usa.businessupturn.com Open in urlscan Pro
2606:4700:20::681a:c18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.65-21-22-232.cprapid.com/
Effective URL:
https://usa.businessupturn.com/
Submission: On March 08 via api (March 8th 2024, 9:28:44 am UTC) from US — Scanned from US

Summary HTTP 92 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 92 HTTP transactions. The main IP is 2606:4700:20::681a:c18, located in United States and belongs to CLOUDFLARENET, US. The main domain is usa.businessupturn.com.
TLS certificate: Issued by GTS CA 1P5 on February 27th 2024. Valid for: 3 months.

This is the only time usa.businessupturn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.21.22.232 65.21.22.232	24940 (HETZNER-AS) (HETZNER-AS)
56	2606:4700:20:... 2606:4700:20::681a:c18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
92	11

1 65.21.22.232 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: server.businessupturn.com

mail.65-21-22-232.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2606:4700:20::681a:c18 (United States)

ASN13335 (CLOUDFLARENET, US)

usa.businessupturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	businessupturn.com usa.businessupturn.com	631 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	74 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	277 KB
6	gstatic.com fonts.gstatic.com	101 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	153 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	258 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
1	cprapid.com 1 redirects mail.65-21-22-232.cprapid.com	356 B
92	9

	Domain	Requested by
56	usa.businessupturn.com	usa.businessupturn.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	usa.businessupturn.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.googletagmanager.com	usa.businessupturn.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	usa.businessupturn.com
1	mail.65-21-22-232.cprapid.com	1 redirects
92	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
youtube.com
instagram.com
asia.businessupturn.com
www.businessupturn.com

Subject Issuer	Validity	Valid
businessupturn.com GTS CA 1P5	`2024-02-27` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://usa.businessupturn.com/
Frame ID: 4894FA3F738082B9E69B52B65624D5C0
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 310F4688F5A1FC4D4BF7CEF69C487816
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5895752553156106&output=html&adk=1812271804&adf=3025194257&lmt=1709890119&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fusa.businessupturn.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709890118482&bpp=12&bdt=1297&idt=512&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3654878294001&frm=20&pv=2&ga_vid=431236098.1709890119&ga_sid=1709890119&ga_hid=1338919639&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081612%2C31081644%2C42531706%2C95325752%2C95327083%2C95322195%2C95324161%2C95325784%2C95326917&oid=2&pvsid=500399564369094&tmod=494892529&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=553
Frame ID: 3B7BDE85512720DDAD83A1ED55462EE4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A70BE23002FE11217D86A93ECE1C71F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3594F6D51AE2D7524EF31C156BA857B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Business Upturn USA: Latest Trends, Insights, and Breaking News in American Business Landscape

Page URL History Show full URLs

https://mail.65-21-22-232.cprapid.com/ HTTP 301
https://usa.businessupturn.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

92
Requests

100 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

1243 kB
Transfer

4053 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BusinessUpturn
Title: Likes

Search URL Search Domain Scan URL

URL: https://twitter.com/BusinessUpturn
Title: Followers

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCMLBxkRyrvO_yMWFPjQxgyw
Title: Subscribers

Search URL Search Domain Scan URL

URL: https://instagram.com/BusinessUpturn
Title: Followers

Search URL Search Domain Scan URL

URL: https://asia.businessupturn.com/
Title: Asia News

Search URL Search Domain Scan URL

URL: https://www.businessupturn.com/
Title: India News

Search URL Search Domain Scan URL

URL: https://www.businessupturn.com/contact-us/
Title: Business Upturn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.65-21-22-232.cprapid.com/ HTTP 301
https://usa.businessupturn.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

92 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
usa.businessupturn.com/
Redirect Chain

https://mail.65-21-22-232.cprapid.com/
https://usa.businessupturn.com/

246 KB
31 KB

923ms
740ms

Document
text/html

2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88779c1f9e04a15cb6d6254181f7bb8b3ceecaff45fac8d24a182c60847ffe8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8611cbcb1ec367cc-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 09:28:37 GMT
expires: Fri, 08 Mar 2024 09:28:36 GMT
link: <https://usa.businessupturn.com/wp-json/>; rel="https://api.w.org/", <https://usa.businessupturn.com/wp-json/wp/v2/pages/1546>; rel="alternate"; type="application/json", <https://usa.businessupturn.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUAXnInSdcDGyazVd6IB4xf7zfpqBiA%2FvVpl0E7teO598RZfKZ1pnUC6cYsDf4Ik4nZKFWkxbo2q4L5oyZMUjFMKUv32CgYu3rc%2FSMXoQH%2FVYkOkTym8lcvL9D42VBE3Unsb7zMVJYI3%2BVp%2Banl3gALcdWc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: max-age=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 09:28:36 GMT
Expires: Fri, 08 Mar 2024 09:28:36 GMT
Location: https://usa.businessupturn.com/
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Redirect-By: WordPress

GET
H2 200 style.min.css
usa.businessupturn.com/wp-includes/css/dist/block-library/ 108 KB
15 KB 553ms
546ms Stylesheet
text/css 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 31 Jan 2024 04:57:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJcAkSknY68SmQ7Tt9zXd5Z9mfj9DRVqGIpqB1JXCgyU810EyI3tTWWpO7DaqVjXy4HJ6J6VaNo%2BKWPaKw4h0dY8lucQHtdQoJOlkXMExWnPZF8doLCuqfrQhJ3Vcu5lskmGRMlfuGp6hfbdOOJU%2FXuLNok%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd099d767cc-MIA
expires: Sat, 08 Mar 2025 09:28:37 GMT

GET
H2 200 js_composer.min.css
usa.businessupturn.com/wp-content/plugins/js_composer/assets/css/ 474 KB
46 KB 688ms
682ms Stylesheet
text/css 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzfTAarrwU3e5G9UAHgl4WzbjDn62M46aUraG86H9Mu%2BQFREOY14k2yJf0ZSiTfCyxss%2FCeqBHjNQPZkDBE%2FGvSguV%2BA9HCfh753RqiVCmvwdXCKc50FBensrDbTH8IQ%2Bhgh3evBDfvkhH8OjwEAJ8qXUi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd099d967cc-MIA
expires: Sat, 08 Mar 2025 09:28:37 GMT

GET
H2 200 style.css
usa.businessupturn.com/wp-content/themes/publisher-child/ 341 B
583 B 431ms
425ms Stylesheet
text/css 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/themes/publisher-child/style.css?ver=1.0.0
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b781a27d93d8ae5d45dd1f62eefc08a812c14675b3f4135a926b6cefad0ee2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 Sep 2023 18:43:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzbvg6ATkRxNJV7ry%2FVtb6NEuyv8TRmbnEYtpN0ZaVKxuLbz7WXL7PYU6puyIDoxNjRKtFqqdqiZIWRhYWB8%2F8RgDqUHg0MjiD%2BiOgBPbMNY3l3MFGaIt6dK0nWKFtlIXaJNtVPr%2Bey3OBUSgXQLEEGtO7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd099da67cc-MIA
expires: Sat, 08 Mar 2025 09:28:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
3 KB 373ms
81ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap

Requested by

Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c667a15a595e4c357f88e45771c37c1189465b52335d205cb79ec3fb67c7863f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 09:28:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Mar 2024 09:28:37 GMT

GET
H2 200 jquery.min.js Show response
usa.businessupturn.com/wp-includes/js/jquery/ 86 KB
31 KB 570ms
565ms Script
application/javascript 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2023 05:56:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWfrCL7WnpHqbIRQwIeJSNFETuX7P7CQ2H2NgognLLhjEXY4czqfwefQzqEms3JJGWYbkAGD5dzkJRbqQ4181LwNGmzJHFDMaC866DAh8yIJdCtHPUa2kTyVOssKLKK00bONXkFyHF3sueFzZ%2Fb6FeJ7GII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd099e067cc-MIA
expires: Sat, 08 Mar 2025 09:28:37 GMT

