urlscan.io logo urlscan.io
SecurityTrails logo

mail.65-21-22-232.cprapid.com Open in urlscan Pro
65.21.22.232  Public Scan

Go To Rescan Add Verdict Report
URL: https://mail.65-21-22-232.cprapid.com/
Submission: On April 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 68 HTTP transactions. The main IP is 65.21.22.232, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is mail.65-21-22-232.cprapid.com.
TLS certificate: Issued by server.businessupturn.com on September 7th 2023. Valid for: a year.
This is the only time mail.65-21-22-232.cprapid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    65.21.22.232 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: server.businessupturn.com
mail.65-21-22-232.cprapid.com
42    2606:4700:20::681a:7d3 (United States)

ASN13335 (CLOUDFLARENET, US)
usa.businessupturn.com
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net
pagead2.googlesyndication.com
7    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
googleads.g.doubleclick.net
1    2607:f8b0:4004:c0b::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.251.163.99 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f99.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
42 businessupturn.com
usa.businessupturn.com
604 KB
7 gstatic.com
fonts.gstatic.com
109 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
206 KB
3 cprapid.com
mail.65-21-22-232.cprapid.com
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
158 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
254 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
3 KB
68 9
Domain Requested by
42 usa.businessupturn.com mail.65-21-22-232.cprapid.com
usa.businessupturn.com
7 fonts.gstatic.com fonts.googleapis.com
3 pagead2.googlesyndication.com mail.65-21-22-232.cprapid.com
pagead2.googlesyndication.com
3 mail.65-21-22-232.cprapid.com 1 redirects
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.googletagmanager.com mail.65-21-22-232.cprapid.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.googleapis.com mail.65-21-22-232.cprapid.com
68 10
Subject Issuer Validity Valid
server.businessupturn.com
server.businessupturn.com		 2023-09-07 -
2024-09-06		 a year crt.sh
businessupturn.com
GTS CA 1P5		 2024-02-27 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://mail.65-21-22-232.cprapid.com/
Frame ID: F95541B806C316CB1664A72053FC9450
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5895752553156106&output=html&adk=1812271804&adf=3025194257&lmt=1712329862&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x875_l%7C140x875_r&format=0x0&url=https%3A%2F%2Fmail.65-21-22-232.cprapid.com%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712397293238&bpp=39&bdt=1488&idt=1475&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4055485265394&frm=20&pv=2&ga_vid=2106263525.1712397295&ga_sid=1712397295&ga_hid=407093665&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081577%2C31082300%2C44795921%2C95326316%2C95329439%2C95329570&oid=2&pvsid=3940894527970157&tmod=1809627017&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fmail.65-21-22-232.cprapid.com%2F&fc=1920&brdim=170%2C170%2C170%2C170%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1677
Frame ID: 50FD426890319B47C1958B88E006F4DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 685ABC62F216DA002B08DE1AA2B5F942
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F6C7BAF202930BF40CE9DF7B5F64C3B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Business Upturn USA: Latest Trends, Insights, and Breaking News in American Business Landscape

Page URL History Show full URLs

  1. https://mail.65-21-22-232.cprapid.com/ Page URL
  2. https://mail.65-21-22-232.cprapid.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=28606028 HTTP 302
    https://mail.65-21-22-232.cprapid.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

68
Requests

88 %
HTTPS

64 %
IPv6

9
Domains

10
Subdomains

12
IPs

2
Countries

1111 kB
Transfer

3656 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mail.65-21-22-232.cprapid.com/ Page URL
  2. https://mail.65-21-22-232.cprapid.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=28606028 HTTP 302
    https://mail.65-21-22-232.cprapid.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mail.65-21-22-232.cprapid.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.22.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.businessupturn.com
Software
imunify360-webshield/1.21 /
Resource Hash
719659d5e3213041be7a87b1cd49ef72049e17a94a24254126f50b02901dbea4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0 no-store, max-age=0
content-length
1486
date
Sat, 06 Apr 2024 09:54:51 GMT
server
imunify360-webshield/1.21
Primary Request /
mail.65-21-22-232.cprapid.com/
Redirect Chain
  • https://mail.65-21-22-232.cprapid.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=28606028
  • https://mail.65-21-22-232.cprapid.com/
237 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.22.232 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.businessupturn.com
Software
imunify360-webshield/1.21 /
Resource Hash
3b01f0877843eee664241e8dceeb33651533cdad01c993c9a84c921361dff523

