ust.aly2um.com Open in urlscan Pro
2606:4700:3037::ac43:a190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://deptoportunidades.cl/
Effective URL:
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Submission: On February 13 via api (February 13th 2023, 10:18:13 am UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3037::ac43:a190, located in United States and belongs to CLOUDFLARENET, US. The main domain is ust.aly2um.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time ust.aly2um.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	201.217.241.159 201.217.241.159	263237 (PowerHost...) (PowerHost Telecom SPA)
1 1	190.115.26.9 190.115.26.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
16	2606:4700:303... 2606:4700:3037::ac43:a190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:400d:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
77	17

1 201.217.241.159 (Santiago, Chile)

ASN263237 (PowerHost Telecom SPA, CL)
PTR: servidor.websoft.cl

deptoportunidades.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.115.26.9 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

oo.coffee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3037::ac43:a190 (United States)

ASN13335 (CLOUDFLARENET, US)

ust.aly2um.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	614 KB
16	aly2um.com ust.aly2um.com	110 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	94 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com	64 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 129 www.google.com — Cisco Umbrella Rank: 18	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	144 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 93	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 114	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5587	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1072	602 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 109	43 KB
1	t.co t.co — Cisco Umbrella Rank: 553	591 B
1	oo.coffee 1 redirects oo.coffee	214 B
1	deptoportunidades.cl deptoportunidades.cl	878 B
77	14

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	ust.aly2um.com	t.co ust.aly2um.com deptoportunidades.cl
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	ust.aly2um.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	ust.aly2um.com
1	t.co	deptoportunidades.cl
1	oo.coffee	1 redirects
1	deptoportunidades.cl
77	18

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Frame ID: 1B33781BE57FF0C3F6F247036CD4D5D7
Requests: 26 HTTP requests in this frame

Frame: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676275200
Frame ID: E79D34C63D36A23C9215725B0A345448
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: A307D6EC9DF3A7EC0AC63C40217F4E35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1676283487&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487183&bpp=2&bdt=332&idt=290&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4757330140239&frm=20&pv=2&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=315
Frame ID: 952648614C2BE521CC085E9B72578173
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1676283487&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487185&bpp=1&bdt=334&idt=321&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=veDjjoerU4&p=https%3A//ust.aly2um.com&dtd=331
Frame ID: FAA47531F3E86ECA0D7F8673B10871D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340
Frame ID: D4D7C8F3B8B4FF346AF6B413FA39AFA2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487187&bpp=1&bdt=336&idt=343&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=U2g2DBEYyK&p=https%3A//ust.aly2um.com&dtd=345
Frame ID: 6A66173E3A4A60115A52F0FF81C71714
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487188&bpp=1&bdt=337&idt=346&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zk2Q88Yqn2&p=https%3A//ust.aly2um.com&dtd=348
Frame ID: BDB575F5C00209704DAB4A10B7F5ADBC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A4B3722674D9E827C8FBA29FE620856
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8EB31904B0919671B5414977A69EE3D4
Requests: 2 HTTP requests in this frame

Frame: https://p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: B5F1BFF7954ED6766E18B2DCE017C165
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 2B039F03649183C71DF8ACBFCCE04211
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 75E57A82DBBA058D95B9F22D5DF23948
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 4F415C3CFD0401E2278A41ED32AAF485
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8365B83EE94A3B262B06DB9ACAB79767
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E92D3F78991AE8F7E2DF8A474AC58E6B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USDT outperforms both MasterCard and Visa in terms of transaction settlement - Digital Currency News

Page URL History Show full URLs

http://deptoportunidades.cl/ Page URL
https://oo.coffee/Kws0r6 HTTP 302
https://t.co/KgdLpz31TG Page URL
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

99 %
HTTPS

76 %
IPv6

14
Domains

18
Subdomains

17
IPs

5
Countries

1095 kB
Transfer

2412 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://deptoportunidades.cl/ Page URL
https://oo.coffee/Kws0r6 HTTP 302
https://t.co/KgdLpz31TG Page URL
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://oo.coffee/Kws0r6 HTTP 302
https://t.co/KgdLpz31TG

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

77 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
deptoportunidades.cl/ 688 B
878 B 1454ms
240ms Document
text/html 201.217.241.159
PowerHost Telecom...