GET
H2 200 jquery-migrate.min.js Show response
usa.businessupturn.com/wp-includes/js/jquery/ 13 KB
5 KB 459ms
454ms Script
application/javascript 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5B1ceqcMdwaTIQYEXBuRky9FHWsadvU0m30HfLBFBbss250XHPnZJ9Rqioavc7YZOTlx%2FhtusG6l1s1x7ZuAZnmhpmUeEt93qbV2sh4tSdvQAYPDzbia9%2Ff5sMamV%2Bt9%2B8nwmrDySbNDINoXrbrgYYnyyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd099e167cc-MIA
expires: Sat, 08 Mar 2025 09:28:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 359ms
159ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5895752553156106

Requested by

Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06cf67646c66db9753193520f98ce62c0edd95bbfb3492cc408a277046f8915f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51088
x-xss-protection: 0
server: cafe
etag: 1098045974407240825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 08 Mar 2024 09:28:38 GMT

GET
H2 200 ee167fde2b39061e044b19eed61b7dbd.css
usa.businessupturn.com/wp-content/bs-booster-cache/ 933 KB
119 KB 718ms
713ms Stylesheet
text/css 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/bs-booster-cache/ee167fde2b39061e044b19eed61b7dbd.css
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7895c57aa33427aeaf7cbbbd4ad84caf417c86770f192c122d1b68e20491af4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Aug 2023 11:57:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxvxdpQQ%2F7hDylq2VD9f0tF6o%2F2oNaCKnBX9CHY%2FshOG76SpmaMd%2FdENEm39A3pDpTigme2TUQmFS2nMs7FJ4k%2FDeK7Wt3XsnSDtoFvXDCtuPJ8ElyVgdO8sYJh3rNMGswLe7Jt1eWWw2CevapcF5%2FvCEu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd099dc67cc-MIA
expires: Sat, 08 Mar 2025 09:28:37 GMT

GET
H2 200 1a645ec437e8be3085c504820269ba14.css
usa.businessupturn.com/wp-content/bs-booster-cache/ 44 KB
7 KB 434ms
430ms Stylesheet
text/css 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/bs-booster-cache/1a645ec437e8be3085c504820269ba14.css
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0dea1f4b0e43e4738f24943e709b8a08458e176cec92e072c2699d2d08cbab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 09:03:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm2BGbrltubSZbK0TkFTmAYQKtF%2BChHait4ty3%2FmK5BeeXmxcbEOjQZYjK9t2%2FSGwHMkZ2NpRlMpjFAxxmVXxlIYFOM12Dng9GfGFGXABwntfOrPvj4RPRldlisl2lWU4JaOI6Wm3kmAy5kOQ7YfnN5fB08%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd099de67cc-MIA
expires: Sat, 08 Mar 2025 09:28:37 GMT

GET
H2 200 upturn-logo_final_Artboard-1-copy-6-1-2.png
usa.businessupturn.com/wp-content/uploads/2023/08/ 9 KB
9 KB 432ms
428ms Image
image/png 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2023/08/upturn-logo_final_Artboard-1-copy-6-1-2.png
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118c6a856ac4a00dfdda0c06c30f10ba7188a01cbc5df125a284508c4fc12de7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 14 Aug 2023 16:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNxzLKKai6iY2XuwtsGYHwB46DxiS%2F1SXDiOmGne2PN9S8Re8PE6gB0i6T1GggMjKfSRsCRPzfFx%2FXBjD12%2Fdg8enhjp8SWVK5Xpn9iqLEpuFubg%2FgZe%2B46DQPjrvWsLO6jQGjDdspwqCnnrgRODqMnon%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbd099e267cc-MIA
content-length: 9188
expires: Sat, 06 Jul 2024 09:28:37 GMT

GET
H2 200 btc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 1004 B
888 B 432ms
431ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/btc.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d5ecc6418a43c6a1d6145701c9f3ab495705ab66b9d6d559de241c04e2cdc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8oJU%2BjOpAWs19IUOfudyeiiL%2FR8vYs0YPKdwtMMy6UFn%2FQhWnIwSgV25WvVcA7FItPYWfjg0AgVwHpRqy94%2Fg5YBWZZuoEB3UsJduglDDCGBjHsCPoAYniVgwV2DmXxQIypG8gmEkIjCIr5lAUY28Scktg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd099e367cc-MIA
expires: Sat, 06 Jul 2024 09:28:37 GMT

GET
H2 200 eth.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 550 B
597 B 434ms
431ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/eth.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a109ae24fc82caf487a8dd663999fcb102e7436f9340e04f2597e4292bab89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAIxwFhBnp9rjFQr8GI0sMt6hYxSSf6k8bHt2qkNvNlieXCr0SDq%2FlH52kk0nAq5aIo3lT3uPAFzduJMcCcauS2aSB%2BWykohGXgk%2B6%2BMdrrAiHEYg8aLPYxY6rwgIyDbOUzyOyA%2FbdMgNrtmYX8lGJSc%2Fjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd34b7f67cc-MIA
expires: Sat, 06 Jul 2024 09:28:37 GMT

GET
H2 200 ltc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 588 B
712 B 427ms
426ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ltc.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6261d86a0f600f99a30bd078d8517debd921ee373f4492a22d0104cb9e4d122f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikJ3IlbhMHgKExU0tRAdYYQXHIvUTciSdto%2FaVHAp5Ww5uTQe3OTRrs5Msgi447SFlS1OdYMydyxD%2B998ApShOmyIty96whD%2B1%2ByB8%2FwKIlyxiTiBy19%2B7h5ZVyqiWiw16OvqOEvyWR0rlyVJWkTyqikRw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd34b8067cc-MIA
expires: Sat, 06 Jul 2024 09:28:37 GMT

GET
H2 200 dash.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 540 B
612 B 446ms
443ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/dash.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dbfa2170a79e214b86b1364de5f7403a26a0e1cc0b5a43cb712e9fc1f0f4b6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVpWFNsRbWmseC7yDMgj5NvkVR8thC%2BkzcTwcPRTEsQ1sJzMGRpu0ovbhbS4%2BtlKjY2Eycy2i6XH4QuvoEm1lHoZ9r%2FOhu5TNnjaSCBmoXppCUcNlaBVXsLKaIPmGvzgWhSAXrespwhBSuRb7SaaHvmdHmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd53cb967cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 xmr.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 438 B
599 B 447ms
445ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/xmr.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de35975f0a5fd128d7678788418dfc1475b29b3b3d22bfa101fd2741c9c0e7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgbR4OrBM7uK5cU1NtGGTb3UvV3QlUYQmdNcKaEzuE79e8EOSLaZejUEjfi4ibMlTPz52H228xtqswZIdXSCuY6ybLtJ6jzmllzflUqKv8Qiw%2Fmdy2ERhKssLLzlyWhwe3wvy9z6RTqtAR%2BQPXcPgQCdKmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd53cba67cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 nxt.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 2 KB
1 KB 435ms
433ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/nxt.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fddf503b8e65fdd0574dd3b66eca131ed07f9813326ef7219f01b974726f2734

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2B5qWPo3ax%2BhCM3fcCtFU1SVIx10e9515W60GEWEPTV6qkf115lkCD2LFuOfUCA%2B43%2F7UxqAVOqKHnA3Z%2BcjeUuCK4gGEtzQQFx3R8W2YAm1jCxgQssddLKDPDGovAYSFvfoLtOqJyd57lmCZmwcjmaDi8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd53cbc67cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 etc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 327 B
579 B 427ms
425ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/etc.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d89057a3240675db6d6273d40bf23ebc243335253bd173702a2fb7f007634119

