ust.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://iambodybuilding.tv/
Effective URL:
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Submission: On February 09 via manual (February 9th 2023, 12:30:32 am UTC) from HU — Scanned from US

Summary HTTP 89 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3030::6815:3954, located in United States and belongs to CLOUDFLARENET, US. The main domain is ust.aly2um.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time ust.aly2um.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.185.74.39 192.185.74.39	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 1	190.115.26.9 190.115.26.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
16	2606:4700:303... 2606:4700:3030::6815:3954	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4004:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
30	2607:f8b0:400... 2607:f8b0:4004:c1b::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4004:c08::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::66	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::71	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::69	15169 (GOOGLE) (GOOGLE)
89	18

1 192.185.74.39 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-74-39.unifiedlayer.com

iambodybuilding.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.115.26.9 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

uxe.luxe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3030::6815:3954 (United States)

ASN13335 (CLOUDFLARENET, US)

ust.aly2um.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c08::84 (Ashburn, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::66 (Washington, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::71 (Washington, United States)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	360 KB
16	aly2um.com ust.aly2um.com	110 KB
10	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	199 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	68 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 354	134 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 67 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 23	20 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 854	603 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	43 KB
1	t.co t.co — Cisco Umbrella Rank: 514	699 B
1	uxe.luxe 1 redirects uxe.luxe	216 B
1	iambodybuilding.tv iambodybuilding.tv	426 B
89	13

	Domain	Requested by
30	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	ust.aly2um.com	t.co ust.aly2um.com iambodybuilding.tv
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	ust.aly2um.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	ust.aly2um.com
1	t.co	iambodybuilding.tv
1	uxe.luxe	1 redirects
1	iambodybuilding.tv
89	18

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.iambodybuilding.tv R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Frame ID: BCD03A755A7E958708107BA7098A15BF
Requests: 26 HTTP requests in this frame

Frame: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675900800
Frame ID: 3C271B0764261CB8120971425E1387B5
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 935342CB4A052DF95CB786B835A00FD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1675902625&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624609&bpp=5&bdt=459&idt=638&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=17578750331&frm=20&pv=2&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=681
Frame ID: 014DC90432982FFF557621B6F1B85E77
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1675902625&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624614&bpp=2&bdt=465&idt=682&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6EmcbfBatf&p=https%3A//ust.aly2um.com&dtd=692
Frame ID: 90A3E4F0D1662FE384FB56D6E10F405C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624616&bpp=3&bdt=466&idt=699&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qF1zQfsCZM&p=https%3A//ust.aly2um.com&dtd=725
Frame ID: FB431F1488B9B33DB7C94A947CAEBB30
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744
Frame ID: 4210ADAD23952662501854C53A7ACA93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624621&bpp=1&bdt=471&idt=749&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=FesX7R2Zaj&p=https%3A//ust.aly2um.com&dtd=779
Frame ID: 69EA00CD16EA82621A5928224E7B45ED
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301242213000/amp4ads-v0.mjs
Frame ID: BB306515463B91A22B7A7CFCA27366BF
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E3E6FAE9423AFB5E2314E76DC736387D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFC5F822A2F92A2061A451FAA65B740B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USDT outperforms both MasterCard and Visa in terms of transaction settlement - Digital Currency News

Page URL History Show full URLs

https://iambodybuilding.tv/ Page URL
https://uxe.luxe/jfA0r6 HTTP 302
https://t.co/KgdLpz31TG Page URL
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

100 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

18
IPs

2
Countries

938 kB
Transfer

2344 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://iambodybuilding.tv/ Page URL
https://uxe.luxe/jfA0r6 HTTP 302
https://t.co/KgdLpz31TG Page URL
https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://uxe.luxe/jfA0r6 HTTP 302
https://t.co/KgdLpz31TG

89 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
iambodybuilding.tv/ 680 B
426 B 197ms
66ms Document
text/html 192.185.74.39
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://iambodybuilding.tv/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.74.39 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-74-39.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 329
content-type: text/html; charset=UTF-8
date: Thu, 09 Feb 2023 00:30:22 GMT
server: Apache
vary: Accept-Encoding

GET
H2

200

KgdLpz31TG
t.co/
Redirect Chain

https://uxe.luxe/jfA0r6
https://t.co/KgdLpz31TG

402 B
699 B

217ms
78ms

Document
text/html

104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/KgdLpz31TG

Requested by

Host: iambodybuilding.tv
URL: https://iambodybuilding.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Referer: https://iambodybuilding.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 221
content-type: text/html; charset=utf-8
date: Thu, 09 Feb 2023 00:30:23 GMT
expires: Thu, 09 Feb 2023 00:35:23 GMT
perf: 7626143928
server: tsa_b
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: a48e4944e72fe640260d7c6c630b181ad197fc8f48a2d84b25d044c6a6728f70
x-response-time: 12
x-transaction-id: 11a5216fe8103b45
x-xss-protection: 0

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Thu, 09 Feb 2023 00:30:23 GMT
location: https://t.co/KgdLpz31TG
server: ddos-guard