General

Check archive.org

Show headers Download Go to

Full URL: http://deptoportunidades.cl/
Protocol: HTTP/1.1
Server: 201.217.241.159 Santiago, Chile, ASN263237 (PowerHost Telecom SPA, CL),
Reverse DNS: servidor.websoft.cl
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 688
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 Feb 2023 10:18:04 GMT
Keep-Alive: timeout=15, max=100
Server: Apache

GET
H2

200

KgdLpz31TG
t.co/
Redirect Chain

https://oo.coffee/Kws0r6
https://t.co/KgdLpz31TG

402 B
591 B

437ms
161ms

Document
text/html

104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/KgdLpz31TG

Requested by

Host: deptoportunidades.cl
URL: http://deptoportunidades.cl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Referer: http://deptoportunidades.cl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 221
content-type: text/html; charset=utf-8
date: Mon, 13 Feb 2023 10:18:06 GMT
expires: Mon, 13 Feb 2023 10:23:06 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 7cc5f3ecc6f72776ad973729412a438e77e7328f76192cdd8a65f0b803bbec15
x-response-time: 121
x-transaction-id: c71a50a9eb50ea04
x-xss-protection: 0

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Mon, 13 Feb 2023 10:18:05 GMT
location: https://t.co/KgdLpz31TG
server: ddos-guard

GET
H2 200 Primary Request usdt-outperforms-mastercard-terms-transaction-settlement Show response
ust.aly2um.com/17/ 31 KB
7 KB 515ms
417ms Document
text/html 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Requested by: Host: t.co
URL: https://t.co/KgdLpz31TG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f870c9a13b5a9c8b75eab24682663ceab4374a797661df60f5c8a7b523f23c4a

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 798cd16e58e83809-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Feb 2023 10:18:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqzs3Q7y2eKXRTit%2BG2ePHeQenCRGoAdFkL002ao0I5EpFzPzWN9wfIbY0D3UzwvZuTOYLIDUCzTUeaCRpxjofyyx0m1GKZ0IAwA9ia6Vq0LCS41hBWyUGtwqhmgRHhvYr6PuSj6SGt%2FMUsPTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
ust.aly2um.com/qa-theme/SnowFlat/ 56 KB
11 KB 50ms
49ms Stylesheet
text/css 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 1707
cf-polished: origSize=71322
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byVgWVZqMOVTcGT6Jcl5%2FhqwUdOImxnxc3IqgLmOkrpxR4lQih%2BrkA1DwcQk9IV9d5GaheOSDd3htIGPYWMJt%2ByV8sk8ARPwDYbStOsxyDdRHARoI%2BnRII5cVFhK%2Bp6J5kGuOdqolif%2FMWed7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 798cd170fc393809-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
ust.aly2um.com/qa-content/ 87 KB
31 KB 54ms
53ms Script
application/javascript 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1549
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuNtSdte76Eus293X9q3%2BCTPKYyyR%2BmA67dQbU3QFwnamrMv4%2FO%2F9YFKCh2B9O3Iu4yN2ux5ii3ZSA5%2BW8O1ksgADQi%2BG1ibMbaNXHxqxtg1Bx3NsXSz9kMtjYUuUQpRsMo5r3PYnjBnjlnMBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 798cd170fc3a3809-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
ust.aly2um.com/qa-content/ 15 KB
4 KB 53ms
52ms Script
application/javascript 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-content/qa-global.js?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 1549
cf-polished: origSize=20550
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDANqR7Ia%2F0ryl9VrAbmmHfEfsLiaojrRp15W23TaTJxrOM8sFLRslvRulxSHLzvhnNlQ72RpWVOYiz1aVSbfwwgkR6iI1%2F49BpQetbYtwJ2xhXF9mRFfi74erhw%2Fy%2FYok9cFCUZuH2HK%2BLm9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 798cd170fc3b3809-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
ust.aly2um.com/qa-theme/SnowFlat/js/ 1 KB
814 B 47ms
47ms Script
application/javascript 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 1549
cf-polished: origSize=2383
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WKdDluXoEYaKPHzB1u3AdkHOVkxQGHip4b5SLhOb7v1DVU9VhH%2BNU%2FbGFzSbXECs1BrT84hc6YWOIHyapzxdZsJJ6rRHxdkmj3rSdQw0ZduN%2FMgqo0sfU2ZoykNyN6g4Q1TITRJXYpuwvAIpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 798cd170fc3d3809-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 202ms
99ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Requested by

Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9bcfa125993f03584be553c3533e425c7257e24b0421966849b257d75d7a077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Origin: https://ust.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49598
x-xss-protection: 0
server: cafe
etag: 16444122908258760471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 10:18:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 143ms
54ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Requested by

Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c9fd51cb9f366a4fd744e5cfafbf6e3d8c91e3d800b9f8aa9a6e31728199a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44117
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Feb 2023 10:18:07 GMT