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAbESvDQUqvtTHDwwDLx6iqMAQ9L9Wp5OiUbu0FWsL8AjKeYT8Z408GjJVPoR5c%2BJOzhACyUvOlTn9CQ5aVaSlgzgMgt9uxY49cCt81EAAw5lujqJ%2FAowp85hTZVwaKib8nqx8dyr2wu9YsrVyh8CGxY%2B50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd53cbf67cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 doge.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 491 B
580 B 430ms
429ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/doge.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4316274b2a43f901eb790f10be463887ccfe50594284c7586b684166d20bf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv%2BfEUZhK72qkiPcYN8qfVy2CStOZGNJh7XnC6eYmEdbJdCuSWc7skp%2BVKCdLtjNXs6o3%2FtS81ZfTGvve4XYBJ5b4ki4UMARn39xhjNbOTZl0bh5rRLyEOY15WwnRl30RQ9SJhyu9b9n7kaNxsT7d8%2FYTVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd53cc367cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 zec.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 1 KB
928 B 438ms
436ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/zec.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25fe70cd76914f6805510a5a1a03dccdced16da89be9e6326a5f75e22eeb5d57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxsCSdvoN%2BEfh8IGBPTGtCB9h%2F5FBDRZIGrNLf7kwLIpV5fg1dPPlk0y5ypir31sadtv1LaMHpcCNR8LEz1Cf4qqBubripkui54KluV1fckYkbjf%2B9vD9OWNr1L2o7u%2B3gq%2FYX7Tl2alHRycbE1wKYalKrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd53cc467cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 bts.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 854 B
761 B 436ms
434ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/bts.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29e6b3fbec9bdacf331f867450d176c6fcd5a97040fdfcab4480b7c9aa3092b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJhKesaCqDqmBz5IsJwL8%2FfnQBFtV7lGlIA%2FbOkuq9At0kZC5RCIXS2Gu5Oo7kT4kp173riQHuFQ88%2F9fJag0jOsZjHwAKoG7sSF8%2FzSnxPDSeamYw0Aw0%2BKIt7VA%2BWnuwaOkdhJsBY%2FBvnlPyUutYwRRAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbd53cc567cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 282ms
86ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-282251473-1

Requested by

Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c62e313a31e38782b88bde1442a20e6e94b99000af71bf8d3db4899928769d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71844
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Mar 2024 09:28:38 GMT

GET
H2 200 js_composer_front.min.js Show response
usa.businessupturn.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 445ms
442ms Script
application/javascript 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Aug 2023 17:34:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDXRxlYrmgOFK4KsV5NAEfHrLHHTfrVzZEeeq96U5x8bfJ66pXhb8wzMyRldUUQ8aIXzS5espx%2BX8Y33w5dhQH8R6kJv%2F2%2Fne0eOoNqNI1q9GKqclF0%2FjWrC5P7WF%2B%2FZWalKUCVmHqhm6i8kHrpCDi59LP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd53cb867cc-MIA
expires: Sat, 08 Mar 2025 09:28:38 GMT

GET
H2 200 49a8ae838bdd47a7428755259fc4e87b.js Show response
usa.businessupturn.com/wp-content/bs-booster-cache/ 305 KB
91 KB 689ms
688ms Script
application/javascript 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/bs-booster-cache/49a8ae838bdd47a7428755259fc4e87b.js?ver=6.4.3
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1086f05f613389cc46dcb42c927b59e47d8404e32e3a1430a578b3de94109fec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Aug 2023 11:46:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u73XqOstuQC3pog5E7K%2BORMcxeWyrprh8zaS0SdKImq7Py01LPfUWM5fQfle3dmB1PtAkBaeUlxjE6ciyn6EE42S6ieYIli1IJfls9vrHAEz8BsYOi5%2FxMr1pMj2ZwYHyELKMQC25%2FmUtYguFGFu2xK7ORM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8611cbd54cc667cc-MIA
expires: Sat, 08 Mar 2025 09:28:38 GMT

GET
H2 200 bs-icons.woff
usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 575ms
573ms Font
font/woff 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/wp-content/bs-booster-cache/ee167fde2b39061e044b19eed61b7dbd.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Referer: https://usa.businessupturn.com/wp-content/bs-booster-cache/ee167fde2b39061e044b19eed61b7dbd.css
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 12 Aug 2023 15:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcksQOePr2LS%2FlNCyLu2NzveWgCd1F9YkNYaZXuFKsjbXK6lJUqhAj9cfLOhywBjEKTf6JkibntjQlZDOlL20q%2BlwA8hJ3YB2AtS%2FjV5hod9oYakn2e8Rwjj7B7MzWHNTdALm5DuAw%2F36XZSPV6s4DEsGu8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=16070400
cf-ray: 8611cbd60d2167cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 216ms
79ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:14:01 GMT
x-content-type-options: nosniff
age: 173677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:14:01 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 206ms
69ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 07:45:41 GMT
x-content-type-options: nosniff
age: 92577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 07:45:41 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 301ms
164ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:14:01 GMT
x-content-type-options: nosniff
age: 173677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:14:01 GMT

GET
H2 200 fontawesome-webfont.woff2
usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 551ms
550ms Font
font/woff2 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/wp-content/bs-booster-cache/ee167fde2b39061e044b19eed61b7dbd.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://usa.businessupturn.com/wp-content/bs-booster-cache/ee167fde2b39061e044b19eed61b7dbd.css
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 12 Aug 2023 15:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtLIJ38d03ZQwJbSEs8j%2Feu8mpGS%2BtdKEtducVrDl77L4dEWFYCG2fdW9SkHwXpxh49kx8QVBP8KMFzI6JaRRR53vN%2FNwpypO10HN9YbIXfFCqw2Ao7cx8oHPSnsAUD7kC3oI8bqmly3JBZ5xyg3WuLHof0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=16070400
cf-ray: 8611cbd60d2267cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 198ms
62ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:51:59 GMT
x-content-type-options: nosniff
age: 174999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 08:51:59 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 273ms
137ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 07:35:09 GMT
x-content-type-options: nosniff
age: 93209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 07:35:09 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 22 KB
22 KB 274ms
138ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usa.businessupturn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:01:10 GMT
x-content-type-options: nosniff
age: 174448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22420
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:56:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:01:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
83 KB 105ms
104ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7TS7BVXWNR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-282251473-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cbf93d548a873f3bb40812aff75e957be2bd2f74eb1753baf845c89b9862293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 09:28:38 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/ 405 KB
137 KB 296ms
165ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5895752553156106

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84389d0278b315106d51ace21f9085ffe713fbeebb353afdca08c658483202e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140431
x-xss-protection: 0
server: cafe
etag: 8601966804809307005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 09:28:38 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 310F 9 KB
4 KB 245ms
65ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5895752553156106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 7992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 07:15:26 GMT
etag: 5035419970550746386
expires: Fri, 22 Mar 2024 07:15:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
258 B 129ms
47ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7TS7BVXWNR&gtm=45je4360v9138853563za200&_p=1709890118114&gcd=13l3l3l3l1&npa=0&dma=0&cid=431236098.1709890119&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1709890118&sct=1&seg=0&dl=https%3A%2F%2Fusa.businessupturn.com%2F&dt=Business%20Upturn%20USA%3A%20Latest%20Trends%2C%20Insights%2C%20and%20Breaking%20News%20in%20American%20Business%20Landscape&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3904
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TS7BVXWNR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 09:28:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://usa.businessupturn.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 btc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 1004 B
918 B 45ms
38ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/btc.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d5ecc6418a43c6a1d6145701c9f3ab495705ab66b9d6d559de241c04e2cdc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEJUpdYS8ypKWASTiYYGetAzAx2Cg1Tx7qf97b84r8tbzoTsFSoBPoWULrC2LIPegRPv1c9QOTVwgXMR80%2FmLhGIF%2B6TTYYfi825umpI25xRv%2F72n0r2dOEdw%2FIqvPAgOzxKVC8QlsSvemONqI26GP6SSMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8467cc-MIA
expires: Sat, 06 Jul 2024 09:28:37 GMT

GET
H2 200 eth.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 550 B
582 B 48ms
41ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/eth.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a109ae24fc82caf487a8dd663999fcb102e7436f9340e04f2597e4292bab89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mmk2ZQkW70v2lKDSzfACrELYCY7VhQlav2TmHCIXnapUJ16XdETogE%2FNg1RxprFWDIb%2BpEhBPWevFjO%2BW2AR5rZh7J%2B0F3T6vGyqHtozOOG5z98YqimL6L0oj%2BuzTNAu4dt8BnPbeRHtXbhOta8H1JzvJY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8567cc-MIA
expires: Sat, 06 Jul 2024 09:28:37 GMT