GET
H2 200 Primary Request usdt-outperforms-mastercard-terms-transaction-settlement Show response
ust.aly2um.com/17/ 31 KB
7 KB 338ms
221ms Document
text/html 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Requested by: Host: t.co
URL: https://t.co/KgdLpz31TG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a64b1d1078ecdd4f5ef8e7898d36d64f32f17f487ea40d919816d67ad5937a4

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79687f07acc70329-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Feb 2023 00:30:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arw9ZeMPE8ClQ7sw0qUclzQb2elNMLnogvtwEevVStSGnA8vGf4F5xfxvbmOFN6B3JUeJE4GK%2BgTmjokWsAgjAMj9gNYzmZT1uY1FBElDg5ACHxtRfLgyiVrVRmLSA6pqlnmzqveqOw4yMnMIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
ust.aly2um.com/qa-theme/SnowFlat/ 56 KB
11 KB 80ms
78ms Stylesheet
text/css 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 3832
cf-polished: origSize=71322
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJNNSZsdeYq3CdDItS79W6pUNvWy7hBFcUQEFacSHNo3Ymm7ORCutvDNl70Efd8Z31Jy3L%2FbB49JXUX%2F2H1tD6qFadnfSE64DHj4SdUdDOqJwmq%2FQQlzib%2FygOIhidNd3m0JfJkctV5CejLVFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79687f090f520329-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
ust.aly2um.com/qa-content/ 87 KB
31 KB 47ms
46ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3832
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMoe210TxAHcfblvGOFdNGcEqWlrqxkLI%2B4mqmoeiT2OqK1kl07Zg33H1%2BaaJhAMUYgUHgNgc%2FmZaspQrYWvFySNt6y15ObOOYZRFPdMJQ2CENhgAMnhyuhs%2BvfWIaiMlFFAq0HYTWLnVXkkeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79687f090f570329-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
ust.aly2um.com/qa-content/ 15 KB
4 KB 45ms
44ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-content/qa-global.js?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 3832
cf-polished: origSize=20550
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCA%2BYbI8vBbZQKfGBMLwQj0D2MCyhNwv4uFw%2F14pqYehYy34X7BYkdJfvyB98Wa%2F6K6rC1gYPk7dgotCVRddQOjBRGdaJ0pXpCXLkhsKiJTwowlO37hXPjvzg8hUCATSoxmJZ%2FmJD%2F64hfriPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79687f090f5a0329-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
ust.aly2um.com/qa-theme/SnowFlat/js/ 1 KB
719 B 73ms
72ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
server: cloudflare
age: 3832
cf-polished: origSize=2383
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2F7i8D6yu86qpOdRPYH3kLEyWRJGMZXlMno6gHRd3Cotbru0zC4EkbXrNxjCiWwCRVCZNkA8kt4EUkbaRZX7cK3V5HmpsjDJGiQiQ9Pdb4prm6iHfs76fbikvQqvsMcDjLGOO6UDCvgvmU1WAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79687f090f5d0329-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 222ms
86ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Requested by

Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

714438333b0696e7edd1ee9abae5ce106c78fd4b123e5b85cc022bdcbdc091fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Origin: https://ust.aly2um.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49595
x-xss-protection: 0
server: cafe
etag: 782700391333139429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 00:30:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 239ms
87ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Requested by

Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5d1cb97e89e714688d0ead772aff60a4d8ed3321526ace8ec2b3f3593fa9f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44119
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Feb 2023 00:30:24 GMT

