowFlat/ 56 KB
11 KB 390ms
388ms Stylesheet
text/css 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=71322
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2B3edsCAcfKbD313UDHeJaPoxJLkyAXLivmtR%2FWHoOz2uyJSkUQ5ReUg7FQc235kLg0Qy%2BYBx6Uz8bN6AH%2BX931gAspbvIfB3aqaMNioLyZSFIFP1zQDVHJ%2FI1AxnZTHRdcU5C662bE%2BEyW5xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7947bd6a2f67372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
ust.aly2um.com/qa-content/ 87 KB
32 KB 49ms
48ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3519
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMCpu3QnMfVO7NBPYQO6%2F2c8gJiw5ocdayHjSrZyDxXCojXN2gcRId5j3lJ8taHFkeIIscPc%2FuyMRHBmf3QnTj54y%2FlXas8bze18zpzTTV6TEHYt4INrBVJVE%2FmhqeEvQD9VnUiOy2DYUyAKfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7947bd6a2f68372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
ust.aly2um.com/qa-content/ 15 KB
4 KB 62ms
61ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-content/qa-global.js?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 3519
cf-polished: origSize=20550
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx27PY87Zwmk3qZC6MkZsMd9qVn07fvuVXP2%2Fo2yB%2F70qDdhdLAR8pX8UovMjd3KtMF6GAs6IEsiXwdspxDfRXE7N7yWNBPhsG84Blx4py2aFQjrV%2B26oZm4zY%2B4buLO35mVrvrnLyZ6gorAGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7947bd6a2f6a372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
ust.aly2um.com/qa-theme/SnowFlat/js/ 1 KB
731 B 63ms
62ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 5957
cf-polished: origSize=2383
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bbk85rzntKPIURNwzfTdRtZJiPp72BmaESo2QQo9b6%2BMD%2F2KEcg20XlVFj59GZQX%2BpT%2Bbv%2F7wleiK%2FrpAd1kb3Z%2Bw8zDNuexHZQLRDgForHVRCicyyx99EHJf02NC3rCyMpKrsDRuQGS6puY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7947bd6a2f6b372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 218ms
92ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Requested by

Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3500ee83e5660c6ed2e4543bfd5395c4fee2ed761aad6debbd28b27740d4d870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Origin: https://ust.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49973
x-xss-protection: 0
server: cafe
etag: 600498255551595766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 01:05:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 386ms
51ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Requested by

Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72dc451f4a9713feaad4f1429091f48536d7d30331c94ce245eb27e5e5b260ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43921
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Feb 2023 01:05:49 GMT

GET
H3 200 fontello.woff
ust.aly2um.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 47ms
46ms Font
font/woff 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://ust.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3967
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIOptHvwTfypDpOoHRmBVi0IVeMHmSPqrapZ3GL3QLrGKHqpbVh2305RkLmz3BSVw1Fq0EwGmVm8OQ8BzM6cINlPwsJxfPej9E7esAt%2FpGU0%2FpA0vHXMoiklOnHSGRjR1t6%2BD1Yc%2FN8IYzcbiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6cad372bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/ 361 KB
118 KB 213ms
106ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=ust.aly2um.com&bust=31071812