Request headers

Referer
https://mail.65-21-22-232.cprapid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Apr 2024 09:54:51 GMT
last-modified
Fri, 05 Apr 2024 15:11:02 GMT
server
imunify360-webshield/1.21
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sat, 06 Apr 2024 09:54:51 GMT
location
https://mail.65-21-22-232.cprapid.com
server
imunify360-webshield/1.21
x-forwarded-for
38.132.118.69
x-real-ip
38.132.118.69
x-remote-ip
38.132.118.69
i0bxv.css
usa.businessupturn.com/wp-content/cache/wpfc-minified/2ac0mavf/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/cache/wpfc-minified/2ac0mavf/i0bxv.css
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 21 Mar 2024 03:19:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2LfTyrp%2Fd9vSk5wL%2FcsD%2Bvk6AuKpkN5ux2rVnmYfeFiYJ3qxqorUXG4hN7jLkcBHKFcqEvzpDSlTu%2FtSfIqAfDDKNtLqorPAOzeLciRKw0lS%2FMYjrV2zN4WYqR0mVz8Qxz0up4kOiLt3iK%2BekgIypkJAN6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
8700e6233f76a53a-MIA
expires
max-age=A10368000, public
i0by0.css
usa.businessupturn.com/wp-content/cache/wpfc-minified/kxvptwk6/ 		479 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/cache/wpfc-minified/kxvptwk6/i0by0.css
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7663ff3d0d0c2ea4c325157450139fa0afaf1bddb25f981a788e927eef5c3df3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Mar 2024 03:19:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRiJVKB36Vx3ySElWkaGTYG%2BPvuMFsRXKXKKY1xE%2BR4ChJqdvE3oQJ8p9gK2IW0NlX0eDRsnnBBzysboniA9Z6WbYBGV8gne99DwWMZxqk3WhFlzuzbnJZyG7nE4IqBW2Gm6rKh%2Fpm2uiY2jxC156mE9gmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
8700e6232f74a53a-MIA
expires
max-age=A10368000, public
style.css
usa.businessupturn.com/wp-content/themes/publisher-child/ 		341 B
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/themes/publisher-child/style.css?ver=1.0.0
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b781a27d93d8ae5d45dd1f62eefc08a812c14675b3f4135a926b6cefad0ee2f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 07 Sep 2023 18:43:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhYMXHGm77uxtQNC7dKL3g1oM9ti1uGM7cmKCz2105jTgWpL7Vm1kK4%2BtNGmLffbI66HmRXdwvE%2BTMtMQAlM4cWbWqAr0oCdUlOW62jCTjKdb%2BBVmftDyDN5Q3fscdyua2p0z5dRBcfpJmm8ynPlDzJVBaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
8700e6232f72a53a-MIA
expires
max-age=A10368000, public
css
fonts.googleapis.com/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b746e70a6f1bcd544697f49a763ed7b8987ce6e0b8dea34c92e1d56ce7029b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 09:54:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Apr 2024 09:54:52 GMT
jquery.min.js
usa.businessupturn.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 08 Nov 2023 05:56:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZ2LQtRNdgkDwW2ix4Ticq4G8WsrFdaDFW3lrJslv7K3wdFXstu0bbM3ljjYi%2BOga6FlI5mFRAuWfsSfkCe8JG5wcGQfGi0dWTmj%2BKwePfghD4z%2BtAnldtMUmDnnblQQbojmgmAbnEMMdOE85f%2FQ4XUbOLA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
8700e6233f7aa53a-MIA
expires
max-age=A10368000, public
jquery-migrate.min.js
usa.businessupturn.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4nfZw%2F7hoCHN1UulT%2F5MKFx5LSRkdHMGicDWNTjteYRRoH3wFt6Ac6Bl9RxCP%2BD3%2BD72oFeL8pS9ajCpPr84sq%2BgQigFY2RFech9B3k1xOTwGmB5P82pWXHsXXU%2Bd4iZsjKva0PKJa%2BgkiJLCgV7cSH8RY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
8700e6233f79a53a-MIA
expires
max-age=A10368000, public
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5895752553156106
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b584a59b57c44d1e709ad47c52faeafd50082429b9b9cc689cbb9c03256f626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50844
x-xss-protection
0
server
cafe
etag
6490858718668959976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 06 Apr 2024 09:54:52 GMT
i0bxv.css
usa.businessupturn.com/wp-content/cache/wpfc-minified/g4h5zl13/ 		933 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/cache/wpfc-minified/g4h5zl13/i0bxv.css
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1439f37881392721421c97474a9bf9c7e06924603ab903d55ea3a2ce15e6c1dc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Mar 2024 03:19:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNrZed4wGeuU0rb%2BoH7zMhynUgu1Sk5xay4BRce%2BGNQBETVSdZZNv1l7WYkI2LqCcn3cWn1VSWFWMxHVFbuEycuuT%2FqKwo45McSz4GiFoTI6VcqPQof7iIf%2F%2F%2B1fzpRw%2B3p2eHy4fiJH4z69Bq5%2BOt%2FESTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
8700e6233f78a53a-MIA
expires
max-age=A10368000, public
5y6w8.css
usa.businessupturn.com/wp-content/cache/wpfc-minified/f3ybn3gk/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/cache/wpfc-minified/f3ybn3gk/5y6w8.css
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0dea1f4b0e43e4738f24943e709b8a08458e176cec92e072c2699d2d08cbab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 05 Apr 2024 15:02:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDe4pKN3URO59riQOaQT7QLqMvKD0KVUePAF7nyQ3F1LQPAZCj20f%2BypYhAIlLo0lk9rqsILXCBXF8c4832DNpZzDG4a4Znk5lnJIf64mJ0Qw5mByFiZfhr3ikAvmiZb2zJWOYvqvNUIzBUBsqxjF0ogym8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
8700e6233f77a53a-MIA
expires
max-age=A10368000, public
upturn-logo_final_Artboard-1-copy-6-1-2.png
usa.businessupturn.com/wp-content/uploads/2023/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2023/08/upturn-logo_final_Artboard-1-copy-6-1-2.png
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118c6a856ac4a00dfdda0c06c30f10ba7188a01cbc5df125a284508c4fc12de7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 14 Aug 2023 16:31:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKFdAmUiY3vOjiXOGTdJtCy%2BHxKTrvDsIyhBv8zr%2Fcj9n4BPslpB0GdgmXH7y%2F5kdQeeA0RSLP%2FyXrLPT398kioTxJ5RUq6y2k1f5x1E13xdDfoL2jBscAgKsf%2BT%2BHjAzoCW4jbSwuKROhIbxSwSX4HeATU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e623ffcaa53a-MIA
content-length
9188
expires
max-age=A10368000, public
btc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		1004 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/btc.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d5ecc6418a43c6a1d6145701c9f3ab495705ab66b9d6d559de241c04e2cdc5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvbmU7zw8mN9ZI7ft6%2FNkaTXDLsD6MASwVcQdyAWoxno9udKH00SSglsC%2Bw0PpyF7dNLyRcaSJD%2FgQ3EpaZUMY8MEbOagZqlKTm46b8kdcREUP%2FCygaq1b79vmV5ZBUs7Pvk8hBTd3JJWXdbe8HSDVQHCrk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e623ffcba53a-MIA
expires
max-age=A10368000, public
eth.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		550 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/eth.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a109ae24fc82caf487a8dd663999fcb102e7436f9340e04f2597e4292bab89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlNA81IgkfXHEvlT6%2Fh3q8g673E58IFoQxg1fuZ0bprP4hIBugqL48ITrAf0zuz6iCtMFxRqYwAYWYnDjSgndMlCUShDP%2F1ceM%2F6XgXM612MrGp4i9Hfvc%2BCPQN6Q74ZKqibaAqWQTRvm7WJ7AJ22GDM0JI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e626a92ba53a-MIA
expires
max-age=A10368000, public
ltc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		588 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ltc.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6261d86a0f600f99a30bd078d8517debd921ee373f4492a22d0104cb9e4d122f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uQdYAK9mymRVG63mi5Vgo4HwAPZ1HCc%2BSCEHJhSK77Q%2FCGYN83tlEbeQMUlzKUjPK6SA8AZ2dveOJC9G2rymEUGkkUCszv5JThws99ODXqQsyUbVyjyTJOvrwxHHmuJ9CNi2oBzEW8KopO3Mgkx5WhVfFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e626a92da53a-MIA
expires
max-age=A10368000, public
dash.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		540 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/dash.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dbfa2170a79e214b86b1364de5f7403a26a0e1cc0b5a43cb712e9fc1f0f4b6c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ca1GZXE32NphrKgClsX5qMEa9P4lPvlFTzoQQadYcYN%2FC7fiAhMSqpYnbsy9OrHOnQhgyiXqeCC9t%2FiMhyC5MzQltptuwihfNwq7dJChziaiCyE17AQq24HZv91nVYCCmAZZobR%2BsYOu10e5QHMN03vtqak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e6284a4fa53a-MIA
expires
max-age=A10368000, public
xmr.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		438 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/xmr.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de35975f0a5fd128d7678788418dfc1475b29b3b3d22bfa101fd2741c9c0e7a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVJ5NSxtjGec%2BUnsWVL3isz9uOXYFxnNZR10bGpbrHGUeYn27nh0mu6Yym%2BJNaFNFa5%2BXLi4VKYg6dlURadL6NSdYmGx1WIIc5Jtt4wlP1z09SJo%2FuB5SgGc9Z8HGzRurWOS4Vd5R8bR52mp9%2BYvf47yhZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e6284a50a53a-MIA
expires
max-age=A10368000, public
nxt.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/nxt.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fddf503b8e65fdd0574dd3b66eca131ed07f9813326ef7219f01b974726f2734