GET
H3 200 fontello.woff
ust.aly2um.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 47ms
46ms Font
font/woff 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://ust.aly2um.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7111
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4OGNY48SCGzNYNhIRyNhVXm9Tnllz8yT5zwcL9HUoZEi%2Fz6GXRlpkTXu12RnmHFq62H6uhQfepsl5deBMdBvpcRBVnB28QzCMiZhx%2BRAJLiIP0yP4RJiNZmfixVZopmTV7qMhKR6Qh%2BwbCxrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f09d929da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 vote-buttons-3.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 43ms
43ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoBmbhtkO0swOXTfgMGU%2BHAd1ZDKF2nEuOFTpTPfj9d53U2btMsScDucKdTR9Jj4%2BXo4Vg2sVeZxTDIUZ5Vs1sAdT8pPnEHaUcKHhlR1oULVv73%2FPLg1xIfPmaQL0KPUL6LaRRzrlLHkfJjuAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f0a0990da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 answer-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 48ms
47ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3174
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s6BrjzVdkNejDb%2FbwpINigW%2BinVNF35ML4Q0IjuhwvCsWo%2BKox2PBEGg09RTTZR14nieGVht4%2BZ2k7nhkIBrsw2U%2BeZeCGE6gGzu1P3M6834DIMreFvE6TvKvVp6KkL9t2w%2BWmHIZ0qlIdLSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f0a0993da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 answer-select.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 53ms
42ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyOKCNvavfH6G%2BTm6pw2NwgAYE4B1w0tetC%2BJ8aZ4nlkf%2BzZ9CG69005wUiuPQh1qTHMNHQo81CTeH0bpSbBMtL55bvT68ouEzZb%2BAGpO6uSwKmgRRcsVG1RLcAvXK8lB52rd4%2FBxEmPtY2Ryw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f0a4a01da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 61ms
50ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZUcKBDDKnpZAjHwoyquYk4yMEn21Sfw05HP79iKsYzdN%2BK7x%2Fesw%2BRhZxDkIrvpr%2BmBHdDegBCWIWvtMnjAIAevYxfHRIBqtOzgLK5FCNCGPe%2FQWmDiwl9%2FDGCVbXEbfrmgxPJaOk9agfsgsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f0a4a06da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 107ms
96ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWmxWCg3Mn7cxkg5KJgPJM666wKzAT%2Bc4blitWYsEaTa%2B6Ty581RJXU6cVRQjZ7UexYYRSCDIpx51kyYKpSigqQs4LzjSR7Jvw3%2FTYGMOlsknbAhWEEZILjAScOZKkK56E41ARYZB4ehXVpNRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f0a4a08da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
ust.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 59ms
48ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6195
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTzBVkJdt8QYN5RsvUGHh9%2FuClvB15J6KVuvZRXSv%2BnyDgHzT4qw7JNz%2By4kw9FOYkGdCzM%2FRtlHGQvJAQIBkJ3suU2dAr3XWb8zqxf7ZIpbKkUL3GLCBrVU1pNosSFp%2BD6a5RMV0Cd4ktRSjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f0a4a09da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
ust.aly2um.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 61ms
50ms Image
image/gif 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ust.aly2um.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Jan 2023 22:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2989
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLYNQ8J6GGXzYy3gXgLJiKxOKELgYTX57%2BLq9VnRjKusTpGBGvO9WOJC7OCjxf8iYKoZScR8XZXxBA1jeAmXiatu4wJE1De3v1cj4wLXRE395cqlY0cY9%2FrTRZeVd4vIk9zKMCF1XPxeimXm%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79687f0a4a0cda77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H3 200 invisible.js Show response
ust.aly2um.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 3C27 37 KB
15 KB 90ms
83ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675900800
Requested by: Host: iambodybuilding.tv
URL: https://iambodybuilding.tv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb124944c727678f4951706b8e25e4abb85da826c1f09b34384ec0630001107d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8D6VutDW3PrsGTEpilaNtbn33%2BBiMwzMmkXnctK482DA2tY5nI%2BKzL%2B6Rr6Mwr%2BwiITA0YEc8CrNlMygxxG7jnfaZOhUmQi%2F2b1VlsAOBthEI82zuJUk9brXoBUkK6NGlziW9sxGraSHVsZ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79687f0a5a2eda77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
ust.aly2um.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3C27 19 KB
8 KB 74ms
59ms Other
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/17/usdt-outperforms-mastercard-terms-transaction-settlement
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708a1656db71da032b12211a2c120bd90c2ea35bb79682d47ac7c8ee866a148d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuGshp3ERtRUw%2Fl4BaqMhv9KI3GHSrOF3i83ERivtt9Kcbxx7Gl3tre8y28sGuWRxSFV1pu5aQZ%2BiHSNnqxAoYLpQV8GvsgPeNuGXo7aiS3iIfeW1D7pxp0noDvG6JQQF9Q31p7cfCr870U%2Btw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79687f0b2be1da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/ 361 KB
119 KB 238ms
106ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89276121705102d05f9e0f71ef0e9e31d9d0c1998d942b229bca5722d19a0666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121310
x-xss-protection: 0
server: cafe
etag: 18064732167800380998
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Feb 2023 00:30:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 9353 10 KB
5 KB 203ms
61ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 20464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 18:49:20 GMT
etag: 10353107486223812946
expires: Wed, 22 Feb 2023 18:49:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 215ms
64ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 00:07:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1354
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Feb 2023 02:07:50 GMT

POST
H3 200 79687f07acc70329 Show response
ust.aly2um.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3C27 2 B
674 B 75ms
73ms XHR
text/plain 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/g/cv/result/79687f07acc70329
Requested by: Host: ust.aly2um.com
URL: https://ust.aly2um.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675900800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Feb 2023 00:30:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iozyZFT0AYzvz8uKaxaP3%2FroRkiLU%2FUOBUcKDL5gxu4LUqK%2B9UNQL5INOfYG8PDM8zCAhP63n8V79RAkB%2Bb31IaAoqC7rUjw7ef70iobcybh8%2FPssu25D6x4vfKwPCJKsfrwqwgrE8utbToBwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 79687f0f2c90da77-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 83ms
78ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=67739634&t=pageview&_s=1&dl=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=USDT%20outperforms%20both%20MasterCard%20and%20Visa%20in%20terms%20of%20transaction%20settlement%20-%20Digital%20Currency%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1763001014&gjid=357959152&cid=1312426342.1675902625&tid=UA-237003713-1&_gid=855404461.1675902625&_r=1&gtm=457e3280&z=2131535575