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e5d1c48a31124f02fecd2f8f527350b6e7ce1afbaf757fed45f37b53e1e1908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121172
x-xss-protection: 0
server: cafe
etag: 2607674802701518984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Feb 2023 01:05:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame 3C2B 10 KB
5 KB 130ms
41ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 11:35:52 GMT
etag: 10353107486223812946
expires: Sat, 18 Feb 2023 11:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vote-buttons-3.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 45ms
45ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3967
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qukWTqGX9juyP9avlaQhHyoYWEh3UC0sMWlHz0tOzvvmQkM3qe8jnet5%2BeSUSyOrxrvN%2FeZIpOIBscOvribNYwiCGPD%2BZjTx9a%2B8gFTggyg97wFgM6VsU2o%2BTH51muqZXigch1poudXIPxjPRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6ced682bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 answer-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 46ms
44ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3967
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQoAk6Sp3%2FLryaHr7UMYXjpyuQCsKz1lOWZlT2cYrahl4XNcfvPuK4gmDqab2d0yVOj4ekDt%2FmlsZ7wqhC46fyWr67OjZRCKlbRvE5atvyThtV35WA%2BtF57z8WJJVxLh9cxX2%2FyRTBYL4hDWrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6cfd702bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 answer-select.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 87ms
87ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3966
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hfY5wtEZohDe5w7IrVuqXcdtnkVW9BE2qmDad5nHPhw2zNcPg9wfXoEQmaIYNSGGUevjzt2SJtrcOgbpINeNAcCMlPAAHiYVbM9IDyt%2FVJPxQN8VR7Q1z8plQoNCXel8B0G5G%2FDvX0b%2FZmYBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6d0d872bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 68ms
68ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3966
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ij%2B%2BV1uKd6sGbvGTVts1O4Cy9oZnr0iQiueit2Yo6%2FCS%2FLujd788ykVtSqwWU9JTvkyUogZ0yJG86qra3rRpP793GCU1ICFpGFJqPI%2BlEEp6yNFJ2sMRsJ%2F29UcyU1xa3biGzoEEb0GTVupHug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6d0d882bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 88ms
87ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3966
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KINL%2BZNV0Fv%2BAysDDEXZgzI5nrvF91ch5llApAL7b8XCAQ4AR1U4aPtLCBcbAvNhlv%2F6XUA%2BVL9tB83W0VhHGYG61nOwlvJSUzFzobMekQXYruiyq%2B5B7fwoJUwiRMscafXpL8rxexMwf4RJHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6d0d892bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 46ms
46ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3966
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0CJWsj7urZ1WiOd7B9oHzbLUTL%2FvtzYdKl%2FN1%2FLVCRav8ZiAJuMT7b3JVXUftK54KYaDF4rHhx9nwaOwdWgy9rHZgehK%2FSFLuvq55Cr8GaGGb25HtP4CbSCHEBT9dLtg%2F0nXb5LsVfhiH0Wkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6d0d8a2bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
ust.aly2um.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 47ms
46ms Image
image/gif 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3966
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Jcmbvzj6lAiTanQ8kbrxNtZncflL1WCwOPJC6OAyDGWaFs%2FKqwG7e80VxNQQVRoHKj4M0Ue0r%2BcLso5lsHcINuvdHt4ZfpMQ2lm32pviQh8F0pPVrwcc7p28lgyqwSqhCYvLCglTbUKzSJpIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7947bd6d0d8b2bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H3 200 invisible.js Show response
ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame D217 31 KB
13 KB 59ms
58ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675555200
Requested by: Host: nhw3staging.serenitybirthstudio.com
URL: https://nhw3staging.serenitybirthstudio.com/wp-content/themes/Divi/js/it/users/Login.ID-26641
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa694a7fba03ab0ca25b540d9d51c91a8aae745878899208d127b25e148b419b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB9TcbGI17vO3VGJUewwSwvQbhiiU9pqvJSpSCbM%2FK%2FA2aLx94pt4GomZFS%2Fuppm4E8PqmWbyIhqML9y4xAMKQ3nBQP089r9vGtosz%2FNAaufk9EMJWRkcyxN5%2FmjvJqFPhbo4wNDuRgnTOUyjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7947bd6d1d982bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame D217 19 KB
8 KB 45ms
45ms Other
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644b32ba28466cb81a139774b84d975c8362fca8fd7307f744370ee0ef2762dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3TgCk1cOZDiaVGTUbSjLMfSRkAu3chIQzCPdBI1FjrirhnkUbHaDA1sLNSvkAzRksRjxEZX2DpVKUQtF40%2Bt4HPl1d5RVM3KezE4ZqPdJyF%2FkS0NYBXftu425TYc5RXqVnPWn6X%2BXdU8DxcKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7947bd6e8e612bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 201ms
73ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ust.aly2um.com&callback=_gfp_s_&client=ca-pub-8128055623790566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=ust.aly2um.com&bust=31071812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4f8d36c5a3d3c28db65419bc885da2356b1fec58b04d45323e930db3e6173bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 199ms
74ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ust.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 199ms
73ms Script
application/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ust.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F7E 0
188 B 90ms
90ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1675559149&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149544&bpp=2&bdt=426&idt=341&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2329683726711&frm=20&pv=2&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=360

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 01:05:49 GMT
expires: Sun, 05 Feb 2023 01:05:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 03D4 97 KB
33 KB 339ms
338ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1675559149&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149546&bpp=1&bdt=428&idt=361&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=neXnWCSTxG&p=https%3A//ust.aly2um.com&dtd=364

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d74064ad49120fc0c68d54b39f8433314961dc43978ae2d16d0b761dcbffb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33668
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 01:05:50 GMT
expires: Sun, 05 Feb 2023 01:05:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4828 121 KB
37 KB 853ms
853ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03ff48deb2bc98aeafb3f64fc26fc46d0e120a4d731d548b17ea3ba122956910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37844
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 01:05:50 GMT
expires: Sun, 05 Feb 2023 01:05:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E80 83 KB
13 KB 539ms
536ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149567&bpp=1&bdt=449&idt=352&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hLJmIHeoQi&p=https%3A//ust.aly2um.com&dtd=354

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba389444c25e62a8bcc04fd40e1dbd99250e8aed7f73cf13bb2ef00d3749be03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13031
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 01:05:50 GMT
expires: Sun, 05 Feb 2023 01:05:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C74 95 KB
33 KB 363ms
362ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149569&bpp=5&bdt=451&idt=355&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JhO8NIbnnV&p=https%3A//ust.aly2um.com&dtd=358

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f6a0b9c8fe4084211ae3dd88e77f9217d0c39b93a746012c96f1928d140ca88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33567
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 01:05:50 GMT
expires: Sun, 05 Feb 2023 01:05:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 00:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 660
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Feb 2023 02:54:50 GMT