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qme12Ztqxeb9pwcUqp6rqMgdXv1SYvlOMxeczPUfY91xROs1EEvnHePl0XXSvT294MFRf%2BGLWlgfwn2ODEBlBT6TQXro2m2nwFwaNhFUJ4jfkQceXNz4ZxkIal3X4QUCNva5qiLbqkw%2F1coMTn2ciY%2BudwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e6284a52a53a-MIA
expires
max-age=A10368000, public
etc.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		327 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/etc.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89057a3240675db6d6273d40bf23ebc243335253bd173702a2fb7f007634119

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2BBRZqOv6FDQhTHmdJ0xdvf4H7wpoia3TVypDDJIFF5s0rvA6SjHw1RuemL0DA4AJRKEbXpSALBAl5Tgt%2Byl7mwtGA1wf2gZK0rbaaBLFPQqkElNQq5oLMtmwphv677aW1Cw%2Ft5PkQoVFKyx8ko3y6ryXcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e6284a53a53a-MIA
expires
max-age=A10368000, public
doge.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		491 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/doge.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4316274b2a43f901eb790f10be463887ccfe50594284c7586b684166d20bf7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTkyOiyl8ESMDHdi5UbNC%2BUyEOT3x3x7rX2c6ciXb%2B6q0z%2F4TelUYDMCnISKE1KJrRO0CziqTyRzkvMxFq%2FkbsVWnJ%2F7Mj%2Be2JZ5j5MF52YeZKtRg3x61dbHvHcICCqRJGEF98TQSTZ6SZDL4wwJo6twd10%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e6284a54a53a-MIA
expires
max-age=A10368000, public
zec.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		1 KB
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/zec.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fe70cd76914f6805510a5a1a03dccdced16da89be9e6326a5f75e22eeb5d57

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLGFYXOLQzg%2F7N7IsnmcPzZl%2FM5KLCqHJKvRUR76pHHZ%2FVAbcLfFUl6I%2Fj21X1j7HfguOlB%2Fon36XCwz%2F0t8gRaPYEeBHD2aZol8hKJqmYU19hLoEJKE2UzMEuaQnnNNMbqL38KeRkOXBDu15E7RmxFD0AA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e6284a55a53a-MIA
expires
max-age=A10368000, public
bts.svg
usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/ 		854 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/plugins/financial-pack-pro/img/coins/bts.svg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29e6b3fbec9bdacf331f867450d176c6fcd5a97040fdfcab4480b7c9aa3092b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Aug 2023 17:34:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljls229nKCtPPBPK0yv%2FBqa9vTwb3DiPdiUNOTqPOGCYorpv2NonYwYB%2BihreVaROYF7GwDq8b1i9y7NXY7m32uXRSC7NKeVS0%2BnMC7zlHDXP6eEwhOBVlGiTfYLAjpbYO7waHPesoVa3qtwFEZctX9rUuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
cf-ray
8700e6284a56a53a-MIA
expires
max-age=A10368000, public
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-282251473-1
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
502c346bc82e2cc31eb8a8a41855b4b15696926c989c8bacbf6f3492b95b79de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73332
x-xss-protection
0
last-modified
Sat, 06 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Apr 2024 09:54:52 GMT
js_composer_front.min.js
usa.businessupturn.com/wp-content/plugins/js_composer/assets/js/dist/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Aug 2023 17:34:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FrCtRSu%2Fm%2FwfV5y5Dfm1lb2I%2BK6UYh2%2F0hOBROL8cvMgVM2cG%2BeoPdMw4WUvCHXlvpffkWKKWGcQRl2sGVEc3l6Klnx%2FhvuwH4XvCN4Njj7e%2FHLDj3k5KBctZgGS87yv5JrLWfwESlfZdLCJ3eNSBQ%2BTkH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
8700e6284a4ea53a-MIA
expires
max-age=A10368000, public
49a8ae838bdd47a7428755259fc4e87b.js
usa.businessupturn.com/wp-content/bs-booster-cache/ 		305 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/bs-booster-cache/49a8ae838bdd47a7428755259fc4e87b.js?ver=6.4.3
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1086f05f613389cc46dcb42c927b59e47d8404e32e3a1430a578b3de94109fec