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ust.aly2um.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 00:30:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ust.aly2um.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
603 B 247ms
111ms Script
text/javascript 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ust.aly2um.com&callback=_gfp_s_&client=ca-pub-8128055623790566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dca13c1c90d28d132e722dcecd86164585782ca6d665466ef31376456171487d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 205ms
76ms Script
application/javascript 2607:f8b0:4004:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ust.aly2um.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 014D 0
188 B 221ms
216ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1675902625&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624609&bpp=5&bdt=459&idt=638&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=17578750331&frm=20&pv=2&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=681

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 00:30:25 GMT
expires: Thu, 09 Feb 2023 00:30:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 90A3 430 B
377 B 626ms
621ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1675902625&format=320x640&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624614&bpp=2&bdt=465&idt=682&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6EmcbfBatf&p=https%3A//ust.aly2um.com&dtd=692

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a106ebe60b3db05562be088ab86f82d158f2de0d8cb4ec0344259861c144ab98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 00:30:25 GMT
expires: Thu, 09 Feb 2023 00:30:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB43 77 KB
22 KB 832ms
831ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624616&bpp=3&bdt=466&idt=699&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qF1zQfsCZM&p=https%3A//ust.aly2um.com&dtd=725

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5a962615df1f643883c47c3cf91e89151ceef9d1ee87ba016ec827624f7a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21947
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 00:30:26 GMT
expires: Thu, 09 Feb 2023 00:30:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4210 230 KB
19 KB 638ms
623ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c8ea607ff6fd8bf47b6b70cc5b6619c316e79708eb03df737f24151e08748e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19646
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 00:30:25 GMT
expires: Thu, 09 Feb 2023 00:30:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 69EA 78 KB
22 KB 998ms
993ms Document
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624621&bpp=1&bdt=471&idt=749&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=FesX7R2Zaj&p=https%3A//ust.aly2um.com&dtd=779

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

648dc4c79f5d207a223c6484f6a37be8a831aeaf3538e71e2226873a61e5d3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21991
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 00:30:26 GMT
expires: Thu, 09 Feb 2023 00:30:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame FB43 3 KB
1010 B 210ms
78ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624616&bpp=3&bdt=466&idt=699&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qF1zQfsCZM&p=https%3A//ust.aly2um.com&dtd=725

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 00:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 22:58:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 00:30:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame FB43 2 KB
799 B 374ms
242ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 09:31:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 09:31:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame FB43 22 KB
9 KB 193ms
61ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 01:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 01:17:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame FB43 3 KB
1 KB 315ms
244ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 17:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 17:13:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame FB43 18 KB
8 KB 207ms
76ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 03:04:04 GMT

GET
H2 200 32ce712b9e3eb7e5ee47ae23bfb1e004.js Show response
www.gstatic.com/mysidia/ Frame FB43 34 KB
14 KB 191ms
64ms Script
text/javascript 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32ce712b9e3eb7e5ee47ae23bfb1e004.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf1cce48ccf3af2de675fe8acb468dde5ccbdd1daca0854c50308b78bf7633e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 02:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14178
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 01:42:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 May 2023 02:58:09 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301242213000/ Frame BB30 221 KB
61 KB 293ms
63ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301242213000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e779a4c6cb3f21fcf05f7ed9c70a7ed4fe8c0d5374f4fa7584d3917e7e7ee81d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 20:10:01 GMT
age: 188425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61710
x-xss-protection: 0
server: sffe
etag: "f7fde309d00c7e4f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Feb 2024 20:10:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301242213000/v0/ Frame BB30 15 KB
5 KB 429ms
200ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301242213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e820af1377e530b8025e86532c2ae97ea60dc315d93ee6bda9f6eeca80516153

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 20:10:02 GMT
age: 188424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "ba49594f66f11825"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Feb 2024 20:10:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301242213000/v0/ Frame BB30 94 KB
28 KB 433ms
205ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301242213000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef8301a06e83c5474d24b97b2ff0071d33075672c1b08fdff5b0f3154d59ede

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 20:10:01 GMT
age: 188425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28871
x-xss-protection: 0
server: sffe
etag: "02f301facbbd58b4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Feb 2024 20:10:01 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012301242213000/v0/ Frame BB30 72 KB
16 KB 413ms
186ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301242213000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554227ad20ac9875f9d6d87f1fc17187a6a6ae9e1f7c14c89acd5bdaf5d748df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 20:10:33 GMT
age: 188393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16686
x-xss-protection: 0
server: sffe
etag: "d98756f2371a2dde"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Feb 2024 20:10:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301242213000/v0/ Frame BB30 5 KB
2 KB 455ms
229ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301242213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b42b9c43f0d51a693442a4745188b78bcbb16064aa54682d2ecc730ef40881f1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 20:10:02 GMT
age: 188424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
x-xss-protection: 0
server: sffe
etag: "2258180a38796c63"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Feb 2024 20:10:02 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301242213000/v0/ Frame BB30 40 KB
13 KB 393ms
166ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301242213000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be273d4c7d85cd461d187ca88edba1964c7650a20685ad6b5d637f0eba5fbc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 20:10:01 GMT
age: 188425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12945
x-xss-protection: 0
server: sffe
etag: "bb31e5f5c223d9c1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Feb 2024 20:10:01 GMT