GET
H3 200 fontello.woff
ust.aly2um.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 391ms
391ms Font
font/woff 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://ust.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXNvm2dusmFFqYzO8HEzGjXRNd2gHNUjUpQJQlCrrTaDjP98A4PSFBd1xUMfGn%2BXXapluJ%2FauqZPrKFXrqf%2FbBdFVjUysHVHaonm%2FGxPhKE5iUzp96x%2FiwyN5aerPSsHCJP410olYpVbinnpog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd1719c502c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 vote-buttons-3.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 46ms
46ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3344
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJt9f0x0Z3hR0VhUcTDQaCSV9XupnJ9Aqgp58HA%2B%2B2OwQBLlRa4O3xsLHSWqiAVja6k7ga2jGa3YiRTG%2BYp0tE6tmHj%2Bk0bHmpvvClesdHzCQ4Z4lmGSbKTc2g1Jt77B6B9pPvSliigW7GJa7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd171ac6e2c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 answer-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 47ms
46ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 183
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi8h5whkw8aaBRkLcnJGU8WiGzIy2ldg0YMIq71I36mSP0O4uuZkleMaZup9VwYqHIy%2Ftr9Y6lZ37PPY6mjHYlExTljVzrVh61VYswYDyXpKM2AtgVe1QYXLF5rFXRSYvitrIUMgp84Kmo0z%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd171bc702c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 answer-select.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 49ms
47ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 183
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3swo0zszg2RWrhBxGYKZAOoxXKq4LkTpS98cwgOItFcwoUlaDFkFVe88yLLuwKfsqaWcp4ezN%2BeCvlxDW8LuyyvYJsT7gTwXhtxFuwcOBy5%2BO1tjR5OY6vLM6TsLpXf7%2BElC%2BHvyo5wyUt1vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd171bc732c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 86ms
84ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 183
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DVi2%2FHmLO%2FXH3whjIjSv7v21IGsaL9ZfTwQdh28WpiJNGdJg7AcDWxoFU1GSmMOmEATlzursLDrzdXJlKCVfwLTS6D9Oa2LCa64is72Xn1kRoFbTy5m1vHqRiYPdse9N9Jk4Wk%2Bz%2FZxdiI4qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd171bc742c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 48ms
46ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3344
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvxigJyQVN3FIzkYkzT4FSDaCO9aFVBNT2zjePsPILtjU3f9Yyr61kVq8H4%2BTDqFH1qetuQrXk6S8MWOU0%2BePBg5NBMMPmNXC2VS%2FwwTRYHfXLxETnoAQF2EVhg4ChDiySL8Rd38NY685SwHkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd171bc752c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 87ms
86ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3345
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLMk6hKpL5KK7hdar%2Fsd%2B2Wj%2FYAtn9iw9bYYYOT%2BuusR7mxlUxcFCopa14MEdgLb1wSi6iXA3X6qWLWkuSNcfeki1%2BzmqF5oSDitk1fc23neZf7OpcvlX8tYsgG0LBViiuGvbX0HxYP4cpyG%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd171bc782c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
ust.aly2um.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 48ms
48ms Image
image/gif 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:06 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3344
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qwfhc8pZ54geoVrs2%2FTxrJkJ945lLG%2BUbe1ATTl%2BqjM5TUxlMqwV%2FQMOa262RXmFK41n472IuXn4pLRJCySV3AP3izYNRF8Co1f7TOHKXiqwgjkJnrCv%2BIaT7goHv0bcmkojoe02BkwuJnEn0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 798cd171bc792c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H3 200 invisible.js Show response
ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame E79D 35 KB
15 KB 76ms
76ms Script
application/javascript 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676275200
Requested by: Host: deptoportunidades.cl
URL: http://deptoportunidades.cl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b8d0d5a5b701d63b8332ce9148df591e3d103eb486f236e1c96c979f731964f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdG9j0vXs84FH9YjF2bknecQdzCxmvPicFGud%2BTLVdY%2B7%2BTtOl461uvp1wv65D8r2l%2Fn7vBCkokAAYfi4cNRLIt50CgRtraM7WsmYeQkFzPdey2aigjfCm7zGahKADXhhsD7YJNJLzOrwrtAQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 798cd171cc962c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame E79D 19 KB
8 KB 48ms
48ms Other
application/javascript 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd162b20d5f9dcb61734715fe4d616113927466ac157a73eed0e812c14d0465f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F01IcDduGLGtIUnRVDEIpE7%2FZQkcvIdkBQVt0BU6Mh3Ekd22jikEQ84FtvM5hTrmUppmx4OJTUri5K9aJnrKJOxd53sHWDXFymz0xhpwY8tYM7ofjAqaLSbI57jfuaY8bVl2V4k0f76ST5wTWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 798cd1728daf2c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 179ms
53ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Feb 2023 09:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3961
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 13 Feb 2023 11:12:06 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 362 KB
119 KB 177ms
95ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=ust.aly2um.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba36ec1b232fad2669fca2ca75d0373132d6bd50845594f79e4500ed82c9758f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121769
x-xss-protection: 0
server: cafe
etag: 18338180315397892690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 10:18:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame A307 10 KB
5 KB 129ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 21:33:11 GMT
etag: 10353107486223812946
expires: Sun, 26 Feb 2023 21:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 798cd16e58e83809 Show response
ust.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame E79D 2 B
671 B 59ms
57ms XHR
text/plain 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/798cd16e58e83809
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1676275200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pzow35BveMabRUNW5kvDjsoIsnyi8zyK0Ff0SKR5MgEZ6%2BCWtLIA4K2Hzijjse3Dk8otUuhcunJCHFw9yjZNPwAWEFOkm3GpWekwRhyRyaUWEjoUam5xqIzrkjQJymTjGMnkVwu0t2h%2FpfE0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 798cd174a90a2c1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 73ms
73ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1247533395&t=pageview&_s=1&dl=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=USDT%20outperforms%20both%20MasterCard%20and%20Visa%20in%20terms%20of%20transaction%20settlement%20-%20Digital%20Currency%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1532615230&gjid=532625949&cid=1768976208.1676283487&tid=UA-237003713-1&_gid=181461010.1676283487&_r=1&gtm=457e3280&z=1225481532