POST
H3 200 7947bd678dc5372d Show response
ust.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D217 2 B
676 B 57ms
55ms XHR
text/plain 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/7947bd678dc5372d
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675555200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ov3k0NNw%2Bh53q71AFPOOesEQUt6G2Xh6f5iQ%2BBZq7sDGs7Q0C2vlxnR1BqrfiJFdXGdZI8kI%2BvpfgSayIW%2BiOj8ixBAf2ZpY%2B8BusXRH3BgLIgQktBhXj3CVeT5z5gvjGcLZF9tIxkeNvuancg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7947bd70cf962bbb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 47ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=889752428&t=pageview&_s=1&dl=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=USDT%20outperforms%20both%20MasterCard%20and%20Visa%20in%20terms%20of%20transaction%20settlement%20-%20Digital%20Currency%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1432070417&gjid=83595137&cid=714716385.1675559150&tid=UA-237003713-1&_gid=353570106.1675559150&_r=1&_slc=1&gtm=457e3210&z=1787504106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ust.aly2um.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ust.aly2um.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 03D4 8 KB
968 B 139ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1675559149&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149546&bpp=1&bdt=428&idt=361&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=neXnWCSTxG&p=https%3A//ust.aly2um.com&dtd=364

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 00:47:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 03D4 2 KB
799 B 266ms
139ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:49:36 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 03D4 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHKKN7QDfY_3aOZOolQeGu43ABMWTq9hu_5aPj5kRhpXA4ngQASCM-eR_YJXCpoKwB6AB--TfmAPIAQmpAt5wzfFwHLI-qAMByAPLBKoEhgJP0G2M2-BTeY32oS9k0iK3Xqg0Dclk22XqnKilk9iExNEhgbh_3zJ90DnI9SUbVNiff7WlJ2qCBcsmwpHDBB24bJCXjcCP5FAn9PN3k43h4rQ09a2buzZMr4sHfU8J_uXeHEj_FcLPJgGV_oyenzm8gjfOx2l9b5-fOgH7g6Vt14QlV3gLxnr2qlTpQDVXlF6_YdSgdMQPwFzFVp-LhwDABrXSiJ9de3fel9R-C5bnwU16oWoMMgitUvxl3dwT_VIcIO586quC8kgjURsIIf_F4CaYsMLpyXvwVOxMqdpFN5bAtHBpDyeu7DA6m_LqTaDVc6WUOTvKmvic1H_4blr1QgIAHh3ZwASaoczlhQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7ZqgZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDELdP0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItODEyODA1NTYyMzc5MDU2NhgA&sigh=9oV10HlgzfE&uach_m=[UACH]&cid=CAQSGwDUE5ymQekCkmAJF-riE_ZH4g6qDccw7i-nxRgB&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1675559149&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149546&bpp=1&bdt=428&idt=361&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=neXnWCSTxG&p=https%3A//ust.aly2um.com&dtd=364
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 03D4 22 KB
9 KB 174ms
52ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:49:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 03D4 3 KB
1 KB 235ms
114ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 03D4 18 KB
8 KB 228ms
107ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03D4 157 KB
49 KB 227ms
101ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 03D4 33 KB
14 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 May 2023 21:01:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9C74 8 KB
1 KB 99ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149569&bpp=5&bdt=451&idt=355&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JhO8NIbnnV&p=https%3A//ust.aly2um.com&dtd=358

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 00:09:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9C74 2 KB
818 B 203ms
117ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:49:36 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9C74 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMGpF7QDfY6nnOtWqrATcoIHQCvSmnuJpvKK4jeEPpIiFngsQASCM-eR_YJXCpoKwB6ABoKbbygLIAQmpAt5wzfFwHLI-qAMByAPLBKoElAJP0OTTod-IKPeZlwCu0lyN55OOcGBN5gedgp3kzOuU6UpZAyFnp3D6lGfKGB0FkT9IpniuEFn3CXvRIOmEZidYWdRjpQLl4A59BcA_3YNwoqz1e_awIRi-o_sRmzpCS_jPPpSCPuk9xMgPV-lZn0I7ititqGFnLJABmNzEhuek8BskXhUt571NRz61bjzSifXGXN2D6WVT95iVRT6Oj-h33-rALOT9MWxAj795PFHePKcKguJE7-ANdYzcCYOJZUvn8icSO5d3xzCeslsz-JnzQhmN4_-duBz4V9Ib1Lf5CCNYiatUqrZe2-jlMOwJN8Skv7Bu9cZcTJ575jtjqgibz5oaZ13oLUl4iX8Pv6xtbnNixH3ABI6N4LP4A5IFBAgEGAGSBQQIBRgEoAYugAfI2aS1AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENzqAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=qrkS3yzmVcc&uach_m=[UACH]&cid=CAQSGwDUE5ymeX19nk1gZ-f9J_m2jAS381ixduDkMBgB&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149569&bpp=5&bdt=451&idt=355&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=JhO8NIbnnV&p=https%3A//ust.aly2um.com&dtd=358
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 9C74 22 KB
9 KB 141ms
60ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:49:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9C74 3 KB
1 KB 197ms
117ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:25:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 9C74 18 KB
8 KB 147ms
67ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C74 157 KB
48 KB 261ms
177ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H2 200 e7273d075fcb3aa60cccf7c8981b1737.js Show response
www.gstatic.com/mysidia/ Frame 9C74 34 KB
14 KB 97ms
50ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e7273d075fcb3aa60cccf7c8981b1737.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d664624b29aa2652a56959c12ec6e660297b410bf06e5e58a0740cce0fa8e827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 00:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14197
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 23:49:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 May 2023 00:26:32 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11298027194418100053/ Frame 9C74 18 KB
19 KB 193ms
119ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11298027194418100053/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9cb2bd36db90bac58d748676effc1faa0f57a1275e297c03e0a26c7685b10d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18848
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 14:02:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
DATA 200
OK truncated
/ Frame 9C74 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9C74 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301181928000/ Frame DF23 221 KB
61 KB 336ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149567&bpp=1&bdt=449&idt=352&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hLJmIHeoQi&p=https%3A//ust.aly2um.com&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 243238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61734
x-xss-protection: 0
server: sffe
etag: "5b4f5406239652c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame DF23 15 KB
5 KB 428ms
145ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 04 Feb 2023 12:32:04 GMT
age: 45226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "47662644ea8653a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 04 Feb 2024 12:32:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame DF23 94 KB
28 KB 436ms
153ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 13:11:57 GMT
age: 215633
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28817
x-xss-protection: 0
server: sffe
etag: "6eb387830c268337"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 13:11:57 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame DF23 32 KB
10 KB 465ms
182ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-carousel-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a61b57961b158a748fe318fd4dbf43724de50787cfb3f40bb621067ec14cd92