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 14 Aug 2023 11:46:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUbdRYvVQskLuRYPSbg2ymNr9sxxNIXZGohyRClkFI20bZaNs8mhwKITA54zon3hAaTiQ7Gf%2B%2B9mXEahLBntOlb54VzmawpO4uNbsNNUqXfLdegZaX4GU3zZI3h%2BNhEA2cgp6x%2Bn3%2FnTE74CVqQ5uYnn44Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
8700e6284a57a53a-MIA
expires
max-age=A10368000, public
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5895752553156106
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
a202ee652b1db82ab5b498f14aa658181db9e3f3c7b8932ed1076a8b60efcbbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140988
x-xss-protection
0
server
cafe
etag
16730548716963794622
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Apr 2024 09:54:53 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 08:08:11 GMT
x-content-type-options
nosniff
age
179202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 08:08:11 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 19:25:36 GMT
x-content-type-options
nosniff
age
138557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 19:25:36 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 19:38:36 GMT
x-content-type-options
nosniff
age
137777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 19:38:36 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 19:36:00 GMT
x-content-type-options
nosniff
age
137933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 19:36:00 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 19:46:35 GMT
x-content-type-options
nosniff
age
137298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8668
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 19:46:35 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 03:23:01 GMT
x-content-type-options
nosniff
age
196312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 03:23:01 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v29/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,600%7CPoppins:400,700,500,400italic,600%7CNoto+Serif:400%7CRaleway:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://mail.65-21-22-232.cprapid.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 19:44:11 GMT
x-content-type-options
nosniff
age
137442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22420
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:56:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 19:44:11 GMT
fontawesome-webfont.woff2
usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 		0
0
bs-icons.woff
usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 		0
0
js
www.googletagmanager.com/gtag/ 		242 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7TS7BVXWNR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-282251473-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da067e5fdb1d8fa65afba15fadd749fd657c98304d8b98d67a3922dfc9391219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87891
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Apr 2024 09:54:54 GMT
bs-icons.ttf
usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 		0
0
fontawesome-webfont.woff
usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame 50FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5895752553156106&output=html&adk=1812271804&adf=3025194257&lmt=1712329862&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x875_l%7C140x875_r&format=0x0&url=https%3A%2F%2Fmail.65-21-22-232.cprapid.com%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTA1IixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEwNSJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTA1Il1dLDBd&dt=1712397293238&bpp=39&bdt=1488&idt=1475&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4055485265394&frm=20&pv=2&ga_vid=2106263525.1712397295&ga_sid=1712397295&ga_hid=407093665&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081577%2C31082300%2C44795921%2C95326316%2C95329439%2C95329570&oid=2&pvsid=3940894527970157&tmod=1809627017&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fmail.65-21-22-232.cprapid.com%2F&fc=1920&brdim=170%2C170%2C170%2C170%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1677
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.65-21-22-232.cprapid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 09:54:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7TS7BVXWNR&gtm=45je4430v9138853563za200&_p=1712397293569&gcd=13l3l3l3l1&npa=0&dma=0&cid=2106263525.1712397295&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1712397295&sct=1&seg=0&dl=https%3A%2F%2Fmail.65-21-22-232.cprapid.com%2F&dr=https%3A%2F%2Fmail.65-21-22-232.cprapid.com%2F&dt=Business%20Upturn%20USA%3A%20Latest%20Trends%2C%20Insights%2C%20and%20Breaking%20News%20in%20American%20Business%20Landscape&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4403
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TS7BVXWNR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 09:54:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.65-21-22-232.cprapid.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.ttf
usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 		0
0
IMG_8216-750x430.jpeg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/IMG_8216-750x430.jpeg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb75d9536dd62eb44dcc0318ece994aba88fa16e3e037b554871ea2008e545d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 15:03:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Inb8P0gWYsXs3qtBFk7z7Qu5TIGw0YUKCo8n7CP22kNQRwXM9vadk24i1cD0yn%2F8crZoz%2F6wRvLG8%2BU52N26%2F2ThcTcr3SGT3vD8JnfzU0sZKShjfN7tHVom3jntmW8AXYE%2B9rsYUg3vGM5ss%2B8Va3zNsR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badbaa53a-MIA
content-length
34357
expires
max-age=A10368000, public
IMG_8215-86x64.jpeg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/IMG_8215-86x64.jpeg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53385017fbb63fbbf9249c76f64f736bb25e24f351f9faf05942d0949ebe2d2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 05 Apr 2024 15:02:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZhW9rZ83iibVS89HvRM6P82boELIDTu6Lf43uTrG81%2FQYY5RgQZTOZjQOileIk4ETQvgmjCFwMvt5oxG94lvSp0r7v7ZxGu3nsSCejk%2F3Ubp3IQ50Goap2USqAu%2F6QwWXAPthM6SwbMC17ackqPPacDRM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badbea53a-MIA
content-length
2142
expires
max-age=A10368000, public
IMG_8218-86x64.jpeg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/IMG_8218-86x64.jpeg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57a9e4cce21cad1af4cd9ed3c0a93b552f5a3540a66b565a8a5b13447dde2553

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 05 Apr 2024 15:01:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbY5tsF6GAZrKc4bP8NxkdSPpd%2FXcXoUeZDwDKgLWUiaaLo4YKCGc1Kg4D3rq9IeoV532WE7uGj6YnZHFAFMcM%2FNLX85Cp8gWwO625w8WHYEVDJBzKsL9HVea3Gjg9B4Pu48rDRq29JxIWwVJVMkYqjvdRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badbfa53a-MIA
content-length
2175
expires
max-age=A10368000, public
Safeimagekit-resized-img-12-86x64.webp
usa.businessupturn.com/wp-content/uploads/2024/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Safeimagekit-resized-img-12-86x64.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6731d3a2a0cac6b69584abc178a7a0e59779ac7b47deb0d68800a9b2569d63