GET
DATA 200
OK truncated
/ Frame BB30 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b1c9fa6b169e842fd821baa62fbfcf2cc431aea5297a02b224a856b1cf5503e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6505668.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 280 B
267 B 300ms
211ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505668.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55df7f7d0d42e81487b548426ec04f3eaaa8c7c36e1fb65862096537795c21fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505669.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 450 B
358 B 336ms
247ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505669.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68dafa86e3e91d08377cf18eefced5f7ec0ef95a43a59b67ea3f305fd4a23ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 292
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505946.png
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 31 KB
31 KB 232ms
144ms Image
image/png 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505946.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42ca0e5b1d8dfaa5389170e171d76e5af8fd5b47a4190129922b9c3ddddcbda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31294
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505951.png
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 72 KB
73 KB 275ms
189ms Image
image/png 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505951.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d0b7e0f62aea20d3ebabdeb451ee70994181ff35e0f02636847b29e44a66d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74232
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505947.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 2 KB
1 KB 270ms
183ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505947.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30fd7cd9d4e377d54641231202e3d204aa8a8534761ce786cb50d0ee6b9c0764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 969
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505950.png
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 3 KB
3 KB 236ms
231ms Image
image/png 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505950.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c879eeb94772bab91304c31dd36f6dde553f405e82b6c179a64cde4c0e059c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3325
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6575096.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 4 KB
1 KB 237ms
187ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6575096.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3d6507084708005dc7e537941751f5049a6c76b41c59b76ba2bf096b12cd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1451
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505927.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 152 B
205 B 189ms
139ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505927.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75b2e79eafe0591be9ac1b860fa4dba9ef10e2195cec4935046f5669595e8fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505928.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 149 B
200 B 193ms
143ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505928.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d999d1081892f1697c9d51d9cfbafdd43693d451ff17c8d0e7d7654b9b6b09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505929.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 141 B
203 B 232ms
182ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505929.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f15aadac41313750cd06cdfe078b9acf508a07b14c0ac87f567261a5dd8c594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6575097.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 611 B
432 B 167ms
117ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6575097.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c87143b862cea96f3ef5d10ceaf0d938872fc42324a1e8249700be8277f49985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6575095.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 3 KB
1 KB 190ms
140ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6575095.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