GET
H2 200 ltc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 588 B
643 B 48ms
42ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ltc.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6261d86a0f600f99a30bd078d8517debd921ee373f4492a22d0104cb9e4d122f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N2ybZS84xClUNCdsjabEYlHnGGS8XdatueQKxu8nU8z8lhtCwqZk2wNrsLivUjf%2F3SqriaCIIPNAH9poocFDSG%2BK2VNrUoyIXuUQV64maf3amWSoIc42F8Q6f9ErFjXB7VDj5RIZCHJDu6B6i4Pxww3jSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8667cc-MIA
expires: Sat, 06 Jul 2024 09:28:37 GMT

GET
H2 200 dash.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 540 B
611 B 49ms
43ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/dash.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dbfa2170a79e214b86b1364de5f7403a26a0e1cc0b5a43cb712e9fc1f0f4b6c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUAjLvlYNOcEyhSsBegCt2Rl1IY0uWlXxRvjKPe2SCDzwyVjav0G4gdjwdkQTYZhKBAO06iBDMXNzD1digIO3QOsDGuYkFr6EGvX8FJ4JpUhhG08HthVa%2B1nFr7PsnTeoNPZHr0srLRkPJ4Fwdim9q2xQBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8767cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 xmr.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 438 B
637 B 46ms
40ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/xmr.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de35975f0a5fd128d7678788418dfc1475b29b3b3d22bfa101fd2741c9c0e7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Appk1PGTw1QxwTNM5ZHdqe3atQTs3F0hTwNGhhhYz4%2F4%2BrSdTe7dRI4uBZ8f892BtXmzlEvdldOJl82miqKVyPj79%2B8Z0E94WAh42OnCZUWPfQcs9zqpecTSbsAGTcaIWkla0PK575VGG6ZqEoV85XartJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8867cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 nxt.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 2 KB
1 KB 49ms
44ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/nxt.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fddf503b8e65fdd0574dd3b66eca131ed07f9813326ef7219f01b974726f2734

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPJ68oVxjOAfYrPCwEfhKADrfB%2FFz6xVIcakrp9DmkLqqQFPkftTwjdJUasAknlN2yRzO8c22jN6C2NB9XFV3cS6GSuPlbUejGztEAr4uuiYetic0AdzGIvg%2FW6b%2BDEMkXcrKKqwUrVslxTs3teFlIr1KNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8967cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 etc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 327 B
571 B 44ms
42ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/etc.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d89057a3240675db6d6273d40bf23ebc243335253bd173702a2fb7f007634119

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaxIdsVEpOs%2B4mV2lJr5B1BuVMyNMX1L8Pyhpiw5xaZOIgdq1GN%2BOPJoBmP9N8A%2BIPSjOGHLTd1pubdHTp%2FNBkMwrU9R3B6HKvc%2BL6Acozbmkpy3PwZTh3iLwEE5HiU754Kz2%2FcgmSkO1m0%2BrlhuxzIpS9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8a67cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 doge.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 491 B
583 B 47ms
45ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/doge.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4316274b2a43f901eb790f10be463887ccfe50594284c7586b684166d20bf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo547lYdw5GknNkPnt4oL5E1SswV1NW4bEUxdHYE%2BfFUq1hLzIkWz%2B1VPNzAgQjKNfL5y0XpbjCca3GHuioA%2F5OS6jWa9drlsZRgAPxlEM%2B7%2F6WPCt5bg4WemMhJXIKDuZT%2B6tHCAytqsxa2Paarb7x0gtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8b67cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 zec.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 1 KB
883 B 60ms
59ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/zec.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25fe70cd76914f6805510a5a1a03dccdced16da89be9e6326a5f75e22eeb5d57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9bDlHN6u%2BI%2Bgw3Rv8pY9Bv7iKjfvELH%2Fd57WBqTFYr1%2BJmXBcdLQDtPnw160TiN1YV0fHMaPmCCtTJFvUTfqs2%2Byd3PfO4%2FKSrWY3m%2Bb18WJ73yW%2FOaKKOUbhUJuJjQZ4mEVR%2FkBiaJkbj6tk2Gu35oiIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8c67cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
H2 200 bts.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 854 B
757 B 45ms
44ms Image
image/svg+xml 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/bts.svg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29e6b3fbec9bdacf331f867450d176c6fcd5a97040fdfcab4480b7c9aa3092b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Aug 2023 17:34:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dZbEhK5X%2BGfYlATjTx7A90pDzITY%2F1x7B5tByqWCaStqsE7w14TGqh633Y%2Bqrm9HpMr33HaW6m2nLIhjf5RmjgFG3lDmrqNv3etGzJ905GEYnFrz3XF2EBujvCk0S2setoon7gdeu0D28nMSzTgW%2B0OGGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 8611cbda0f8e67cc-MIA
expires: Sat, 06 Jul 2024 09:28:38 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 Iran-1-750x430.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 30 KB
30 KB 558ms
550ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Iran-1-750x430.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d0ce8e0ea69d05fe2685e117682c2a40bbf98cdf25f12610963c5d91812f91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 09:08:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVdLCnghasnAgCScvax0rYCbU5MbnmgbBUkIBdcPO03qSuYb5oTAYOkRFaUAv8RFh1GV4DZgFv83z1YMZi2wde%2BzREdtOJ1Yfcie2VrXdaYXECQOFFCiDNHDX3q51ZG82ZDrUQ3w3LUbQFCCQukkpSbaA0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88367cc-MIA
content-length: 30442
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Haiti-USA-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 431ms
424ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Haiti-USA-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4a5a8a7ab5a277fa7f777f9bd5e78690fcf21f32b0428509de8775cb996d928

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 08:47:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kh5sXL8Lkesvin6tICnjlnjbOM0FWzentmNAyGbUrjMKRqKg5QC4UX%2B16vQqZD5F45GMYn0dmz8u3xAmRJhnzHulsgHNtbhBLEPIz3DUch1wwZIK5y1r%2BO8a6SgFzX78jKScC%2B29MqDFs9GjrILYZiqnQj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88567cc-MIA
content-length: 2700
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 China-USA-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 2 KB
2 KB 438ms
432ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/China-USA-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fc50abcdfeb6d9ef4306d1cc1bc20557e690b4e37eb68056b91805fab1983e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 08:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0ttqfaQANh6zdm4b68xoElGMlQWE%2Fk5lLFtvHBZo30e0st26giB1StKt8TFilahw%2FWhu%2BH%2B4iyq%2BXd1Ja2Jk9dlIrwQcOB4YyWxNjrzltFTJ5ReHouNei1v2Aocpd3WNrKROQ1iFz3zwes5ZiD7HzY3mzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88667cc-MIA
content-length: 2187
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Biden-Trump-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 433ms
427ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Biden-Trump-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1920282d8484e69d4311ded6e64f416d4d32b146e0e450345dceb18f0ef1b40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 08:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Czw4zq88j6UCl0Z2R2l9sda3iS5q9zPyz0LiKd0qJQycbA%2FQpLYnjMwLXE21t0nbvyzvRkGOY17evK5tZUlSCGCnFbh1uIKuWaJ6KKgiVa%2FhWDbjtYdZUVcbj70QEiBMTdOvjOFS4Lv3qUekcLYppIvSjLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88767cc-MIA
content-length: 2658
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Sweden-NATO-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 434ms
428ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Sweden-NATO-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31fa7cbca6b56f91316fb18608c54126158c5eb3aa75945f0fcd7088f9a4aa2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 07:51:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TN24PUb1W%2B2Vuve2F9bct3izZjO8joh%2BpykU5RqKzxfqeUsF%2BVIbvWYkvtjU3NYXfKSi3X1%2FEnnJ0b469JXKQjqLrgqxPFMWaflMQ0AElCcA3TJp3THWYi9bK70C5J5PAcCA3xCpC7XMyjEWO0qkhmPDkr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88967cc-MIA
content-length: 2716
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Biden-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 2 KB
3 KB 432ms
426ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Biden-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05bf4e82601ef9a342dae147e3f3efcb8cc129d1a4dea862726c5ca91b078bec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 07:18:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KkyNPFHWF93hrLERYfZBxOhfHWtF11uQdPYG21yCKYD0XetrWtSHManpCo5TwIeRIz8ml8zvRJlBSRM0rLOnHF5nxvjcuX1HNMNp06l5vszh5w2nlNt19nfjfrnqlGo6nG7Buu9mDqAGI35i7aSM50%2BpcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88a67cc-MIA
content-length: 2507
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Russia-1-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 449ms
443ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Russia-1-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba0d0d1cee0e87fdb22d792694e70419fa88c5f2073bdea4eb74e983b586f02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 07:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mWIYtoFSerQ94azHitEz9Y3Lodh93ZO4dAteWyhtBCq2d2G43envohIB4xH0YaxBo7ZkYrq0M%2BIgtDwLEeUcTIMQHy7%2FyErOt%2FvsOSsxYxNYPS9LvWYwbzTrM8D42A%2BQcGUdicIeTTRbaU1HP52DPOoRt8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88b67cc-MIA
content-length: 2727
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 IMG_7685-357x210.jpeg
usa.businessupturn.com/wp-content/uploads/2024/01/ 27 KB
27 KB 565ms
559ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/01/IMG_7685-357x210.jpeg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671c67c48b01851e8e03b401cf378d31b512d72f05b0bf35ca6c674ff2e27d64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Wed, 24 Jan 2024 16:22:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jfk9QY8JCmjatu2YCn0XP1yp4LLCHoEDISUmx5X6D3IDF719rm8bhVcUg3PmWnD3C%2Ffmr6DWPHctTEpLNW0nUswcA93%2FLmAW9XdOm9AEAzhvGQ6t67MGnXGgT%2BHcD%2FG5B5XX1SfzYdd9Id1daH340aaN99A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88c67cc-MIA
content-length: 27718
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Cuba-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 2 KB
2 KB 183ms
177ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Cuba-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98163e66e206af4d0d80f945c066d229fc6ae9b10bb26000d3d3a7883b4bf6d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 06:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEk1Kh3RqNBXYI%2FQKlef083AUHt9PhttG4wbs61OhHJVQnAyOAGhoB0W4nj3%2FqlcxHwkeTsbV3dgALCijfjhZi%2BW0sKKl9I0qjUp6GPZZUZQu0Zau1MuUBjrCecmfZITdqeRNf%2BjeuAjxTAyntwPwvHLOlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88d67cc-MIA
content-length: 2085
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 AI-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 442ms
437ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/AI-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60672b22ee96f03160c2952b62feae0d615d03e06d04075085f73137bdb01161