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 18:59:37 GMT
age: 108373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10079
x-xss-protection: 0
server: sffe
etag: "25968c57a2f46162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Feb 2024 18:59:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame DF23 5 KB
2 KB 455ms
172ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 Feb 2023 05:31:52 GMT
age: 243238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "f13d3e1d36b26a3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 02 Feb 2024 05:31:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame DF23 40 KB
13 KB 456ms
174ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 03 Feb 2023 22:33:53 GMT
age: 95517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12960
x-xss-protection: 0
server: sffe
etag: "f74ebce85e2cb18a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Feb 2024 22:33:53 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame DF23 6 KB
3 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-gwd-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ef32a76962c29bf2f29fa7b99414a1d0f800093fcfe3c98694889cd08d9bd53

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Feb 2023 21:44:38 GMT
age: 271272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2452
x-xss-protection: 0
server: sffe
etag: "66e9d5bfc365bf3b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 01 Feb 2024 21:44:38 GMT

GET
DATA 200
OK truncated
/ Frame DF23 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 875927f68ab6e1ac4f2ea74f6c877e34c712d579327c4f2d89699fba55c4d801

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF23 2 KB
3 KB 59ms
55ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 05:31:52 GMT
x-content-type-options: nosniff
server: cafe
age: 70438
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sun, 05 Feb 2023 05:31:52 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF23 295 B
371 B 62ms
57ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 05:31:52 GMT
x-content-type-options: nosniff
server: cafe
age: 70438
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 05 Feb 2023 05:31:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF23 0
18 B 93ms
90ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQCWH7QDfY-bNOsat3gPYq4eADf7GsOdu2O6P0a0Ru4qGy8IBEAEgjPnkf2CVwqaCsAegAcfw440DyAEJqQLecM3xcByyPqgDAcgDCKoEgAJP0MdTjBeQGO56n7ZEzaiC9W0aoKOMYFOTBrdrPtena0mviofuQUtl150avgz4IoK-9x4njVsDpT7ZZPw3bPO0DOHAs_1mslK0Wfp6np2m_OPzBCHnmxSUV-_9gX4Qo9PeV5WYYGCUIDE7LQ-aPBOJxx5bYOmdfrxoieuPwq8gB_i1ZmCQUN5NCTE5G_yVMqDiJ6_Cf_8cDkji8V6lddBd9UioWBpy4a1r_Qvc6dttqyUItGtcuZPLqPHQ6HFXcR8RGoH2bpkqCKu3bUai4Ea7Fpoog57tUiURy-bCdsMIBZlrx48haoOgpQPIT19kpm8lLrCb5irOcsO08vmR5_HBwATRqp2WogSSBQQIBBgBkgUECAUYBKAGLoAHz4CjcqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENGcFNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=bPbJWIoE8bM&uach_m=[UACH]&cid=CAQSGwDUE5ym_0yp3SwTAPbeDr6QdV3x1w5F1_iUXBgB&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149567&bpp=1&bdt=449&idt=352&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=hLJmIHeoQi&p=https%3A//ust.aly2um.com&dtd=354
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 hg_01.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 24 KB
24 KB 80ms
76ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_01.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae24380ccccd96ac4f8317f322697ec1a46ced48d052dbe2ef265d64048b7a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24328
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H2 200 text_01.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 1 KB
1 KB 62ms
58ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_01.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3cb0bd54abdd88ef7554a7a169179d8709fbcd8df331ddf91e8620fb7be1dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H2 200 hg_02.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 29 KB
29 KB 148ms
144ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_02.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf605ae421abd6f1df248aef2d05ced5af48441a47a65d43811b2c168ca3a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30094
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 text_02.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 159ms
155ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_02.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bce1e91340bf67d570b32e2582ac7e610f60af3ab9b1c35d9807fd2d75a6aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1674
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 hg_03.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 23 KB
23 KB 161ms
157ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_03.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a5834a474b4032503bc527664ba6d463b82290559f6ae1adfb74f557d2aaf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23410
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 text_03.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
3 KB 159ms
156ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_03.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b66c77909fbb309229fa7e5986228b11876ecbdba6fc5dc4f32eeddde5bcf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2540
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 hg_04.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 13 KB
13 KB 70ms
67ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_04.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7995a7c7acf405781859d2d14fe358e69b468c7e8960b0ad5c46f810893eb2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13132
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H2 200 text_04.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 157ms
154ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_04.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54ef26ae649dc8c3b31eeed3fb7746a8af9a9b5bc40d1b9790e6b4b1545d655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1956
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 text_05.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 160ms
156ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_05.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3977c2acc867ca2b3d6c8e184cc11d9a9c894d5ef7b6af4b53b53e71031646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1971
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 Mazda_6JahresGarantie_Horizontall_White.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 64ms
60ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/Mazda_6JahresGarantie_Horizontall_White.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f75655944a9709da121e9f59f6bb0b80fa9eaa9a913cbf53d6db5f8d766b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345998
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1687
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H2 200 copy.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 1 KB
1 KB 146ms
143ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/copy.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b89919bd3a255f5f0937ed033d5dc213f41bc6fdb95125adc7076a795fe74a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1233
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 cta.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 634 B
707 B 147ms
144ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/cta.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a520e99f225f9866c47534a7071b534518b3fb149fc953e8b0401cf28640c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 logo.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 3 KB
3 KB 157ms
154ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d36bd6be3a36cf625b7a4cab8bc75059cfb55cd9fd4ca16e301f5b6817dd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
DATA 200
OK truncated
/ Frame 9C74 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5407e4c27b2f77eb55580429e2216f9e7e95fef7aad0a82f5ca760b8f5342a96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E89 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 9C74 28 KB
28 KB 134ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 547293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:04:17 GMT