177532443cd2d86d071966cf070a6ced3dabc31eb30cd650e5ea08c9b9b64262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1213
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505933.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 152 B
208 B 168ms
118ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505933.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75b2e79eafe0591be9ac1b860fa4dba9ef10e2195cec4935046f5669595e8fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505934.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 149 B
204 B 169ms
119ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505934.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d999d1081892f1697c9d51d9cfbafdd43693d451ff17c8d0e7d7654b9b6b09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505935.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 141 B
496 B 166ms
116ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505935.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f15aadac41313750cd06cdfe078b9acf508a07b14c0ac87f567261a5dd8c594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6575099.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 611 B
428 B 231ms
181ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6575099.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18daca27f8bf46c750ecb1a7112d3b4c3eb6fc4e882e7b5858c4e53a1c1a00dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 6505713.svg
tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/ Frame BB30 5 KB
2 KB 230ms
180ms Image
image/svg+xml 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/10447723790934615456/970x250/images/6505713.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0977d950e286c5589af2575e3bd8d399acdb35db81c3e1b00766f29c0879510b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1853
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Feb 2024 00:13:16 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB30 2 KB
3 KB 135ms
86ms Image
image/png 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 07:24:18 GMT
x-content-type-options: nosniff
server: cafe
age: 61568
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 09 Feb 2023 07:24:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB30 295 B
424 B 134ms
85ms Image
image/png 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:15:56 GMT
x-content-type-options: nosniff
server: cafe
age: 40470
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 09 Feb 2023 13:15:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BB30 0
22 B 91ms
87ms Image
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBmb7oT7kY-WxGpqlqMwPsMGd6A6L6rumbsqK1KzdENqjgrmtMhABIIz55H9gyYaAgNyjxBCgAZyh-ZsByAEJqQIoNZGt-kW0PqgDAcgDCKoEhAJP0HO5mcjqs9hd2dF_e_XIcpQmZIwDdBEu_e3WmoIMbwnfAliz0hTjmvyMkjqjExpKWkC2cDhswTRbRmb0o3kXGSBgZHYcqOB7CC3imm0NuPQLlsFqk4FYWDRLMGTDUOBX5IwvXlMNPAwqGJe_NvYgoQA2Bbnb4iDLNkGlZPyMX5D-RabGJIOpTfE9wIcqVdeaiuwDJ6JmCCI-d3sN2q4UyknDJpF3697jTFhuIc28sc6GOi8r6UqtiC9WWEjuOTPQ_6CuZFhhRbfv8wPLs4FtLj51h2ywZDB-AyyxefHf8VEGHp9-z2llWkCakATn37eBgyJvnOgcAmhrQY4-7WoBEewF6cAE5oyU3ZMEkgUECAQYAZIFBAgFGASgBi6AB8zehuQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyc4I0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=ZtlkYDPf5cM&uach_m=[UACH]&cid=CAQSGwDUE5ymWads8APSh33Fo0YMI2GMC9buFESbrRgB&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=3940584993&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624619&bpp=2&bdt=469&idt=734&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=i6Z0ApHaIj&p=https%3A//ust.aly2um.com&dtd=744
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Feb 2023 00:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 00:30:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame FB43 37 KB
37 KB 330ms
131ms Image
image/jpeg 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQIurcLJA9tcfrFp723iVRPGlSCSvb-0bgH1bKo8PEGUVI6ukMVkvstPZuGOAg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6901bc329b7cfb2a3c4a1132950bb925b82acf7b1b5fef83be810a493034bf26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:26:21 GMT
x-content-type-options: nosniff
age: 47045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38080
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 02:06:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Feb 2024 11:26:21 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame FB43 6 KB
6 KB 263ms
64ms Image
image/png 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRRmOEGc8k7LtwExhj7n8G2_H0GxSg2vQJGzWT8XgKD_VzU47Y&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f560de70da3a6b3a685ae949023f4cb0c2fbc3f64abd1b6e2b9156c304e5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 08:53:09 GMT
x-content-type-options: nosniff
age: 56237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5920
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 19:42:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Feb 2024 08:53:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 69EA 3 KB
674 B 107ms
79ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624621&bpp=1&bdt=471&idt=749&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=FesX7R2Zaj&p=https%3A//ust.aly2um.com&dtd=779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 00:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 23:07:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 00:30:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 69EA 2 KB
846 B 268ms
240ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 09:31:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 09:31:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 69EA 22 KB
9 KB 147ms
120ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 01:17:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 01:17:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 69EA 3 KB
1 KB 259ms
245ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 17:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 17:13:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 69EA 18 KB
8 KB 158ms
131ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 03:04:04 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 69EA 33 KB
14 KB 148ms
76ms Script
text/javascript 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 05:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 May 2023 05:11:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FB43 0
0 89ms
87ms Fetch
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CA9qCoT7kY92AGPTto9kP78eWOJ26j85u9-DLuv8P9uKD9aowEAEgjPnkf2DJhoCA3KPEEKABjbnW5APIAQapApDXN1zX-6g-qAMByAMCqgSAAk_Qnr1dmTybTN3zigy25S24J8DHUJbfWWt3YIyUWZExeiQQn72HS6w8cU0g-0uZnKCrbGcQUJqo-9qSIRLfl3LU3JgJ9C5tXA9bJRdpf0_zahRdT1blChd6Hzk6Rq-NhcSZefnXcSK51-LQauGWCNxF_c2iI6QaGVhAOINDO9OyNW56TNFVBlTwS6Hzdxn8wI14JsVRvP6tL7NkkNz-tDXu0OPrK5uw1hUScCmFpzv_mrD73ObRZSC4u92V8w9fpcqC5zEX7IkDKiDu_G2WCYSpUO7gq92BxAIuFuAH4rst2x5il24QBwx2S5vWxCO_OdjLB16qwBARdAdGQRCrdMXABMu_wdf_A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfbxqkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEJHHB9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAZgMsIfKmtoDwhMGGI251uQD2BMO0BUBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=Mfk8A7Z7n5Y&uach_m=[UACH]&cid=CAQSGwDUE5ymPz_j2_bmYFsphKKV_CyF9a9YyOt_YxgB&template_id=493&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=748x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624616&bpp=3&bdt=466&idt=699&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qF1zQfsCZM&p=https%3A//ust.aly2um.com&dtd=725
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Feb 2023 00:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 00:30:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 69EA 0
0 106ms
105ms Fetch
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMY_GoT7kY9XEH5SW7AP_i5nwCJ26j85u9-DLuv8P9uKD9aowEAEgjPnkf2DJhoCA3KPEEKABjbnW5APIAQapApDXN1zX-6g-qAMByAMCqgSGAk_QRfD8Wh1yFq-Z6dFgJ5pWtqHyoLaf-WkVZ0FB5788X0mmIt_Qnnk1R9RynZXF3kH1FeQ0wLDMIMgIkWaUkAPJ6nnO-UY5CBSfEfOinRJ9_woxlPPNd8fZVwtO5lTu8nh4dX6tzZU0JDCkvn-sQUq7Nzr4Iv9Q8ARzmQZq3scHXBAyyRtn2oi66zACbTu3Z9-DQGu4jmlYwXUbnjIiC0xZ20ya3Pk8tWmyi303RNidc2VV_fUpeUMh4-g_MQ7r-zehfn0DnX9o9OiDoMtXjYU9XFQX730hZLKnDIN_JyEFl44TPbp7c2ll_NnrGw3JWOaCVkBjKvyGPf4mIW3uLtfxaRAh7oTABMu_wdf_A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfbxqkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEEOjZBtIIDwiAYRABGB8yAooCOgKAQIAKAcgLAZgMsIfKmtoDwhMGGI251uQD2BMO0BUBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=mMMhEl2WCqY&uach_m=[UACH]&cid=CAQSGwDUE5ymUKgm64FdTvS4oGJ4pEhlK7sqHaINrxgB&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=3797233737&adf=318908456&pi=t.ma~as.4620684285&w=708&fwrn=4&fwrnh=100&lmt=1675902625&rafmt=1&format=708x280&url=https%3A%2F%2Fust.aly2um.com%2F17%2Fusdt-outperforms-mastercard-terms-transaction-settlement&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675902624621&bpp=1&bdt=471&idt=749&shv=r20230207&mjsv=m202301250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C748x280&nras=1&correlator=17578750331&frm=20&pv=1&ga_vid=1312426342.1675902625&ga_sid=1675902625&ga_hid=67739634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31072291%2C44774292%2C44779793&oid=2&pvsid=2207085568053134&tmod=1402354955&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=FesX7R2Zaj&p=https%3A//ust.aly2um.com&dtd=779
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Feb 2023 00:30:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Feb 2023 00:30:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 69EA 37 KB
38 KB 197ms
57ms Image
image/jpeg 2607:f8b0:4004:c06::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQIurcLJA9tcfrFp723iVRPGlSCSvb-0bgH1bKo8PEGUVI6ukMVkvstPZuGOAg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6901bc329b7cfb2a3c4a1132950bb925b82acf7b1b5fef83be810a493034bf26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 11:26:21 GMT
x-content-type-options: nosniff
age: 47045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38080
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 02:06:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Feb 2024 11:26:21 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 69EA 6 KB
6 KB 195ms
58ms Image
image/png 2607:f8b0:4004:c1b::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRRmOEGc8k7LtwExhj7n8G2_H0GxSg2vQJGzWT8XgKD_VzU47Y&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f560de70da3a6b3a685ae949023f4cb0c2fbc3f64abd1b6e2b9156c304e5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 08:53:09 GMT
x-content-type-options: nosniff
age: 56237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5920
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 19:42:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Feb 2024 08:53:09 GMT