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 14:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J99UBZ9Tu6ndj7jmgFeWcTL9AldeEOQAL0iNhkMi8WoKKnVvy3TPPw5Tb0hrFfW6W1t2tMUwOrl1mJvO%2BDCaSUNqveEqxm1RB%2FpyKZynCRZKVYwPKizGh3lejUuWMDHnSMiA4ZStHVrn2wBV%2BKElI6jhe7s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badc1a53a-MIA
content-length
2172
expires
max-age=A10368000, public
01460ABE-F7CF-4560-A54D-FD34AC119E09-86x64.webp
usa.businessupturn.com/wp-content/uploads/2024/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/01460ABE-F7CF-4560-A54D-FD34AC119E09-86x64.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da0c239724965c175fc1c13d8faa6074449baf4241c0ad6a08d6e856809fe6e9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 13:57:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AkB%2FSGgJ%2BCj4743Pfuzq0Ri5zSY5Xg7Ac2AeKSK70NdNOc5n%2BsZ%2BGid3Bdv4UBNIqIXYMFEGw2Y7R0f7lsrFSP0tw0rzh6nPJipqAJzq%2BX5VggIOOF1TkB51SLJFqgrCdEEKQ4aKnS7BD9xeJ1tM4CQ60vE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badc2a53a-MIA
content-length
2592
expires
max-age=A10368000, public
3E9DC294-685A-4633-8260-A165E0FF1BA3-86x64.webp
usa.businessupturn.com/wp-content/uploads/2024/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/3E9DC294-685A-4633-8260-A165E0FF1BA3-86x64.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0033ac8700392ee9af18e167e5092b0fb971f453568c78a733abf996e20ebbfa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 11:23:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I965Kp8T9h1v6dzLWk1wj4Q%2B6rP8HiAfBjR3iYuzcc2gNvJcokPAwZ%2B2hZXTa9BwGsUJkMrRKAQpoG5g2WWqoHWbgs7j%2BixnYYDrvmYiAOA6ZTQNRqXiOFIRTGrTDRC6MGVQYLCRLChbZyn%2F5JtUUPpCqQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badc3a53a-MIA
content-length
1224
expires
max-age=A10368000, public
Gaza-1-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Gaza-1-86x64.jpg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f70bf1df5bfdc0a57cca821ddcc2b5b87e5d3aa04f7ce530b1615c964155ba8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 05:35:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJq05itE04megthAtA%2ByAS4xAwSrSOMAlrT2zoA9r7qg%2BGg56YV4rxuSQjITfmP1%2FsrFimn1d%2Bc%2FJc1d0UbSQ%2BANXcT7Y4nujciS08UFG5HNiirkbpSRDILFDWVoVaENYQz9QVnxgnUB7NILA6PXl2EMwxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badc4a53a-MIA
content-length
2870
expires
max-age=A10368000, public
Safeimagekit-resized-img-46-357x210.png
usa.businessupturn.com/wp-content/uploads/2024/04/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Safeimagekit-resized-img-46-357x210.png
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb65f45cb426fc598912314e1ada930fb329529299c134d7f51f80ed7dafdc72

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Apr 2024 10:10:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BB04ANv1zd%2FZjojDFWOzWFwy52YH8LJDvxdF4bOkzrAy4%2FMo5Jx2iIby88yZmBt%2FkZr5R0mzWtQhoStHo7BN42p%2BN97Y%2BSouGBs0%2FvksEOcp5cMHK%2FULwkMUvVFaV955dzGJT5FRsIj0jPuMQl7xG3J5xhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badc5a53a-MIA
content-length
142240
expires
max-age=A10368000, public
dune-book--86x64.webp
usa.businessupturn.com/wp-content/uploads/2024/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/dune-book--86x64.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8dff98a29287b510a3fc2722b616da877061caf54247c54927a393531ca49e6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 14:12:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=by%2BdA6ca%2B4HNoqRuuW2AUCI0%2BybQ%2BO2IOzT7lTx5yC%2B%2B2s0B8NJ7WfeFEky7rdZ1999O539snp%2BrOIC4fEc5ucvWDMaPE1WM2n9kAvWHrt7kcOgSO%2BewOnAZnRH2jTXr67eCo9Bn3ilwhXkZu60Z%2FyC%2BIxA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badc6a53a-MIA
content-length
2480
expires
max-age=A10368000, public
Timothee-Chalamet-as-Paul-Atreides-in-Dune-Part-Two-86x64.webp
usa.businessupturn.com/wp-content/uploads/2024/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Timothee-Chalamet-as-Paul-Atreides-in-Dune-Part-Two-86x64.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b808b341ed9dca07e6406b9b6584c95ea64d2e21e0b286ba8e6d682f1a79cf29

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 14:04:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2hkOs5EDcEK%2FGCrhlsmdi9PJcYQd9q6h0ke84udftwHgBPy2txUoaoTIE5VtNdBQsrwKqCqg3su1Wl3i8lcJPcjXJFkRHOt1VDCcBYT4cpNryjr7WA8Hh%2FZ9VyAWjnv0fedMIDYAD0dCi7nOaqcTA%2FALMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63badc7a53a-MIA
content-length
2144
expires
max-age=A10368000, public
Taiwan-2-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Taiwan-2-86x64.jpg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca032eaa60a31012563b316bb3e4cc2258002b462a5e981ae2da765de21281e6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Fri, 05 Apr 2024 05:07:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4i1Dx%2FNiCmtpNJZaFlXe9skgglZ0%2Fn1bZHEgqL1lcfTLiEYRzR2tTK7PFcu3omjY2Bc4noH2eAmbpICscInfJH6gdNoraw06QlJBjvD6BO3pTlC3jWWTRhGIDmYNgZnqiGhedQ1niEySbLgcuiEIN%2FWRBxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bdde4a53a-MIA
content-length
3214
expires
max-age=A10368000, public
Untitled-design-188-357x210.webp
usa.businessupturn.com/wp-content/uploads/2024/04/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Untitled-design-188-357x210.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855b99bd9af71ea2ad38516badb0e9393ca0b476e71be43d8e3858a37d43a562

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Apr 2024 16:25:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxfnw9JsjQTgiSzaVDYDh9CZv%2BMLNqjNmUL65a1OMjAevx2eHHS7jLqo9DfJPYfmXd5XebscoxfWWy8czFdZpWBzdh5ZQm7Rw0OS4NHWYdM6gh%2FQy7m2Yiz7%2BcXE8sHNxh9N5qixwKM9C84hMUhg2ox6IK0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bdde5a53a-MIA
content-length
6182
expires
max-age=A10368000, public
Muhammad-Ali-86x64.webp
usa.businessupturn.com/wp-content/uploads/2024/03/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/03/Muhammad-Ali-86x64.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7f69c1ebb6d3f5c3f083fcfe12530a6383aa90f54d6919ae4ace5544574024

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
EXPIRED
last-modified
Sun, 31 Mar 2024 18:01:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hzYESxkoYCoX87VOLW%2B8nu1H5MBmsmAQNrQqU82MYPjm9mhkBaeT6vfA0xf%2BF7IqRtAxnFPC6KQUyAEZaCPgmkR3Khw9B%2Bs%2FiBvcFirkFQrv5UsRJPDtuc3FAlyxwVHB7UTdCWyfXpvtwgF%2BL6FeSx0XlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bdde6a53a-MIA
content-length
1436
expires
max-age=A10368000, public
jake-paul-mike-tyson-86x64.webp
usa.businessupturn.com/wp-content/uploads/2024/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/03/jake-paul-mike-tyson-86x64.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9965d38256b7624f0b8c86daa8a13d8947581b0fc52e4632467d60b62f88db29