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 06:28:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlR0z6N0hfPZnv8citrvVgCFeAKuNoCH6TcelqjgRtWm0NgCr7QQCHqV9aG%2BuxSpupFEdCtII5%2BILdnzfEOSbY82%2FLylA6cN5HjIFvEOwLM0nJJeB4m8otE%2BWdKiSdEn5OuBQ1U0V7CdEomEmqoCnw%2BOXho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdba88e67cc-MIA
content-length: 3023
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Fishing-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 488ms
483ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Fishing-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfa21c825497499fbdf5b7f04ba0d49e95296a54f1ac8d2450269309dbad82b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 05:49:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXgQ%2FBF%2B5J2koWP2gofGLOOi9AKL4MMw9mnk0%2F4rXQ%2BLM4NuHjMuyPuQk3XvLEh2sRrRCKsiGqUQ9pyx77YeyE8MoByxhUWjoNxTRE2bntF3s25ed7OBhJQqiom%2B6wt2ESFHO9%2BcDc%2FCBqxXiE%2FYc7VS08o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8b967cc-MIA
content-length: 2927
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Meta-357x210.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 13 KB
13 KB 606ms
601ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Meta-357x210.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40a3e4a540dc68da8eceb19e617a334cb5eedcc8f73f36d14c33cc2e22f4e24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 05:16:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdfHrWH3HcHs3bxAD8yy%2FBMN1%2B7xu45H1Wb0kgErXNlhL9ZAQrO%2FvfhteFlNegR8zZQpa4GzaFobrMw2kRDIfcGA%2FJ4lCF3Avn7IAF7LW95yESnumaH7HV%2FjC0UzCUWsdKq%2BHb1M0BkmXVBpQqQDvT4rVeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8bc67cc-MIA
content-length: 13424
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 George-Russell-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 2 KB
2 KB 461ms
456ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/George-Russell-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24932240d7696fec7b9ffaf86e53df64a306043ffa2d0bc4bff1d9f9c6735dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Mar 2024 04:35:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8iZXsu0U8%2BKR01Bd2wycUAtnnKC17YrF%2BeJZysyZT9780Ar8O6hJ3cMralHAbkyBIPqgGqy2D4J14zSvteDVxrEbNkXic6zOSvWladJY58SyuTc1qxTw9IDzqfMHxwt%2Bsj1D8TjafkfCTg2YhgbrRPHhN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8be67cc-MIA
content-length: 2050
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Lewis-Hamilton-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/02/ 2 KB
3 KB 485ms
481ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/02/Lewis-Hamilton-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f0bdb744445f55e2187f4363b1042ba643cdd8f534491ea8c887128a267a193

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Tue, 27 Feb 2024 11:57:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8h0%2BzxxUZd%2F4NrnxZ%2FZgvTX3Pmiji8WN5z0hEL0qdxDiKcvYnuIRkUUp721k3SLK0lHvZu6RA3refCYN8A2CrR7%2BE8VlLuPVh1uNRkxEF5w1HCs9VRUSYDUpm37FwXB1j0%2FEau6Oc%2BsJyhEYO6hCJnC4jE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c067cc-MIA
content-length: 2396
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Super-Bowl-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/02/ 3 KB
3 KB 464ms
460ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/02/Super-Bowl-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca49e951494f26cad079f0f898032e213efd7c69e54c414f032bf5eb02372f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 05:05:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA2LFhBlzF0pbMvxUZbnMbJgdbZrcEi%2BArphHywlS1Sede4r0xHJJoE7vxyO%2FfYMZvdJaW3LnnJaciRSDGM%2Fj5ZmPoXJ%2Br3i793x3MqYXo1xiADqutkhCUVRxxGQhnDlLfXWDwQ04JAKo1zQ9Rts6Osij6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c167cc-MIA
content-length: 2766
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Gaza-1-357x210.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 17 KB
17 KB 595ms
591ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Gaza-1-357x210.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca431ca532fcec770436e61abc50c1c2c3da4e6f4142aca710132bd9a84ced5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 04:57:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpRE8k0vEZFlLSTC0cvPcnLOPei7leJ1EiToeABoVCXDwpvIRm%2BVZuepwf%2Bjt%2B7zW9CNTsuT2mrgbi4ztbiiamUdV%2F6%2BLrDtszcR17N%2B3mCr4sT%2F80SF3pfeauby%2FZrWQ%2B1PKfXuvvyzO3InHPlXexu43BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c267cc-MIA
content-length: 17527
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Hong-Kong-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 461ms
458ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Hong-Kong-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c155d2e9b6fc4dd97d4f8ae175c230ffae868e7e2e13b51ba6a544aea35cd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 04:08:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJr7TRWUjZVG9XiqybBBe4pAt74fAEgNxqdPTxCX5gspqMk2FvAkZ8pUTlF%2Bu0rdnOK0nQ8slfkLdICxUZfqA0b9yXTJ31PC%2B6PVtr5dE8nVvGKTemkvPy1ewGachA%2FfNlVquFXZ7nO%2F1Wb2neUIgeB1DKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c467cc-MIA
content-length: 2873
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 work-visa-357x210.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 15 KB
15 KB 582ms
578ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/work-visa-357x210.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100d2052f31d9d75aff54653003b1f65cf9c425b6facf7ba51b7398aba5e39db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 10:38:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTrYFTphdOKI4SQZz5AUExbIJjGxAv09TYl4bDgJL1RXqMeRlaYg1RiqZ7gJFWDGPu72QpZmOCd%2FW6w0ZyDCHOzEgoNyccf3GC9Ul2hOUJ3lTQWQhDX1mZaYIQU%2FpWSW8sS%2F4AG7bb6uVf4FVVmYsZd8t8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c667cc-MIA
content-length: 14946
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Australia-China-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 485ms
482ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Australia-China-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c3d43f3e7d6fe290873bfd994e571e3c2704e0b804e6b29c4e3da50c3d9d21c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 06:50:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhH%2BdOXJKJiKrgAKm6CTFT4l6r5fDx646Gebdj7yGbe4JgkXlGk3wmj2LveCungGrblxH5NB8q7wQmQSneIcNR6023QtiCpWuVglLxX3rujEL6DJuoI8yZJF1GxaduYMC03YajH2Hfmp85XcAMQvs2AT8e0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c767cc-MIA
content-length: 2798
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Permian-Basin-357x210.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 14 KB
14 KB 593ms
590ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Permian-Basin-357x210.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5abf3fdab7b6d585e8c6b55412a7e784be7e2a777828addd4f6e6ea3e46a3e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 04:34:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcd5qjpQkYq78Ng%2BoiIJ50v59%2BTx4%2Ba32JNQb0AOTiXPjukUvCpf9Q%2B76HLuq913hi88N3eJODCOSCGLb7J2oy3%2Fsrzzx9smvC4RCkcJ47JOZEBp7kOjtHfZXk1gkUDN8aT%2B9z6gbdc80xU9vkfwkqmuQb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c867cc-MIA
content-length: 14008
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 US-India-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 2 KB
3 KB 469ms
466ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/US-India-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68bab497f4f66a26f7da7fd40a9e823110ab5bb247836827183b1421c2adef35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 04:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isa%2Bfr5wN7ss%2BYnznDPUn6tdEt1K6AEt8ojFG5pnO3RkebyaSHJny8vMXUzNh0WLCvSqFoBfg1%2Bo7J1EbFKmrEe0ynzXTfBtcGPJ4JsgQAiYhMtrMFcVRtyE8yxUh06HCQefk1QpI0g4%2BXeFl%2Bj7FdD5MvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8c967cc-MIA
content-length: 2357
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 SOTU-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 2 KB
3 KB 463ms
461ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/SOTU-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e77ee1992354297f65f15e0f4f99c7b22860f86208aeb6f0933cefd05d0bfc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Mar 2024 03:47:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGZDzWs%2BDlnE4HT2Ss92yYr5h4mzKtuI0CRUGh65tO%2FlWIPRZz5cDeBjANUI1N9kb%2B1PE0Heil7sR9Z%2F3LrizhQ2jleMZwNiGldD0SjSI3s8iwKHlCoOn3lNR38R%2BZTQ%2FbL0imK8h1CE58oEJkueRyix4Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8ca67cc-MIA
content-length: 2517
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 Haley-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/03/ 3 KB
3 KB 490ms
487ms Image
image/jpeg 2606:4700:20::681a:c18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usa.businessupturn.com/wp-content/uploads/2024/03/Haley-86x64.jpg
Requested by: Host: usa.businessupturn.com
URL: https://usa.businessupturn.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef3ae64d9e9c507ebbc4f75dfe8cd5ab04d43f7be20e6207995436a93b54349