GET
DATA 200
OK truncated
/ Frame FB43 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c907e723cb4ed28945bffdd0f7428b903d0dc2f287948cb7c63f4fcf8c98415

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 69EA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d8e04607d98816764c79bb3ada2ed14c6a6156c18e0077bde5ca3de8bebfee3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 69EA 20 KB
20 KB 308ms
143ms Font
font/woff2 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:24:08 GMT
x-content-type-options: nosniff
age: 579978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 07:24:08 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 69EA 21 KB
21 KB 266ms
106ms Font
font/woff2 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 12:11:24 GMT
x-content-type-options: nosniff
age: 44342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 12:11:24 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame FB43 20 KB
21 KB 220ms
63ms Font
font/woff2 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 07:24:08 GMT
x-content-type-options: nosniff
age: 579978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 07:24:08 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame FB43 21 KB
21 KB 324ms
168ms Font
font/woff2 2607:f8b0:4004:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 12:11:24 GMT
x-content-type-options: nosniff
age: 44342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 12:11:24 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012301242213000/ 23 KB
8 KB 64ms
62ms Script
text/javascript 2607:f8b0:4004:c08::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301242213000/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::84 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0f8b589cdc20c57c6d9cde66304e7127da716ae586afebf57fba444d8cc18fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Feb 2023 20:10:38 GMT
age: 188388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7835
x-xss-protection: 0
server: sffe
etag: "8aa58a8823eac68d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Feb 2024 20:10:38 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 77ms
76ms XHR
application/json 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