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Sun, 31 Mar 2024 16:50:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntINUSbYS6xajPlFpG9fO9n5V6JnaPF1wikm87IG5eFErVJwA5GxuT9QP0wktXNAjAnhVxtf%2Fd63VmHK8RhZQLgkOWkmnv%2BB5QSN0k6bHQXLsY6FX9niKbxhNCG6vbHWDqubACodNG0XPiT%2FLD5H1bwDvM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bdde7a53a-MIA
content-length
2042
expires
max-age=A10368000, public
Safeimagekit-resized-img-80-2-86x64.jpeg
usa.businessupturn.com/wp-content/uploads/2024/03/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/03/Safeimagekit-resized-img-80-2-86x64.jpeg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a27e1598571a3979c01fd836236f601be6cf5ad95a7b65c740e21813d50f92

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 30 Mar 2024 16:18:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ctbp6BFkWQUubn8vyPyZRoj%2Bb3i21jDw5VW56W9jf%2BfFglgFk6GwhYaMJu2LvnqnBZd6QrJqms9CxlAFyvZK5tzHzs95kmsy7XEi0UiAdacUX6HogryvB5nee%2BfutsVjfSIJ7XV3KKGjD4hnNXmJM5ytwn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bdde8a53a-MIA
content-length
1743
expires
max-age=A10368000, public
Safeimagekit-resized-img-6-357x210.webp
usa.businessupturn.com/wp-content/uploads/2024/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Safeimagekit-resized-img-6-357x210.webp
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b124615cffd156050b1b25119748b2a8603d5463758dd12fcdcf7d95b543c2f6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Apr 2024 14:48:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDYe3YFhaKEZtyMUjKtMRIZUf3SfKSgCVhOlT17z%2FWYTC2bnVSzl89BuzN%2FBbuFge66%2FcsHPn9%2FHBhHLirY4WriEUq61ABgQL2LRl6rhlnDY8X1%2BT%2FR1%2Ft%2FWBrilPhJEYpPTW5q9d3jk%2FzRhNR77WqXkMGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bdde9a53a-MIA
content-length
15244
expires
max-age=A10368000, public
Taiwan-1-357x210.jpg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Taiwan-1-357x210.jpg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb258cb5f8b9289f0730a4247b0510cf4fa10d8e00f08d46493d7d44e0cbad0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Apr 2024 11:40:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oCxlG5BbrOKzDmCaOS%2BuEhQy7XiQrScNy1nMa05CQYorMTUmwEfmypuPusPKRHLzJ3K9M%2BBAKYYsJiERl08iie5SBXTiu%2F2xc%2Bo5tn%2BRC4%2BfvMNn7ROyuWdKL%2Bx3GBy9yspOiN9LiIFpSS%2FoIbStvZ3RQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bddeaa53a-MIA
content-length
21271
expires
max-age=A10368000, public
Trump-1-357x210.jpg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Trump-1-357x210.jpg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7de4b6da8e61e38d14e4feee9bd794a57d6d00f619561f1e2c4be1e4ac8abed