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ust.aly2um.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 10:18:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ust.aly2um.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 203ms
73ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ust.aly2um.com&callback=_gfp_s_&client=ca-pub-8128055623790566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=ust.aly2um.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d4f0ee1cd14b5d2ee3c0686c6596eafd6063bc6053d76ec0c2b592c32257f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 165ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ust.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 157ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ust.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9526 0
179 B 114ms
113ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1676283487&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487183&bpp=2&bdt=332&idt=290&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4757330140239&frm=20&pv=2&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:07 GMT
expires: Mon, 13 Feb 2023 10:18:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FAA4 430 B
378 B 264ms
263ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1676283487&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487185&bpp=1&bdt=334&idt=321&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=veDjjoerU4&p=https%3A//ust.aly2um.com&dtd=331

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3f248b8ddf410d3bed3d373eb9b119d74e0482b01d680c5373b97d07f51aa4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:07 GMT
expires: Mon, 13 Feb 2023 10:18:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4D7 72 KB
29 KB 740ms
739ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c77435c5ff7b5c11b29569f6dd5029f2e3424200dbc1765c6110f6803a7d349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Mon, 13 Feb 2023 10:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A66 86 KB
31 KB 602ms
601ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487187&bpp=1&bdt=336&idt=343&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=U2g2DBEYyK&p=https%3A//ust.aly2um.com&dtd=345

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1908084986e87acdb983f66f6444fd36968d0570be44c41c4236b6c8310f09f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31071
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Mon, 13 Feb 2023 10:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BDB5 72 KB
29 KB 522ms
522ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487188&bpp=1&bdt=337&idt=346&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zk2Q88Yqn2&p=https%3A//ust.aly2um.com&dtd=348

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1d3e62893ea23a3e4a1878b5f17af0faa10aaaf88b5162d6a642f90c3b89c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29561
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Mon, 13 Feb 2023 10:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BDB5 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6c-7Xw7qY6b1I_OR-cAPuqKYiAbL7tzubrnZquDfEAoQASCM-eR_YJXCpoKwB6AB7LPywAHIAQKoAwHIA8kEqgSBAk_QMNlTKu7GC5uqsTr7CUJQE1TCT9mNKQzlt8cDW4v091v-tbGChEMA27nQDRkFNJMIKG_H9RUzWyQcu81_L9kHjeBtEKTzFU5h2WdfiJrb2DcrCd_i8DFuIhATCwJARJSHDNKi_W_h0CFOwU2pklHUKi2KBWYjnHvHs3WscjuR5xs4kK3Qc_sHTADPY14EhVLqyJ4MUgDofDUt4dvmwXNWmg9owiKS5CAFmIJINEBpzsCT7fWBhOJg65L0E93nkqJD0fUoPKFMr0KCXyCeSIY9me_hZ1cEX4oiyjur-ARuhdeVb38rZR7re6-GvhR6lS3MDBI88CWbKEUeeRc0Hyt0wATn66-qrASSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH_MuNvwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxC6VNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=JWuuQ4kqpdQ&uach_m=[UACH]&cid=CAQSGwDUE5ymSOvcfHW4ZpGlYeKRN6q4WO28K-RnkBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487188&bpp=1&bdt=337&idt=346&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zk2Q88Yqn2&p=https%3A//ust.aly2um.com&dtd=348

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487188&bpp=1&bdt=337&idt=346&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zk2Q88Yqn2&p=https%3A//ust.aly2um.com&dtd=348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Feb 2023 10:18:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Feb 2023 10:18:08 GMT