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Mar 2024 11:58:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fc9plSghNc%2BapxkfeKdmZ7WNUgZe4ht94PHj8%2FUNjuN6Rw3m5EIJda%2BmzA%2BQRysEjd%2BmkbNUGUc3%2BVQJAcNT6761%2BOTPnNFPlWWRqeW6k3LMRotlISK7MeKlAO4l5ZTCazH1Mo1V69CyOYpzxYH9qpjBEmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 8611cbdbd8cd67cc-MIA
content-length: 3124
expires: Sat, 06 Jul 2024 09:28:39 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B7B 757 B
501 B 221ms
210ms Document
text/html 2607:f8b0:4006:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5895752553156106&output=html&adk=1812271804&adf=3025194257&lmt=1709890119&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fusa.businessupturn.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709890118482&bpp=12&bdt=1297&idt=512&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3654878294001&frm=20&pv=2&ga_vid=431236098.1709890119&ga_sid=1709890119&ga_hid=1338919639&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081612%2C31081644%2C42531706%2C95325752%2C95327083%2C95322195%2C95324161%2C95325784%2C95326917&oid=2&pvsid=500399564369094&tmod=494892529&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=553

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56bfcd289d325aefd22cf12bdfb850b872c70bf5b3c93288d141a9fa9d9a9bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 302
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 09:28:39 GMT
expires: Fri, 08 Mar 2024 09:28:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-5895752553156106 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 242ms
104ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5895752553156106?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e874672588c614eb486a3a33a47176eb5aad0e43a06770e4a97f3e74277214de

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pn5cd6QrURuTkqcK2EHWpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pn5cd6QrURuTkqcK2EHWpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBiUAjbyXTe6Q7TdSCuZXjG1ArEBhrPmSyAmPHPCyZOIH735SUTz9eXTBJArAHEO3w8WPjWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgFiIh-P4ltXr2QQWLG38yQgAhhkuiA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVrHjhREPWw5nKQbt0KgSltBK9A70MNmnXzs4oSfjb1c3Bj6AbCkqAGjBWaYvrA8sgoX6-7xOxPmkH_5DrQl51uqR3htzf2lMrUDpPLv2ciFaBGBbY8q1qux4mkii_f9BS8IQ-sjw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 106ms
105ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVrHjhREPWw5nKQbt0KgSltBK9A70MNmnXzs4oSfjb1c3Bj6AbCkqAGjBWaYvrA8sgoX6-7xOxPmkH_5DrQl51uqR3htzf2lMrUDpPLv2ciFaBGBbY8q1qux4mkii_f9BS8IQ-sjw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODkwMTE5LDcyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91c2EuYnVzaW5lc3N1cHR1cm4uY29tLyIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMzkjt-1iIsG81Xe67gadpAQdcYYpg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a09a75a3242c8557e52c6f3c054448c38dbec6b97fb5a0bdc2e36c6e22556ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OOgIwDkyRE_9VSTsaUaI1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-OOgIwDkyRE_9VSTsaUaI1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDcXzL6vVsAh0Xf39mAgAFmC3q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 168ms
167ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

723a1f343fe99e60f805712b7035570bc9387354fd77171890c02e73ef257e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12255
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 245ms
107ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 09:28:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A70B 13 KB
5 KB 66ms
64ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 94342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 07:16:18 GMT
expires: Fri, 07 Mar 2025 07:16:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3594 829 B
1 KB 223ms
85ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c574ea95165c23b1b80e016c281bc4fc7feb14256f8b7fdd81115c321249cbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0i8OxQv0yMcGDm93opvGIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://usa.businessupturn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0i8OxQv0yMcGDm93opvGIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 09:28:40 GMT
expires: Fri, 08 Mar 2024 09:28:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame A70B 39 KB
15 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 23:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Mar 2025 23:02:10 GMT

GET
H3 200 adcase. Show response
fundingchoicesmessages.google.com/f/AGSKWxVUb0njrpIkcofx3vGtmqqeLwVliGMjjAsRQyfR_xoxPjWeMXPYUwTYslNfp9M8B6Ip_c8I6Hpg3KCOx1UQPQhIMa-JVDNtGfTtzHv7D606DGGBmhTF0ZiW7K9tfsiEtwyQo8cgpUSFTEnUOFN7iOQ9if7Zk... 54 B
110 B 89ms
88ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVUb0njrpIkcofx3vGtmqqeLwVliGMjjAsRQyfR_xoxPjWeMXPYUwTYslNfp9M8B6Ip_c8I6Hpg3KCOx1UQPQhIMa-JVDNtGfTtzHv7D606DGGBmhTF0ZiW7K9tfsiEtwyQo8cgpUSFTEnUOFN7iOQ9if7Zk3sXhuMrbjt01UxdDWKh-ue6xeyktnLs/_/mpumessage._adhoriz./leftsidebarads./googleadhp./adcase.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwQWmLjf8sNQMgrE_af2VgB3CsMpQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68e87966ab23c3604350635d2a1f2a03492c7a972477f8b682951f5e2f1db408