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
MISS
last-modified
Thu, 04 Apr 2024 12:06:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q87tq5EWf%2BkPf9IwdHemJdVMcfSPdGC728aPSjIOXSBasSEJA0BKum409X%2BhS2sG3xK0bSfRmd0WHKwLq94mVlCQF7122Ko%2BEuwBR4H0%2F7sHiOTXITjwOs3%2F2eY3lpvRCd8Ul2pDbELBVRkVNUIoiMxo3Lw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bddeba53a-MIA
content-length
10874
expires
max-age=A10368000, public
Oil-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Oil-86x64.jpg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a75a7adcc10c40b8326a2787ef3ba30738a386d2e6f4ad6aba8d0f876c2f68f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 04 Apr 2024 08:38:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogsjRoIRN1VNNwpNHkguqH0ECN21SZd%2BW8BGtgaAExsvwFAgQOlW%2BfFFxZ3drg%2BKZkdATB8hihkgPbgaB5KRzzNBtrjRrSvre7vNY41zmgwdkOCZyjeOGIHmO99qDADLMaeioJiCkadasCEiRaO86w53gOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bddeca53a-MIA
content-length
2506
expires
max-age=A10368000, public
Wisconsin-86x64.jpg
usa.businessupturn.com/wp-content/uploads/2024/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usa.businessupturn.com/wp-content/uploads/2024/04/Wisconsin-86x64.jpg
Requested by
Host: mail.65-21-22-232.cprapid.com
URL: https://mail.65-21-22-232.cprapid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9196ec15c3a43826505a2b211db1f57df0250705fb7289402f75e263943e680e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 09:11:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeMsXSCEuBx6TXVVzDIcStw0iDJ49IYgR8qq%2BDhHYAHCud%2FkJgV2yHZ9KZ%2BnIRlz7Rx8M%2FAh5PfAT3Cf%2BEeqjZa9LbUUODcLtW%2FJc0fgdNmZQgljZ%2BfcW%2BKSqAo%2Faqx2hLKolHqQkNQ6n7oW53ak%2BFHJ67w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e63bddeda53a-MIA
content-length
2584
expires
max-age=A10368000, public
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240403&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
fe8786e08c9c7fb72c68a43af209cd1527c07a3bdaf5f41c78eb9555abc33e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12159
x-xss-protection
0
favicon.jpg
usa.businessupturn.com/wp-content/uploads/2023/08/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/uploads/2023/08/favicon.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e6963da1f2c10cd8d610fc7b0c119fba9fff62ca018bcdbaff89f2b4d489a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:57 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 12 Aug 2023 17:23:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNKUj1XCLYTh6V1uj1r821JSRpubCnU%2FRDvgET35K7HlWJfIKK31qXjdpLoehOjqKtW0%2FUB8VyzoKpcXCibu7MWgYkOji9wVEA%2FqOqxY7fWoAutBAFlZWs0IogLqw0pxGcZuTpeEYh63DplsGCAhRpMmV%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e640f8d3a53a-MIA
content-length
2369
expires
max-age=A10368000, public
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 06 Apr 2024 09:54:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 685A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mail.65-21-22-232.cprapid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
49209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 05 Apr 2024 20:14:48 GMT
expires
Sat, 05 Apr 2025 20:14:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F6C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.99 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f99.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-POVKCV11sLPfpTcCofLw2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.65-21-22-232.cprapid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-POVKCV11sLPfpTcCofLw2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 06 Apr 2024 09:54:57 GMT
expires
Sat, 06 Apr 2024 09:54:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cropped-upturn-logo_usa_Artboard-1-copy-8-32x32.jpg
usa.businessupturn.com/wp-content/uploads/2023/08/ 		992 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://usa.businessupturn.com/wp-content/uploads/2023/08/cropped-upturn-logo_usa_Artboard-1-copy-8-32x32.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d31ff6ababad76de1a034c05bb779b601a151e7047d96401bb61d4fb703a8a8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mail.65-21-22-232.cprapid.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 09:54:57 GMT
cf-cache-status
EXPIRED
last-modified
Sun, 27 Aug 2023 07:41:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0bqxvZ2iCPgmXtAg0xgrirT4ZIrnDC247FiZI7hGYFdMDAOOhAtN%2FH9OrS0qIEAJf64B5st9cOdko8iv7ewufzgG5hh%2FBvPT4UG8nF9%2BMHEzR0mhbcbBXB27rphDNmN2dkBEG3fAJvG2D7q8rv4TnQFys%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8700e643da6ca53a-MIA
content-length
992
expires
max-age=A10368000, public
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
usa.businessupturn.com
URL
https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Domain
usa.businessupturn.com
URL
https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Domain
usa.businessupturn.com
URL
https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.ttf
Domain
usa.businessupturn.com
URL
https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff?v=4.7.0
Domain
usa.businessupturn.com
URL
https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.ttf?v=4.7.0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240403&jk=3940894527970157&bg=!trWltfrNAAanmIpSh5g7ADQBe5WfOGTVJWZJmu0yUHpog85Y4cykuvwl7oHa4pm7Zu9Kpb9Fp7ipsZ_o8vgZNhvofmfPAgAAAG9SAAAAA2gBB34ANbKzMUPwNHXu22SyxG527Ui3TvLM6nqABVM7SFyTv3Qd9ShGC2STehVhJoz6H6D69qUfcWpSmQKlmRPPa83ZvhDU4xk5AkYCfmKKprbqF1xqcVIp4D-N4CEh8Nc55kGHTYydGlTf2loAIx61quTrZsU9tV3hQFDr3dIHgWEMrjornOnWTBATfWamBpKS9p7gwfequYvrrmAmybjCDW18JuCNwjgn4J5bkajlczrBkefsvuDr7CL-vOQjGckzIcEXsBe9tjmre01k_utVISH96vbjp5yigDF6QLqWtqdhlJZL5su0viEDYE8TMKLHJxjBqgNwY0gBMV2WVXUyuMOjxOAPhUgfLoNA5KD7h_InUAtlLnJemOJ_cyTIa50LMzDMNSEzuBB8-fHBrUVfcgZu0P61xHhpfFKf2ods4nyr2Xa19TUIeGCUQSdsTuO6kSH90Vhd5TzX0DNAuqJ_kQPdpzJL6JECvpzBzbixag9w-mHyVF-2hy63NphVkjR21SFwyGmUrugsjQTwNYESFYQ9t2p3HwShLlfH_veAB_A6tNZjHFPtpyi-Nf16NxzWDep-DzvvslBjLoD5x9NXZCYAEwyF5DJVBXlh4hptW_tQn1on3BId3tSRnk6hHh4BXj54UGV1D4IVYtZH3Tp_A5rx753tcWbWl81oWYL7pawKLFiF9XPJ3plNlkxYEBqAObO4coblhfKgr_dHbILJQxXB9M7DQcDGpWzfZvFKayv-A4IK4JFmvEqPOk5Wq3oIZPYn1UbS9gOAZ2qljTbQam9NE-5UhsQ5xI94E3e6NL_L_Hf84Pe_xGzdLKUF_--ngO2ktxxeNBwzIGaDufqzFnRgBy7rQJpBD9vKo68SrxmLawD0EkAkrPQQnMpL_48-MHRnFjgtmstwPKVfKEV7G0IU82PzDAFtCePoBLWKJuIxL6a9RdgaxBT_aVEqF2MA0TF3bu5ClEtvrwaWEBJ0X6k

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| bs_deferred_loading_bsd_277419302 string| bs_deferred_loading_bsd_1692909449 string| bs_deferred_loading_bsd_1810319648 string| bs_deferred_loading_bsd_358446272 string| bs_deferred_loading_bsd_261826878 string| bs_deferred_loading_bsd_137942374 string| bs_deferred_loading_bsd_1578011177 string| bs_deferred_loading_bsd_1904275229 string| bs_deferred_loading_bsd_1323467437 string| bs_deferred_loading_bsd_1285922060 string| bs_deferred_loading_bsd_669921323 string| bs_deferred_loading_bsd_2041019275 string| bs_deferred_loading_bsd_1050099728 string| bs_deferred_loading_bsd_1984554525 string| bs_deferred_loading_bsd_2036114528 string| bs_deferred_loading_bsd_1164390881 string| bs_deferred_loading_bsd_472437009 string| bs_deferred_loading_bsd_1607926345 string| bs_deferred_loading_bsd_1046714880 string| bs_deferred_loading_bsd_952409165 string| bs_deferred_loading_bsd_1994372480 string| bs_deferred_loading_bsd_1148599342 string| bs_deferred_loading_bsd_779703993 string| bs_deferred_loading_bsd_404766685 string| bs_deferred_loading_bsd_832745492 string| bs_deferred_loading_bsd_1451116839 string| bs_deferred_loading_bsd_1742394971 string| bs_deferred_loading_bsd_1926130551 string| bs_deferred_loading_bsd_1805544877 string| bs_deferred_loading_bsd_1599389072 string| bs_deferred_loading_bsd_1794649491 string| bs_deferred_loading_bsd_2012655922 string| bs_deferred_loading_bsd_1259085352 function| gtag object| dataLayer object| bs_pagination_loc object| publisher_theme_global_loc object| publisher_theme_ajax_search_loc function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox object| tilxep object| google_tag_manager object| Better_Social_Counter boolean| pp_alreadyInitialized object| $bs_sticky_sidebars object| docCookies object| Publisher_UI object| Publisher_Theme function| getEmPixels function| elementQuery function| Blazy object| Chartist object| accounting function| OnScreen boolean| blockFotoramaData string| fotoramaVersion function| EvEmitter function| imagesLoaded function| hcSticky function| bsrj_retinajs function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| doresize object| scroll_pos boolean| hashtag object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Domain/Path Name / Value
.mail.65-21-22-232.cprapid.com/ Name: wssplashuid
Value: dd8a5e5a3746cfc4cfe09aec6bbaeb25abed2d8f.1712400891.1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cprapid.com/ Name: _ga_7TS7BVXWNR
Value: GS1.1.1712397295.1.0.1712397295.0.0.0
.cprapid.com/ Name: _ga
Value: GA1.1.2106263525.1712397295