GET
H2 200 1664695852324942724
tpc.googlesyndication.com/daca_images/simgad/ Frame BDB5 99 KB
99 KB 221ms
116ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1664695852324942724

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa015dd854de8ebf5de95ec7b513473d23f033813f66ee7fca1e3fb68453fd6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 12:46:59 GMT
x-content-type-options: nosniff
age: 423069
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101436
x-xss-protection: 0
last-modified: Mon, 26 Dec 2022 16:19:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Feb 2024 12:46:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame BDB5 22 KB
9 KB 142ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:03:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame BDB5 3 KB
1 KB 185ms
84ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 09:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame BDB5 18 KB
8 KB 180ms
79ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDB5 156 KB
48 KB 198ms
96ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 10:18:08 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame BDB5 33 KB
13 KB 274ms
173ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d376a62629060f298ff66774618c79661ae960bb2d6c71a8cbab8e54f4b3f995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 19:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13595
x-xss-protection: 0
server: cafe
etag: 7466391422742446116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 19:01:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6A66 6 KB
1 KB 227ms
100ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487187&bpp=1&bdt=336&idt=343&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=U2g2DBEYyK&p=https%3A//ust.aly2um.com&dtd=345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Feb 2023 10:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 08:54:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Feb 2023 10:18:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 6A66 2 KB
846 B 197ms
173ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:52 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6A66 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbWPJXw7qY7-SI7WCmweFkYT4Bva_hcJuvqyapMMP2tkeEAEgjPnkf2CVwqaCsAegAee3oJUDyAEJqQKf-_EO8umxPqgDAcgDywSqBP0BT9DLUxJigspKCa6m3bCpRP69iRHM7UNoJzVDzLJBwizWILPAJtFCGprpMlyiMtXFXZPZKqyRNnuDexT5MHY0Pgx8xavUMkru8wCn7ZetpcdiIHqwFUgGNAunIB84ZScuBDMuPoT0QSHN_X7kmETCcIDm_KsKNoVveRTHtm7pM2SpVeJkY4Ds6LHTKXWoeQgWI9dpvQfF65igLT6-qpo3TiAiGaiUCRq45qdrulOjzSH7iJIa4IdzfnhAruhWpoBypvOgz-iJXNb1tfO42fkxmykqN7fQUf5s3SWrF13NOoTYH1i9tnzQklxLvO06QYT15AxMiDLCwL29bXGWpcAEgd7ut-EDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4HI32qoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCeigrSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItODEyODA1NTYyMzc5MDU2NhgA&sigh=79Y7qXq_u5U&uach_m=[UACH]&cid=CAQSGwDUE5ymEaAoyu6B1sW-6n_vvsr5_Peq1tB3mRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487187&bpp=1&bdt=336&idt=343&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=U2g2DBEYyK&p=https%3A//ust.aly2um.com&dtd=345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Feb 2023 10:18:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 13 Feb 2023 10:18:08 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 6A66 22 KB
9 KB 68ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:03:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 6A66 3 KB
1 KB 107ms
86ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 09:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 6A66 18 KB
8 KB 73ms
52ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A66 156 KB
48 KB 160ms
138ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 10:18:08 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 6A66 33 KB
14 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 May 2023 15:32:16 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4658326007729482721/ Frame 6A66 73 KB
73 KB 103ms
88ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4658326007729482721/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54897b9501269c7ff9f6764137c01534df8e4e2679e591331dd9a35ac54e193a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 15:22:08 GMT
x-content-type-options: nosniff
age: 327360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74705
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 14:23:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 15:22:08 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A4B 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487188&bpp=1&bdt=337&idt=346&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zk2Q88Yqn2&p=https%3A//ust.aly2um.com&dtd=348
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 09:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A66 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b75d09e4edd51c96b20b7f206d915b723a88423c949890d9c660e5b66a1608f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3475105719201189832
tpc.googlesyndication.com/daca_images/simgad/ Frame D4D7 114 KB
115 KB 80ms
79ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3475105719201189832