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C5E 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4828 8 KB
968 B 53ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 00:05:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 4828 2 KB
765 B 54ms
53ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:49:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 4828 22 KB
9 KB 55ms
53ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:49:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 4828 3 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:25:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 4828 18 KB
7 KB 55ms
54ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 19:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20418
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 19:25:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4828 157 KB
48 KB 89ms
88ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 01:05:50 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 4828 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 21:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 May 2023 21:01:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4828 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz5Gr7QDfY_u9Ou-QjuwPg_uE8AGMt-3abM_Mh923EZGZ6a34ChABIIz55H9glcKmgrAHoAHcyMzqAsgBCakC3nDN8XAcsj6oAwHIA8sEqgSXAk_QL8p2lBvx902y2q-ZO4pUJujxC68qKg9xYlwtOI8EfCsy2lfWNU0fTTG9axnujwUuSBHvX6zzO_lTxYLh8R8NItdqnlKaGgwnRAMSW71cSp2FL2q__uXeHOE1S25Z7j1MPT7k889OGEYi52DtaZQJhIkv-hD5eGaLndVtqQyc4As0czRQY4RWjgxMwRj1Q545Viq1hGsu-3KQn872jDTVOlEMrxHMo5h8UGlmsMnk8QTvoKf8jPsJIqeyWUO_SmweYzZe4AMm_q2EFVnAQ3Au3r_KCg_yrFsbMlLx2PbQVJ4rs4mIfT5k6SafX-bhV_PmVy7jjscDsEc4l4H7jh_OccTGFuHj92fvzErsuYG3ouGn2TmWssAEkIby18kDkgUECAQYAZIFBAgFGASgBi6AB4y3s5UBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQh_sm0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=21olFRKlcZk&uach_m=[UACH]&cid=CAQSGwDUE5ymWonHR9Q2IjDCO7CyHCksyUKnHidKoBgB&template_id=520

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 data=KUQpB6jiukUbjOmTvwCMxphx-gljKbZFgB82W0HyKirOwJX3AXwct0GRS0C14vrafbw8UlfOZhsEIiGkpYpEJw
mts0.google.com/vt/ Frame 4828 17 KB
18 KB 351ms
134ms Image
image/png 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=KUQpB6jiukUbjOmTvwCMxphx-gljKbZFgB82W0HyKirOwJX3AXwct0GRS0C14vrafbw8UlfOZhsEIiGkpYpEJw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9e48c87a96924684120f02118c93a76336b8014fe1a55fec40319d8afde644dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:51 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=82
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17675
x-xss-protection: 0
x-server-version-bin: CggIBBCS6u2eBg==
server: scaffolding on HTTPServer2
etag: 0267085f2d34b6a0f
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Sun, 05 Feb 2023 02:05:51 GMT

GET
DATA 200
OK truncated
/ Frame 4828 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4828 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4828 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4828 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4828 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40dbf67baa4839f70a5a5cca3365acb25598200a317bd6837e4db192bf2b75d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012301181928000/ 23 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

382b904e4928c1e540d0cd52bc35ecebef3323d6aeaa6cde4f1207ab3a29b6da

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 04 Feb 2023 04:35:12 GMT
age: 73838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7834
x-xss-protection: 0
server: sffe
etag: "c28636f491e3613b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 04 Feb 2024 04:35:12 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4828 28 KB
28 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 547294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:04:17 GMT