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yI0Z6T65QaI4EUcX95q23w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yI0Z6T65QaI4EUcX95q23w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDcWLL6vVsAjue73nNCAAA9S3d"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 158ms
157ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3baf8515d6fea2e669fc7e1c01b8a7e2fae8f1ea1e28395ff8ce6a553fb50f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51092
x-xss-protection: 0
server: cafe
etag: 7580563265815679480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 08 Mar 2024 09:28:40 GMT

POST
H3 204 AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 239ms
106ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yBxNveb04a1HVVTbT5BpeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-yBxNveb04a1HVVTbT5BpeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcWLL6vVsAjuuPtnMBACN-BHW"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://usa.businessupturn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3594 0
0 126ms
125ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=500399564369094&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

POST
H3 204 AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 108ms
88ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4_fJGJDK-_WfH-mYtABI8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4_fJGJDK-_WfH-mYtABI8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcWLL6vVsAhOmLF_NBACMHREs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://usa.businessupturn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A70B 0
10 B 65ms
64ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KEJAew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 92ms
89ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GM_RfFqteI48aajoeRBxvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GM_RfFqteI48aajoeRBxvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcWLL6vVsAjMa2m8wAQCNAxEz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://usa.businessupturn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 108ms
106ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6ahB-Q0bq7vBXjFUL8tMAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-6ahB-Q0bq7vBXjFUL8tMAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcWLL6vVsAiu2n3rABACMhBG3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://usa.businessupturn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVD28Bav0eFiaJDDl7RIH0Ek8JxHj_knFbQroadxBfZJvcjXvZfH7TKlxcLcs2_mO5G73JAqWzQkOf3PonXLVAZB4J9zyWk_ivPPxdvRm6rBk_um6LLuzRfcwb1yH9dvof2EH7-ng== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 109ms
109ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVD28Bav0eFiaJDDl7RIH0Ek8JxHj_knFbQroadxBfZJvcjXvZfH7TKlxcLcs2_mO5G73JAqWzQkOf3PonXLVAZB4J9zyWk_ivPPxdvRm6rBk_um6LLuzRfcwb1yH9dvof2EH7-ng==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODkwMTIwLDY3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdXNhLmJ1c2luZXNzdXB0dXJuLmNvbS8iLG51bGwsW1s4LCJid3JNY3M2WmNZZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7770dd85c25661e999661b7da101133ff8b85fcbc9222622cf1e6f08288ccd5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WTCQdG55q2FtAX9PQ-MhvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WTCQdG55q2FtAX9PQ-MhvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDcWLL6vVsAjsmvH7EBAAFPS25"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
89ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--1pRIV-7WGvYwkMfAcJcAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--1pRIV-7WGvYwkMfAcJcAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcWLL6vVsAjua-ycwAwCNOBEX"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://usa.businessupturn.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUnMckIEUxoAH2BuH9ZSBqzv_dyB456lqv-Bo2Iox7SbPKAY2W62wZRuAXtcmSGFhrd1lmJ3TZeOCmbA9tvulj1WxDH9og4jTv3CCFy7kb3ebfKsxnVVzwF1gzu4t5Gjv37sLXKDQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 102ms
101ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUnMckIEUxoAH2BuH9ZSBqzv_dyB456lqv-Bo2Iox7SbPKAY2W62wZRuAXtcmSGFhrd1lmJ3TZeOCmbA9tvulj1WxDH9og4jTv3CCFy7kb3ebfKsxnVVzwF1gzu4t5Gjv37sLXKDQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODkwMTIwLDc5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdXNhLmJ1c2luZXNzdXB0dXJuLmNvbS8iLG51bGwsW1s4LCJid3JNY3M2WmNZZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e16f01cc9d668153012f25f248520ee21abed849fb66d7e2a35a32e102287b0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0hVg3uWr56r86xZofVvLFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-0hVg3uWr56r86xZofVvLFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw0pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEw3Fiy-r1bAIdb5pnMAMAOVAyNA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXteQBmkIskzp72CTg0nBKq4t00evdg_z8yp0AMs8anID5PejBzhpDYXhnrjdgTq4DT1fs6WD3FkSRui_L4VDUPPHdT1EllPmTW0mnjYmHMGp_oBTpfswVNaHi-upzPhou-12UWwg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 100ms
99ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXteQBmkIskzp72CTg0nBKq4t00evdg_z8yp0AMs8anID5PejBzhpDYXhnrjdgTq4DT1fs6WD3FkSRui_L4VDUPPHdT1EllPmTW0mnjYmHMGp_oBTpfswVNaHi-upzPhou-12UWwg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODkwMTIwLDkwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly91c2EuYnVzaW5lc3N1cHR1cm4uY29tLyIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fff095059c9653ff09b135bf3e5d9b42c4be658b7af225f2af62ef171ad5ac43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-82quO4TCB4tf4OBnBvuOfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 09:28:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-82quO4TCB4tf4OBnBvuOfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTDcWLL6vVsAjOe3DrFDAAD0y3B"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWy9O6Q5MNt52selaH62YuRNiiNDcoT8sg8hhOdBVEalcdcjzlCSS_DkplToCqS7SATbMw5B9ng1FK0KAAn1B65dIQraOhzpQwd387kpWtD35zgJFIou7R1lS7y4fqnaYKzx5ozxg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 94ms
93ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWy9O6Q5MNt52selaH62YuRNiiNDcoT8sg8hhOdBVEalcdcjzlCSS_DkplToCqS7SATbMw5B9ng1FK0KAAn1B65dIQraOhzpQwd387kpWtD35zgJFIou7R1lS7y4fqnaYKzx5ozxg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Bp6jCEDHzPavFyyRlgO_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 09:28:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1Bp6jCEDHzPavFyyRlgO_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNcXLL6vVsAhven5EDAHqoETQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://usa.businessupturn.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 110ms
110ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUiWXcYsqV-vVVFucH_qPyqyrPgm7JNfi7e18EYSj7HDNMSN3N-fHItg96n4OFdnVGvMwciaa_29lZDd_2-GQH10VANkOH1o58PcJ9avHBxq0DL4rBOkbx-lAussonjkaLER6lIQw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IotdkvlQPPjFxMDixPPDag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://usa.businessupturn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Mar 2024 09:28:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-IotdkvlQPPjFxMDixPPDag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw15BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNcXLL6vVsAidmf1EHAHrsESw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://usa.businessupturn.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
126ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=500399564369094&bg=!mpmlmdbNAAZsmiNCTJo7ADQBe5WfOMGI0_j2qm97xPZflX1C7R1ZCTBQin9ZMR9s_n5nWWWI4MDt_qZ6xFtrL3hzY2wVAgAAAKtSAAAAAmgBB5kCyNz5hdPitwCU9-JoL_krpmUvDNBI2EdIJWsz0JkL80lXSdorHGZf3JiI6witoQchv-HCv2qONHmIidpB-7AcBbwUvILAZD04ly56HaCUyIAqA713TWIhO-Scjxt6pFG0bxO1CEvty_k7bTcouQTDBZUs9aCu12e1fWVkn8odJ_DSKO7EPyMXxQ_ZxYBJCWUbbjlLojRzn8ngSeO05Bb-CrfQ73RVlmsKw4N-OxqYhO-5ulHmJF2sHE0U0ufVD71KMVnc3A29vZRmbakhNvSN4NTs6JMDaycDfkFH7vi_ULMJqaeVtAUKXV07IgdIvAsJrEDjlrGZ5AnXPwHQ33M78Qi3DcHuyE4H2cpmlrYzyxUwvVBvXuF7G1JhTHZLQSuICQbB3vzup59YXyVljP52-cV-HNIfo0ucySINEEXa9pXiyNMxpCxqlxAPgHDBG0whdgwz-bb5zzJmesTNoCk8hNH95MvEDkHWRllel9HEh2i6LDWRNL_cEZAD65AEGy6XZqEsOmxMxh2fHAFaRbJgb4sqSIRjQzciUp8j6lPk_aDKQUpAiJS9hvU-WteKE9U7FPBQ87FaqvpWFyx-ajL93rQ8j0cIdvTaPNBnYic54qIkT9uIt76jtZom0fPy2b-dfDjZ3TYkAz61fqiaOFy0yTTHhDCz50tbUIbgvPbC1wDpclfgUh0axqpRlMbvarYprZELlRdBVrXxRV-WZZERun-5w1yw2KCV_zbzKsS5uAk3I0wca5ENIg3tyyvgNXPI8jfosbGisCfz7LsNSDQxgGlNpeYpKWEnurIINwmkw4MIHAem47-9mFUK9YXxyL_mqhTdc2DBFwh0Zsm8zS_kr_0_gQyLxUw2I5bgbjN62dnL49qST1dFn35eKZkNFJetfbl1AgcEFwx-CdDeR0Pkb_GkWj2qxklCaKkvFA5LJTqaqdSrfi2TmuU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://usa.businessupturn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.businessupturn.com/	1970-01-21 04:34:10	Name: _ga_7TS7BVXWNR Value: GS1.1.1709890118.1.0.1709890118.0.0.0
.businessupturn.com/	1970-01-21 04:34:10	Name: _ga Value: GA1.1.431236098.1709890119
.doubleclick.net/	1970-01-20 18:58:11	Name: test_cookie Value: CheckForPermission
.businessupturn.com/	1970-01-21 03:43:46	Name: FCNEC Value: %5B%5B%22AKsRol8slg-ueXzp5bdnKyxF2zaphNoThG_WwB39qZ4VEQgmQbz1Yz-OwmLkJkgHlg5s1-t_5LUJrM-vZFdqA-Vo5uvlRuZ-xuGS-hsdJ33wgOG2ZhfjCNE6sOlv5dAh5XexKAzeV5gdahJN4itS0L_bJ_3utCSIRg%3D%3D%22%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://usa.businessupturn.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mail.65-21-22-232.cprapid.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
usa.businessupturn.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:36::178
2606:4700:20::681a:c18
2607:f8b0:4006:806::200e
2607:f8b0:4006:807::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2001
65.21.22.232
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
05bf4e82601ef9a342dae147e3f3efcb8cc129d1a4dea862726c5ca91b078bec
06cf67646c66db9753193520f98ce62c0edd95bbfb3492cc408a277046f8915f
0ba0d0d1cee0e87fdb22d792694e70419fa88c5f2073bdea4eb74e983b586f02
100d2052f31d9d75aff54653003b1f65cf9c425b6facf7ba51b7398aba5e39db
1086f05f613389cc46dcb42c927b59e47d8404e32e3a1430a578b3de94109fec
118c6a856ac4a00dfdda0c06c30f10ba7188a01cbc5df125a284508c4fc12de7
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff
184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f
1c574ea95165c23b1b80e016c281bc4fc7feb14256f8b7fdd81115c321249cbd
25fe70cd76914f6805510a5a1a03dccdced16da89be9e6326a5f75e22eeb5d57
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b781a27d93d8ae5d45dd1f62eefc08a812c14675b3f4135a926b6cefad0ee2f
2c3d43f3e7d6fe290873bfd994e571e3c2704e0b804e6b29c4e3da50c3d9d21c
2cbf93d548a873f3bb40812aff75e957be2bd2f74eb1753baf845c89b9862293
2dfa21c825497499fbdf5b7f04ba0d49e95296a54f1ac8d2450269309dbad82b
31fa7cbca6b56f91316fb18608c54126158c5eb3aa75945f0fcd7088f9a4aa2a
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ef3ae64d9e9c507ebbc4f75dfe8cd5ab04d43f7be20e6207995436a93b54349
42d0ce8e0ea69d05fe2685e117682c2a40bbf98cdf25f12610963c5d91812f91
4ca431ca532fcec770436e61abc50c1c2c3da4e6f4142aca710132bd9a84ced5
4de35975f0a5fd128d7678788418dfc1475b29b3b3d22bfa101fd2741c9c0e7a
4e77ee1992354297f65f15e0f4f99c7b22860f86208aeb6f0933cefd05d0bfc1
4f0bdb744445f55e2187f4363b1042ba643cdd8f534491ea8c887128a267a193
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53a109ae24fc82caf487a8dd663999fcb102e7436f9340e04f2597e4292bab89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bfcd289d325aefd22cf12bdfb850b872c70bf5b3c93288d141a9fa9d9a9bf4
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
60672b22ee96f03160c2952b62feae0d615d03e06d04075085f73137bdb01161
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6261d86a0f600f99a30bd078d8517debd921ee373f4492a22d0104cb9e4d122f
671c67c48b01851e8e03b401cf378d31b512d72f05b0bf35ca6c674ff2e27d64
68bab497f4f66a26f7da7fd40a9e823110ab5bb247836827183b1421c2adef35
68e87966ab23c3604350635d2a1f2a03492c7a972477f8b682951f5e2f1db408
723a1f343fe99e60f805712b7035570bc9387354fd77171890c02e73ef257e58
7895c57aa33427aeaf7cbbbd4ad84caf417c86770f192c122d1b68e20491af4d
7c4316274b2a43f901eb790f10be463887ccfe50594284c7586b684166d20bf7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
82fc50abcdfeb6d9ef4306d1cc1bc20557e690b4e37eb68056b91805fab1983e
84389d0278b315106d51ace21f9085ffe713fbeebb353afdca08c658483202e5
84c155d2e9b6fc4dd97d4f8ae175c230ffae868e7e2e13b51ba6a544aea35cd8
88779c1f9e04a15cb6d6254181f7bb8b3ceecaff45fac8d24a182c60847ffe8f
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
98163e66e206af4d0d80f945c066d229fc6ae9b10bb26000d3d3a7883b4bf6d5
9a09a75a3242c8557e52c6f3c054448c38dbec6b97fb5a0bdc2e36c6e22556ea
9dbfa2170a79e214b86b1364de5f7403a26a0e1cc0b5a43cb712e9fc1f0f4b6c
b24932240d7696fec7b9ffaf86e53df64a306043ffa2d0bc4bff1d9f9c6735dc
b29e6b3fbec9bdacf331f867450d176c6fcd5a97040fdfcab4480b7c9aa3092b
c40a3e4a540dc68da8eceb19e617a334cb5eedcc8f73f36d14c33cc2e22f4e24
c4a5a8a7ab5a277fa7f777f9bd5e78690fcf21f32b0428509de8775cb996d928
c62e313a31e38782b88bde1442a20e6e94b99000af71bf8d3db4899928769d3b
c667a15a595e4c357f88e45771c37c1189465b52335d205cb79ec3fb67c7863f
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cca49e951494f26cad079f0f898032e213efd7c69e54c414f032bf5eb02372f2
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1920282d8484e69d4311ded6e64f416d4d32b146e0e450345dceb18f0ef1b40
d3baf8515d6fea2e669fc7e1c01b8a7e2fae8f1ea1e28395ff8ce6a553fb50f1
d89057a3240675db6d6273d40bf23ebc243335253bd173702a2fb7f007634119
dd0dea1f4b0e43e4738f24943e709b8a08458e176cec92e072c2699d2d08cbab
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e16f01cc9d668153012f25f248520ee21abed849fb66d7e2a35a32e102287b0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e874672588c614eb486a3a33a47176eb5aad0e43a06770e4a97f3e74277214de
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5abf3fdab7b6d585e8c6b55412a7e784be7e2a777828addd4f6e6ea3e46a3e2
f6d5ecc6418a43c6a1d6145701c9f3ab495705ab66b9d6d559de241c04e2cdc5
f7770dd85c25661e999661b7da101133ff8b85fcbc9222622cf1e6f08288ccd5
fddf503b8e65fdd0574dd3b66eca131ed07f9813326ef7219f01b974726f2734
fff095059c9653ff09b135bf3e5d9b42c4be658b7af225f2af62ef171ad5ac43

usa.businessupturn.com Open in urlscan Pro 2606:4700:20::681a:c18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

100 %HTTPS

91 %IPv6

9 Domains

11 Subdomains

11 IPs

2 Countries

1243 kBTransfer

4053 kBSize

4 Cookies

7 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

usa.businessupturn.com Open in urlscan Pro
2606:4700:20::681a:c18 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

100 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

1243 kB
Transfer

4053 kB
Size

4
Cookies

92 HTTP transactions
1 data transactions