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33d996ad3d6ae09dee40530879c9d56e3928dffaf7c1c8837c6bb6241623dc4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 15:18:05 GMT
x-content-type-options: nosniff
age: 327603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117191
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 11:57:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 15:18:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D4D7 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxmp1Xw7qY_ffIqaD1fAPkPSIkA-I34_8bY6VmfL2ENrZHhABIIz55H9glcKmgrAHoAGP17jDAsgBAqgDAcgDyQSqBIQCT9AfUs_QFgX20nvpza64W-VFdLIC_1uBcwiV6gVn335R5jZJcQaVbS6i1mmD8RbHMfl1KxmEsDX-ogbiqByB8NZdU0wDHxl7qaAeczrvSw0ZEEDAlyp3S5MjDHplSNvyyDj2aj4AzH1vURBdJ5MFl9ML4U8Zwhd4tKL_e5uQUJ1hrwj3prK9dhUexca_EAGIDjiwdPLOWdhg5fd6AAUuzw0El_L03vCrBQpEnG0wftOR6xxLHqH2iHLVl-6oopBK8ZPHPVnc0vTe_DSQFyBtF51XlFnW0lhyaUk3-3lFucOpH1qLc2el1KSGFdNPbrBH5Gk6u5MqT_W-0rChGdqNlxcNwNjABInIsZWhBJIFBAgEGAGSBQQIBRgEoAYCgAfZqMe8AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP7_HtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=vyMirNm7AeA&uach_m=[UACH]&cid=CAQSGwDUE5ymSeZp9910rAh60jOLpjL1spKGKC5qIBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 13 Feb 2023 10:18:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BDB5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6e92720bfb5a7842b521f916626510a62ef8bbc3032a1bfe85722560658e44d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame D4D7 22 KB
9 KB 93ms
91ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:03:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:03:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D4D7 3 KB
1 KB 95ms
92ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 09:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Feb 2023 09:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D4D7 18 KB
8 KB 94ms
91ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 18:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 18:26:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4D7 156 KB
48 KB 77ms
74ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 10:18:08 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D4D7 33 KB
13 KB 95ms
93ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d376a62629060f298ff66774618c79661ae960bb2d6c71a8cbab8e54f4b3f995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 19:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54979
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13595
x-xss-protection: 0
server: cafe
etag: 7466391422742446116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 19:01:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A4B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Mon, 13 Feb 2023 10:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A66 15 KB
16 KB 179ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 473303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 22:49:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A66 15 KB
15 KB 191ms
64ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 01:58:46 GMT
x-content-type-options: nosniff
age: 375562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 01:58:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6A66 15 KB
15 KB 235ms
110ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 599352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:48:56 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8EB3 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 09:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame B5F1 247 B
871 B 152ms
48ms Document
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

618abf4c9936f34955f897663b57bde5cd1ff45c79d7f7ee2b5aa2871cdeec51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 206
content-security-policy-report-only: script-src 'nonce-ffYL124NEyzTqz0ZHF5uYA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D4D7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ced3174a0d9459fa78c7a85b2fe906b78cc2b7b33f53ff0d5c8d21b0232895f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8EB3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
51ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Mon, 13 Feb 2023 10:18:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B03 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:00:17 GMT

GET
H2 200 iframe.html Show response
p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame B5F1 5 KB
2 KB 50ms
50ms Document
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

a51ff21b453ca4d9c88ddee09c7cf8f7de28b5d5d275985441951a4914cb3b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-W_1QvCyO4yElYfxgNV5RCQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 75E5 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1676283487&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676283487186&bpp=1&bdt=335&idt=336&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=4757330140239&frm=20&pv=1&ga_vid=1768976208.1676283487&ga_sid=1676283487&ga_hid=1247533395&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31072259%2C44779793%2C31072229&oid=2&pvsid=3379205617198037&tmod=1641566704&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JKOAjynN0v&p=https%3A//ust.aly2um.com&dtd=340

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:00:17 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 88ms
87ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a5a95f73770ab24da041c09026d08a92476e5457877c0936fd770884ce790f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11205
x-xss-protection: 0