GET
H3 200 hg_01.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 24 KB
24 KB 53ms
52ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_01.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae24380ccccd96ac4f8317f322697ec1a46ced48d052dbe2ef265d64048b7a42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24328
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H3 200 text_01.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 1 KB
1 KB 69ms
66ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_01.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3cb0bd54abdd88ef7554a7a169179d8709fbcd8df331ddf91e8620fb7be1dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H3 200 hg_02.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 29 KB
29 KB 70ms
66ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_02.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf605ae421abd6f1df248aef2d05ced5af48441a47a65d43811b2c168ca3a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30094
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 text_02.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 110ms
107ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_02.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bce1e91340bf67d570b32e2582ac7e610f60af3ab9b1c35d9807fd2d75a6aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1674
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 hg_03.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 23 KB
23 KB 90ms
87ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_03.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a5834a474b4032503bc527664ba6d463b82290559f6ae1adfb74f557d2aaf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23410
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 text_03.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
3 KB 116ms
113ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_03.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b66c77909fbb309229fa7e5986228b11876ecbdba6fc5dc4f32eeddde5bcf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2540
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 hg_04.jpg
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 13 KB
13 KB 120ms
117ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/hg_04.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7995a7c7acf405781859d2d14fe358e69b468c7e8960b0ad5c46f810893eb2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13132
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H3 200 text_04.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 113ms
111ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_04.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54ef26ae649dc8c3b31eeed3fb7746a8af9a9b5bc40d1b9790e6b4b1545d655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1956
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 text_05.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 114ms
112ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/text_05.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c3977c2acc867ca2b3d6c8e184cc11d9a9c894d5ef7b6af4b53b53e71031646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1971
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 Mazda_6JahresGarantie_Horizontall_White.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 2 KB
2 KB 118ms
115ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/Mazda_6JahresGarantie_Horizontall_White.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f75655944a9709da121e9f59f6bb0b80fa9eaa9a913cbf53d6db5f8d766b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 00:59:12 GMT
x-content-type-options: nosniff
age: 345999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1687
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Feb 2024 00:59:12 GMT

GET
H3 200 copy.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 1 KB
1 KB 111ms
109ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/copy.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b89919bd3a255f5f0937ed033d5dc213f41bc6fdb95125adc7076a795fe74a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1233
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 cta.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 634 B
661 B 130ms
128ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a520e99f225f9866c47534a7071b534518b3fb149fc953e8b0401cf28640c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/16022650571138909699/ Frame DF23 3 KB
3 KB 130ms
128ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/16022650571138909699/logo.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99d36bd6be3a36cf625b7a4cab8bc75059cfb55cd9fd4ca16e301f5b6817dd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 1
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3267
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 15:35:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 05 Feb 2024 01:05:50 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 93ms
92ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

135e2d5f4817fce225ad14332bda06152d9cd88a3a139be019c584a7e3c54b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11382
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame C95B 36 KB
14 KB 55ms
53ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675559149&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675559149547&bpp=1&bdt=429&idt=365&shv=r20230201&mjsv=m202301230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=2329683726711&frm=20&pv=1&ga_vid=714716385.1675559150&ga_sid=1675559150&ga_hid=889752428&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773809%2C31071755%2C31071812%2C31071947%2C31071662&oid=2&pvsid=2093992700907945&tmod=66605100&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=VPfSxvsgpQ&p=https%3A//ust.aly2um.com&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 104ms
104ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 01:05:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 861B 13 KB
5 KB 53ms
52ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 10:38:35 GMT
expires: Sun, 04 Feb 2024 10:38:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4597 783 B
1 KB 138ms
50ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d96bf93602a9baff8611316d7d3e589ffa19ef343a8c4a90516a1dc926d881