11 Console Messages

Source Level URL
Text
javascript error URL: https://mail.65-21-22-232.cprapid.com/
Message:
Access to font at 'https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff' from origin 'https://mail.65-21-22-232.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.65-21-22-232.cprapid.com/
Message:
Access to font at 'https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://mail.65-21-22-232.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.65-21-22-232.cprapid.com/
Message:
Access to font at 'https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.ttf' from origin 'https://mail.65-21-22-232.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.ttf
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://mail.65-21-22-232.cprapid.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://mail.65-21-22-232.cprapid.com/
Message:
Access to font at 'https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://mail.65-21-22-232.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mail.65-21-22-232.cprapid.com/
Message:
Access to font at 'https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://mail.65-21-22-232.cprapid.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://usa.businessupturn.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mail.65-21-22-232.cprapid.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
usa.businessupturn.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
usa.businessupturn.com
142.251.16.156
142.251.163.99
172.253.62.154
2606:4700:20::681a:7d3
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c0b::64
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1b::84
65.21.22.232
0033ac8700392ee9af18e167e5092b0fb971f453568c78a733abf996e20ebbfa
1086f05f613389cc46dcb42c927b59e47d8404e32e3a1430a578b3de94109fec
118c6a856ac4a00dfdda0c06c30f10ba7188a01cbc5df125a284508c4fc12de7
1439f37881392721421c97474a9bf9c7e06924603ab903d55ea3a2ce15e6c1dc
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff
1b746e70a6f1bcd544697f49a763ed7b8987ce6e0b8dea34c92e1d56ce7029b6
25fe70cd76914f6805510a5a1a03dccdced16da89be9e6326a5f75e22eeb5d57
2a75a7adcc10c40b8326a2787ef3ba30738a386d2e6f4ad6aba8d0f876c2f68f
2a7f69c1ebb6d3f5c3f083fcfe12530a6383aa90f54d6919ae4ace5544574024
2b781a27d93d8ae5d45dd1f62eefc08a812c14675b3f4135a926b6cefad0ee2f
2d31ff6ababad76de1a034c05bb779b601a151e7047d96401bb61d4fb703a8a8
3b01f0877843eee664241e8dceeb33651533cdad01c993c9a84c921361dff523
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4de35975f0a5fd128d7678788418dfc1475b29b3b3d22bfa101fd2741c9c0e7a
502c346bc82e2cc31eb8a8a41855b4b15696926c989c8bacbf6f3492b95b79de
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53a109ae24fc82caf487a8dd663999fcb102e7436f9340e04f2597e4292bab89
57a9e4cce21cad1af4cd9ed3c0a93b552f5a3540a66b565a8a5b13447dde2553
5b584a59b57c44d1e709ad47c52faeafd50082429b9b9cc689cbb9c03256f626
5ec1e2ebe080ec8fbfbdc7dd9c0c25449e1d98e4e947c11a00fd770d8841698b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e6963da1f2c10cd8d610fc7b0c119fba9fff62ca018bcdbaff89f2b4d489a3
6261d86a0f600f99a30bd078d8517debd921ee373f4492a22d0104cb9e4d122f
6d6731d3a2a0cac6b69584abc178a7a0e59779ac7b47deb0d68800a9b2569d63
6f70bf1df5bfdc0a57cca821ddcc2b5b87e5d3aa04f7ce530b1615c964155ba8
719659d5e3213041be7a87b1cd49ef72049e17a94a24254126f50b02901dbea4
7663ff3d0d0c2ea4c325157450139fa0afaf1bddb25f981a788e927eef5c3df3
7c4316274b2a43f901eb790f10be463887ccfe50594284c7586b684166d20bf7
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
855b99bd9af71ea2ad38516badb0e9393ca0b476e71be43d8e3858a37d43a562
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef
9196ec15c3a43826505a2b211db1f57df0250705fb7289402f75e263943e680e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9965d38256b7624f0b8c86daa8a13d8947581b0fc52e4632467d60b62f88db29
9dbfa2170a79e214b86b1364de5f7403a26a0e1cc0b5a43cb712e9fc1f0f4b6c
a202ee652b1db82ab5b498f14aa658181db9e3f3c7b8932ed1076a8b60efcbbc
b124615cffd156050b1b25119748b2a8603d5463758dd12fcdcf7d95b543c2f6
b29e6b3fbec9bdacf331f867450d176c6fcd5a97040fdfcab4480b7c9aa3092b
b808b341ed9dca07e6406b9b6584c95ea64d2e21e0b286ba8e6d682f1a79cf29
bb65f45cb426fc598912314e1ada930fb329529299c134d7f51f80ed7dafdc72
c7de4b6da8e61e38d14e4feee9bd794a57d6d00f619561f1e2c4be1e4ac8abed
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca032eaa60a31012563b316bb3e4cc2258002b462a5e981ae2da765de21281e6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb75d9536dd62eb44dcc0318ece994aba88fa16e3e037b554871ea2008e545d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cfb258cb5f8b9289f0730a4247b0510cf4fa10d8e00f08d46493d7d44e0cbad0
d89057a3240675db6d6273d40bf23ebc243335253bd173702a2fb7f007634119
da067e5fdb1d8fa65afba15fadd749fd657c98304d8b98d67a3922dfc9391219
da0c239724965c175fc1c13d8faa6074449baf4241c0ad6a08d6e856809fe6e9
dd0dea1f4b0e43e4738f24943e709b8a08458e176cec92e072c2699d2d08cbab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53385017fbb63fbbf9249c76f64f736bb25e24f351f9faf05942d0949ebe2d2
e8dff98a29287b510a3fc2722b616da877061caf54247c54927a393531ca49e6
f3a27e1598571a3979c01fd836236f601be6cf5ad95a7b65c740e21813d50f92
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6d5ecc6418a43c6a1d6145701c9f3ab495705ab66b9d6d559de241c04e2cdc5
fddf503b8e65fdd0574dd3b66eca131ed07f9813326ef7219f01b974726f2734
fe8786e08c9c7fb72c68a43af209cd1527c07a3bdaf5f41c78eb9555abc33e25