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F41 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:00:17 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 10:18:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8365 13 KB
5 KB 47ms
45ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 09:42:39 GMT
expires: Tue, 13 Feb 2024 09:42:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E92D 783 B
972 B 75ms
74ms Document
text/html 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0cf082645dd5b0107a5e6d8a13ccfd5c922b0e533df5a8dc4595e929b7e5ad3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wxzPdSZF1TJkDysVL3Qvnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-wxzPdSZF1TJkDysVL3Qvnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Feb 2023 10:18:08 GMT
expires: Mon, 13 Feb 2023 10:18:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8365 36 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 08:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14345
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Feb 2024 08:00:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E92D 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=3379205617198037&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8365 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xg0nSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 10:18:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D4D7 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVHcvXBUnXEmukEAldDa34HscnacZgUi01PchklPYq7ieqEOMvuRCD34va2-rYhU2_XSpct4m1JySu9FO6bZpq5UavU5-1loimAGLoKq2uOOblfEiIn-yFtum6UTGCSiWJz6GzPg&sai=AMfl-YQXz3BIi8Yij_bEPW1r25eXCwHZAu93wCRgDCM2JjpScFWSfpQxa2QAHPMBP3wmVKhEBp-uXiPsW1VA&sig=Cg0ArKJSzIw4_SrpSapjEAE&cid=CAQSGwDUE5ymSeZp9910rAh60jOLpjL1spKGKC5qIBgB&id=lidar2&mcvt=1000&p=0,164,280,584&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2921927375&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676283487526&rpt=919&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 10:18:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 78ms
78ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=3379205617198037&bg=!PT6lPmrNAAaq5O5FiuQ7ADkAdvg8Wl20uzrktVjfVXIvUaTKeqSEKkkVWYDM2-5B6uwn8WXb7unj2N1J6lqpgcLOLUWmc4IP9aICAAAATlIAAAADaAEHCgBMRvbrnpIPr_bAslaDsE4_Q8mLR5V1AtOIMtLGrOb8LKZe3GAGAxmUInLBYlVlGl8XI3mWLMaH2YcD7XYkkUb1RC1b436-0s3cuCRU5JkCmuesPnvkrpumuIKPRAuywowy-AMfCfO3X-ud0g_krXSP_yBRrvg_Qn6OcpkxmBE7XH6Zd_79X1WY3h-SmOp2Yjw-1bx-hG_LNZXzFETFuZVAQv40Y-JmVfQdBvPBY5NmdH8HZVYNq57FPjDZOBBgAEDb1ng0GO3hJo2HOtC1O1p3LvOlfR5vui3x33U7YaZSOzOpd0k9Ja1jz8Ks-wrb34yRSWkwYTr8A9x5uwInN73a4OreJkEMPkh3-UmNzy3WQsEaOgkcsJR-qJBplQtjcjUzxL4e_1zlgj4PoRprMHKjS0eKOAHHt4AbgzimgbkS5W4d-WYnqJDTPgSrhq_vh-ASYifxul4t9Jms3KC3fQd04hALV5q4NBKZKzhv30A6I8QH7ypg30sH2aJ4FAcVmMQAHdLdvncAWp4yXIQaluX4_p0qFayn-VJDWvBCAd7CIM458qVynyDT2Yf6vWARyNZDALTze_3qKqXxEzxZYDCKsr7Uwp5xxnWCv5ElxIMTT-SlWK06suxDTf-Hw_2_aCWNAjPGSPHlAI1V9FtLhRypv7QG3xhzMhNaIsAVjSBOejRA7QBMwPpg6Ton6nrHBzzSKHcCYB6567kwuFlrHJN3yF5jQJaZLvNTLTYvsAsEArNdgm5OXOnsSFa0iW2nAS5-J7OT50O1Eu_5PmAo0rQN3BDGZZjZg_t3IF7QSLyAUo9LfdZ1klMPPknNyCuZcsHL0AdihTvRWj05GZ4jP_-9GUq7XQFZwBo07PX95nT19FdboW5xYbpg5WOloE3WnmZHBHa9w8m-X7x0TZoyFxxkIXeIgJspgLfwjLKyLEswOf_BytE9dnkXRYt3Yu8rt4xLOKFBh-hrmeXyV2dfRGg81ZS4BBQTHROaNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6A66 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuc_V4L-J-v_2tnmTNQ8vi3iDu98HA-V9v-W4p1OEFVmm-Lc_O8642T05576XRWR2vNKxReFyzgu8WvgXkimPKRFSMYRJpbelFJuucI3gyiVYix_RpQYj3feo7_boKleQrUWM2T5A&sai=AMfl-YSeVDJA-FHstLbrjqT1VehdkSPfFZGkZj4NDvm4az77rZUjsPw0SfXycXYfkjwPPGqU4uLJvYkBpTmF&sig=Cg0ArKJSzCgZO6cZqWmNEAE&cid=CAQSGwDUE5ymEaAoyu6B1sW-6n_vvsr5_Peq1tB3mRgB&id=lidar2&mcvt=1000&p=0,0,280,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2921927375&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676283487533&rpt=1155&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 10:18:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.oo.coffee/	1970-01-20 18:23:39	Name: __ddg1_ Value: qeCDtCd109fsSsGajWET
.t.co/	1970-01-20 19:08:17	Name: muc Value: 9b6fc6d9-c93e-4e70-a11e-0bf181b1757c
ust.aly2um.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f9d517145bea04030dd03c4c22267493
ust.aly2um.com/	1970-01-20 09:40:56	Name: qa_key Value: sm54gvxtxftqvoafg595y03krnoi53tp