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sxMe4A399mSFL_H38QtcFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-sxMe4A399mSFL_H38QtcFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 01:05:51 GMT
expires: Sun, 05 Feb 2023 01:05:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 861B 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 03:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 03:40:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4597 0
0 85ms
85ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=2093992700907945&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 861B 0
10 B 52ms
51ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9gIC0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 01:05:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=2093992700907945&bg=!fn2lfTnNAAaq5O5FiuQ7ACkAdvg8WmusdE53gUqe8XZx4Oy4LbK_VngY-AhhyYtKLX5TYcRXWNt9HAIAAABaUgAAAANoAQcKAFcubdiG6F8YiUBm0WZ8M6jyo6ajT7qsI42hf3JWmA3fFcYkZaudWa-Jq6bwyupKtoj1UsV9Uxqaj2vT2ABYUQ3boqCfKP6VUDnLrwoKcufysGKWmq0laf6ZApovQ5wm_A4LtNC1Ce-ExxQ5YZ2xpaOWhsF3aRKR9wojv82lyrk2P8OP_KV_6ruUJSJxuONWM6ta8LYCGJm_5Cs59cEOR4dnb-2jPm5M8VbWVwvgnO4WlpDiuGCeggHaNPD6IEk5DYC9Epa4k2ZGLgnu3hwUyguDGEMKWnnYjmWtdRPAv63AH7u74B6NhUtJPe0iQ_8HC5aMKHdLSsvgqqsxME4WZo8-r9vYy3X4OBEzY-R2PuvYQ7RbCUg4_H66etH2Xqzl0p0_IV7uhduYZGdnXcZuFofypnvJN7bt37lx5lhHFNRD14w24Flbn8Gyo6TGydYCDlUrOWae8o11ztUndXSh-ZcIr2-MK5Bfw3FoHQzUfP9zxM5MHvnHPQZYqiTihaHjLV5TaFrSqBAV-o0zuZMaKkk7HgO4Gtkqeq62G8kLyVzO-JGB_cZPl8DQPJiIn1mkswDk1UH-v0ps1g9aARn4rIVw5-TYk2IiOJ-CQAp5Go_p5mL7f678YYu6lJ9nKOoEo0AMwFp_Yhi5cpeMe97r38KOiATvZ3YIbIgDybnbx7zxHDEp4rnITa1lWZL5OtCz1tvAAZ81N4PVfvYZxauUMZ2i_aCjmJtb3ZeQFUZhsC6GRFcktjmTe6-eKHtJsi8DWf6FvwO7jntugzf9XM_ygJI_3AN28k7zGYivbqiGUUFbbI2D4VzTDUuQSugwD0V7QlV24mbl3X4MRcnnFwfz1pQCu3l8mPFaV2xtcG-kRaAe__QaR1sFmdkqm3HXjZSHaWLLYgiRqWwh1MtZg-LsmGhEgXjFV5ko91P_kTg_94xIEiGrHtlllNP2jPwdeg57kGZDUy_RTstzzMb3X8mWDwS0Y5L3K1GM7xeSuG_OJelQgpM9qtk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4828 42 B
64 B 88ms
87ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWNIzYgR7ePaox1BymyOcy8dy5nMzRQbxW1vJvjEsV7iDSRsorfejJghkOCDD3Ikuz--1Sd5idtqq4DSWjcAaiXy2P2Sp-f0Z8iuPVh8YmvnlaydQ-eJiiZxv7LZ85mljBGRBO0Q&sai=AMfl-YSdZOTWtlTj3LbnaMLBKbHQaUCKfs2e5o92pvir9RVbGdZTYJL5r2OZRjQpaii0KXDMz5pgrTDdgwgj&sig=Cg0ArKJSzD9A1haJCTZjEAE&cid=CAQSGwDUE5ymWonHR9Q2IjDCO7CyHCksyUKnHidKoBgB&id=lidar2&mcvt=1000&p=0,0,280,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2921927375&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675559149916&rpt=1328&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 01:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DF23 42 B
64 B 89ms
89ms Image
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAWHoMaJOBHDsSd8h2k6s9brfqFOSGy-0V70LdLpbTACabH7hN2w2ZF1CSJt2OnCvG-hgsCQlOQw0Hjm6LuFLS691TkCVr7zdIH_kDEDFPMnpyaZPOLg2htUlPytkYu-E_xB7voA&sai=AMfl-YRjRIVYKhNYv_sVIC2k6-G7zbTk93jVQLcLPtFbuF7xMaNFa74svNJpVQEnESy0vhrg1gp1OA8kKpIP&sig=Cg0ArKJSzIahDIB5vx-pEAE&cid=CAQSGwDUE5ym_0yp3SwTAPbeDr6QdV3x1w5F1_iUXBgB&id=ampim&o=298,459&d=748,193&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=787&tls=1787&g=100&h=100&tt=1787&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Feb 2023 01:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.99pw.pw/	1970-01-20 18:11:35	Name: __ddg1_ Value: iefVOfkQ8H9DzZrWIA3m
.t.co/	1970-01-20 18:56:13	Name: muc Value: 4b452489-4e4a-4635-b1f7-c0456dff8f60
ust.aly2um.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7ae951f69d35e4cf58befa79d0f6b595
ust.aly2um.com/	1970-01-20 09:28:51	Name: qa_key Value: 0bxageg70xk3uox1omxwgeqixhqqzpfv
.aly2um.com/	1970-01-20 18:47:35	Name: __gads Value: ID=205321b354201ed4-22fb17b6a1db00a4:T=1675559150:RT=1675559150:S=ALNI_MYCxOdPGwd-qcXh06we6JTebv3V0A
.aly2um.com/	1970-01-20 18:47:35	Name: __gpi Value: UID=00000bafb54545c3:T=1675559150:RT=1675559150:S=ALNI_MYolHZOIW6uzBDwZ1YdKNsMILxOLQ
.aly2um.com/	1970-01-20 19:01:59	Name: _ga Value: GA1.2.714716385.1675559150
.aly2um.com/	1970-01-20 09:27:25	Name: _gid Value: GA1.2.353570106.1675559150
.aly2um.com/	1970-01-20 09:25:59	Name: _gat_gtag_UA_237003713_1 Value: 1
.aly2um.com/	1970-01-20 09:26:00	Name: __cf_bm Value: hGeA8JUAh7nAjBVeLWf5vumMw6bgWzhAhMTjfkga24k-1675559150-0-AcDD6nEKC42qdtJ5CVxAqJBPx35O63m7AhrLI+IpUdF4aps45+slOGnCIOUkopCqRgCCFPVLOF4Q2POdP61SFXiYZ2TkX5l6qZ+VSMbKK76CGqrGRssErgEgfJemp6MIbhOeOCPu/hE6BKr6iG4firU=
.doubleclick.net/	1970-01-20 18:47:35	Name: IDE Value: AHWqTUnRaoERoet9okSfZLWdQggOBnZYJRswth5IXEVNU_XmgAoHQ7BqgYLpzAmT2yM
.doubleclick.net/	1970-01-20 09:26:00	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