.aly2um.com/	1970-01-20 19:14:03	Name: _ga Value: GA1.2.1768976208.1676283487
.aly2um.com/	1970-01-20 09:39:29	Name: _gid Value: GA1.2.181461010.1676283487
.aly2um.com/	1970-01-20 09:38:03	Name: _gat_gtag_UA_237003713_1 Value: 1
.aly2um.com/	1970-01-20 09:38:05	Name: __cf_bm Value: TCPlpcLigd.tRUalXFO.KlNY59m8WsaDe0JWV6UGyKc-1676283487-0-AQi680yAASzQ0W/DuYgTqx75oK7ShD4icjfbCYRPExjkKfCHqaQZ5Wlxv9lRaOd1TRw52PU+Vx2XdOvmptlWJs1CHn1Exe5eHIWU8jQxLXKF6P6p2P5HMoWtMF8QxLrKwGryHGAzM+R0IOsSGBLAcfA=
.aly2um.com/	1970-01-20 18:59:39	Name: __gads Value: ID=81e6bc6e956dd0a0-2275decf8adc00a7:T=1676283487:RT=1676283487:S=ALNI_MZz2kHI3U-mS256WBQR_vdfhajNrg
.aly2um.com/	1970-01-20 18:59:39	Name: __gpi Value: UID=00000bb525a5579d:T=1676283487:RT=1676283487:S=ALNI_MYEybr9JjxK5n7g3SVmMnedEvgu9Q
.doubleclick.net/	1970-01-20 18:59:39	Name: IDE Value: AHWqTUmImrtaZD6Jcks1AVbzjpmuS5rdKgkiFZaGbNc81TxubgTVpNFU0mRhe_v_Svo
.doubleclick.net/	1970-01-20 09:38:04	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 09:38:07	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
deptoportunidades.cl
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
oo.coffee
p4-e5obamt444y4i-mwhfq6jems35y2b6-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
t.co
tpc.googlesyndication.com
ust.aly2um.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.244.42.69
142.250.185.227
190.115.26.9
201.217.241.159
2606:4700:3037::ac43:a190
2a00:1450:4001:806::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:400d:802::200a
2a00:1450:400d:803::2002
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::2004
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0d4f0ee1cd14b5d2ee3c0686c6596eafd6063bc6053d76ec0c2b592c32257f2e
1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1908084986e87acdb983f66f6444fd36968d0570be44c41c4236b6c8310f09f5
1b75d09e4edd51c96b20b7f206d915b723a88423c949890d9c660e5b66a1608f
1b8d0d5a5b701d63b8332ce9148df591e3d103eb486f236e1c96c979f731964f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a5a95f73770ab24da041c09026d08a92476e5457877c0936fd770884ce790f0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33d996ad3d6ae09dee40530879c9d56e3928dffaf7c1c8837c6bb6241623dc4e
54897b9501269c7ff9f6764137c01534df8e4e2679e591331dd9a35ac54e193a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
618abf4c9936f34955f897663b57bde5cd1ff45c79d7f7ee2b5aa2871cdeec51
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c77435c5ff7b5c11b29569f6dd5029f2e3424200dbc1765c6110f6803a7d349
6c9fd51cb9f366a4fd744e5cfafbf6e3d8c91e3d800b9f8aa9a6e31728199a07
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51ff21b453ca4d9c88ddee09c7cf8f7de28b5d5d275985441951a4914cb3b11
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
b9bcfa125993f03584be553c3533e425c7257e24b0421966849b257d75d7a077
ba36ec1b232fad2669fca2ca75d0373132d6bd50845594f79e4500ed82c9758f
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
cd162b20d5f9dcb61734715fe4d616113927466ac157a73eed0e812c14d0465f
ced3174a0d9459fa78c7a85b2fe906b78cc2b7b33f53ff0d5c8d21b0232895f4
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
d376a62629060f298ff66774618c79661ae960bb2d6c71a8cbab8e54f4b3f995
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e0cf082645dd5b0107a5e6d8a13ccfd5c922b0e533df5a8dc4595e929b7e5ad3
e1d3e62893ea23a3e4a1878b5f17af0faa10aaaf88b5162d6a642f90c3b89c6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f248b8ddf410d3bed3d373eb9b119d74e0482b01d680c5373b97d07f51aa4c
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e92720bfb5a7842b521f916626510a62ef8bbc3032a1bfe85722560658e44d
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f870c9a13b5a9c8b75eab24682663ceab4374a797661df60f5c8a7b523f23c4a
fa015dd854de8ebf5de95ec7b513473d23f033813f66ee7fca1e3fb68453fd6d

ust.aly2um.com Open in urlscan Pro 2606:4700:3037::ac43:a190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

76 %IPv6

14 Domains

18 Subdomains

17 IPs

5 Countries

1095 kBTransfer

2412 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ust.aly2um.com Open in urlscan Pro
2606:4700:3037::ac43:a190 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

76 %
IPv6

14
Domains

18
Subdomains

17
IPs

5
Countries

1095 kB
Transfer

2412 kB
Size

13
Cookies

77 HTTP transactions
3 data transactions