99pw.pw
adservice.google.com
adservice.google.de
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mts0.google.com
nhw3staging.serenitybirthstudio.com
pagead2.googlesyndication.com
partner.googleadservices.com
t.co
tpc.googlesyndication.com
ust.aly2um.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
100.21.95.251
104.244.42.197
190.115.26.9
2606:4700:3030::6815:3954
2a00:1450:4001:808::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:831::2008
2a00:1450:400d:802::200e
2a00:1450:400d:803::2002
2a00:1450:400d:805::2001
2a00:1450:400d:80a::2001
2a00:1450:400d:80c::2002
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
0344f9ab448da29af26a94a17dd93289cf6fd806cd5b4bc1b4667b227e65d24e
03ff48deb2bc98aeafb3f64fc26fc46d0e120a4d731d548b17ea3ba122956910
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0a5834a474b4032503bc527664ba6d463b82290559f6ae1adfb74f557d2aaf57
0a61b57961b158a748fe318fd4dbf43724de50787cfb3f40bb621067ec14cd92
0ef32a76962c29bf2f29fa7b99414a1d0f800093fcfe3c98694889cd08d9bd53
0f6a0b9c8fe4084211ae3dd88e77f9217d0c39b93a746012c96f1928d140ca88
135e2d5f4817fce225ad14332bda06152d9cd88a3a139be019c584a7e3c54b2c
1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f
1a520e99f225f9866c47534a7071b534518b3fb149fc953e8b0401cf28640c73
1b66c77909fbb309229fa7e5986228b11876ecbdba6fc5dc4f32eeddde5bcf10
23d96bf93602a9baff8611316d7d3e589ffa19ef343a8c4a90516a1dc926d881
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3500ee83e5660c6ed2e4543bfd5395c4fee2ed761aad6debbd28b27740d4d870
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
382b904e4928c1e540d0cd52bc35ecebef3323d6aeaa6cde4f1207ab3a29b6da
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a
5407e4c27b2f77eb55580429e2216f9e7e95fef7aad0a82f5ca760b8f5342a96
54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b89919bd3a255f5f0937ed033d5dc213f41bc6fdb95125adc7076a795fe74a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5bce1e91340bf67d570b32e2582ac7e610f60af3ab9b1c35d9807fd2d75a6aa5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b32ba28466cb81a139774b84d975c8362fca8fd7307f744370ee0ef2762dd
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
65f75655944a9709da121e9f59f6bb0b80fa9eaa9a913cbf53d6db5f8d766b3e
72dc451f4a9713feaad4f1429091f48536d7d30331c94ce245eb27e5e5b260ab
7995a7c7acf405781859d2d14fe358e69b468c7e8960b0ad5c46f810893eb2d4
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
875927f68ab6e1ac4f2ea74f6c877e34c712d579327c4f2d89699fba55c4d801
8c3977c2acc867ca2b3d6c8e184cc11d9a9c894d5ef7b6af4b53b53e71031646
8e5d1c48a31124f02fecd2f8f527350b6e7ce1afbaf757fed45f37b53e1e1908
99d36bd6be3a36cf625b7a4cab8bc75059cfb55cd9fd4ca16e301f5b6817dd0a
9d74064ad49120fc0c68d54b39f8433314961dc43978ae2d16d0b761dcbffb87
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e48c87a96924684120f02118c93a76336b8014fe1a55fec40319d8afde644dc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
aa694a7fba03ab0ca25b540d9d51c91a8aae745878899208d127b25e148b419b
ae24380ccccd96ac4f8317f322697ec1a46ced48d052dbe2ef265d64048b7a42
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b9cb2bd36db90bac58d748676effc1faa0f57a1275e297c03e0a26c7685b10d6
ba389444c25e62a8bcc04fd40e1dbd99250e8aed7f73cf13bb2ef00d3749be03
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c3cb0bd54abdd88ef7554a7a169179d8709fbcd8df331ddf91e8620fb7be1dfa
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495
d54ef26ae649dc8c3b31eeed3fb7746a8af9a9b5bc40d1b9790e6b4b1545d655
d664624b29aa2652a56959c12ec6e660297b410bf06e5e58a0740cce0fa8e827
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dbf605ae421abd6f1df248aef2d05ced5af48441a47a65d43811b2c168ca3a74
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468
e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbf67baa4839f70a5a5cca3365acb25598200a317bd6837e4db192bf2b75d
e4f8d36c5a3d3c28db65419bc885da2356b1fec58b04d45323e930db3e6173bd
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

ust.aly2um.com Open in urlscan Pro 2606:4700:3030::6815:3954 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

100 %HTTPS

81 %IPv6

15 Domains

19 Subdomains

16 IPs

4 Countries

1223 kBTransfer

3004 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ust.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

100 %
HTTPS

81 %
IPv6

15
Domains

19
Subdomains

16
IPs

4
Countries

1223 kB
Transfer

3004 kB
Size

12
Cookies

110 HTTP transactions
9 data transactions