174177ca5eea53e6095ccec761e8358776368544544ae7d6edfce6ca7d9edee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11144
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
74ms Script
text/javascript 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250101/show_ads_impl_fy2021.js?bust=31072291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 00:30:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E3E6 13 KB
5 KB 64ms
61ms Document
text/html 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 83648
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 01:16:19 GMT
expires: Thu, 08 Feb 2024 01:16:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AFC5 783 B
1 KB 202ms
76ms Document
text/html 2607:f8b0:4004:c1b::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b94733b6afe777312b5bebb0f6b2fc9953f73021c884e1e54670a8fabdf4a60b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s8t4idY3LV7lWgS_zTvOCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ust.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-s8t4idY3LV7lWgS_zTvOCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Feb 2023 00:30:27 GMT
expires: Thu, 09 Feb 2023 00:30:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame E3E6 36 KB
14 KB 62ms
61ms Script
text/javascript 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 18:53:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AFC5 0
0 75ms
75ms Image
text/html 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=2207085568053134&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E3E6 0
10 B 60ms
60ms Image
text/plain 2607:f8b0:4004:c1b::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zOqXOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 00:30:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BB30 42 B
64 B 78ms
77ms Image
image/gif 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOyJsgbAcRWfZYTD8bV26iwatqYG8fFIoZ8DJf0JmdTM4zimAaYjK7EUKFYqnWSmNYVva4Ve_bCwACm9gglK2wWcMfhdaZScFR3MJMPV6jAqCOrHw9_Tv0-KzVbbiJRC1JeFQ&sai=AMfl-YRzkjkp1BWsiQ-_NhRaq_zWQFPZko-9crIOs0wpR3TiHud2h5dXVqVlrM6m8e3wI8x2-QwSeBJfJxe5&sig=Cg0ArKJSzNsW9CTa2K1BEAE&cid=CAQSGwDUE5ymWads8APSh33Fo0YMI2GMC9buFESbrRgB&id=ampim&o=298,459&d=748,193&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=653&tls=1654&g=100&h=100&tt=1654&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Feb 2023 00:30:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2607:f8b0:4004:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=2207085568053134&bg=!OTqlOm7NAAaq5O5FiuQ7ADkAdvg8Wl3qdtGuB8RIZvDKIt8i9B2EP9gRyg2W8XFztI98vwbvghb2Bz6wy65HBqDyrcHJvPZeSCkCAAAA9lIAAAAIaAEHmQKZ600n-VCZMAo2syR4J9s75Xs3fMpUP9yTw-jbpZRx12cJZzYageP9fOA1m6ajOa_mK2Hm0G9yO9Moh5JKrGdIRtWgYaFFSHnIB0NCFwfZstITqz7QrLjzM9IaOL8LSi14pjTJZLCYzyJvW2iuu6cmhC3r3gBOY6LBbw2Hoq8W94fvLvQf3IzV_KAyMwHa8dknCXB0-gl5WcWIgzP-VCBt7HA8t7UR_VKE_vXhXXZtGd4vUhMbPCJ9Chcb-GvLJTG0-JGxmSitFHD5OElBBfYCZ8DDGQtGIpb_550sXATB5I1986F6_Dv_TasYVe_PX59j7RPFWjS-pbV_tEZHOnYBE6LupiAieD3hKM_BhvqqiVjHwq8kL_lfpuBh5wxP_8VCMX-jf_JRZCCkCmWZbKrtih3VMok4cuECMNCqDCAkDNNjjej3wZl_b9jrbmpl1mo0H3igHfsrFrWdIN5XvvtgnilOT8k6sBF7wZzEaIEch2XmnmBhGeSu9xTwHqVrwa5SFbrdayKpD7LjKO8fBnq7UN8TTUOnDPOa9M91R81zE0mkpxeW4K6E-K3Hj4tdo6xWaI9HjO4JGC4I8drO6Ii0Q_pK2Rs3fUIz8VIRr9BJZToafFyG6qJYcxFCC9rleqKSBfhR4HrXuM-w6nFAb1LW2IKyNMIvLZ66lYx-r_7NiXhKONfx8qX7WI_ER4ATvGfEu7zVh_j2PPUSW6CBjSAXZhPJctyLhxeKsMxEf294iU6Qunqf4Mefx_8KkHPfiK1-LQ_LMH99AXBsacyQQG_VYmt1rsrxWt2rQIxDG-obTTo_TYZpBgK9w_GEIIS4V6TzAjFlEpR8n5RgaDkoq0FVWDqc2y272Lg0IfYxye4vFB9QFq3DVn9Jsq8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ust.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uxe.luxe/	1970-01-20 18:17:18	Name: __ddg1_ Value: HWMrNtCDZ7BAWRbrKgDX
.t.co/	1970-01-20 19:07:42	Name: muc Value: 7806d10f-bcf9-4fcc-bdce-037fe1e5bc10
.t.co/	1970-01-20 19:07:42	Name: muc_ads Value: 7806d10f-bcf9-4fcc-bdce-037fe1e5bc10
ust.aly2um.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0a4bc543e9ea2ac2f353a2b791510ccb
ust.aly2um.com/	1970-01-20 09:34:35	Name: qa_key Value: 3jrgq85yksm9gin5c42naht13s5adn4f
.aly2um.com/	1970-01-20 19:07:42	Name: _ga Value: GA1.2.1312426342.1675902625
.aly2um.com/	1970-01-20 09:33:09	Name: _gid Value: GA1.2.855404461.1675902625
.aly2um.com/	1970-01-20 09:31:44	Name: __cf_bm Value: RRjfn5pdYmOI7_lEMVuB74XtUimnTUCxIEPlGJIX47I-1675902625-0-Aa0PFANN4C8RtPve6x4vw6uJSrSDgqu8vvUJ0yqv9uu6khglogno2rkYkeOKlR1Flpq+gLaW2hnI2MKYAU8qdJ8cfCJ+oXOvAu9aNG6pf87hRlwduAA4xXkkNAbRxUVLBydp0NW4fyxWPblXMK1s2fM=
.aly2um.com/	1970-01-20 09:31:42	Name: _gat_gtag_UA_237003713_1 Value: 1
.aly2um.com/	1970-01-20 18:53:18	Name: __gads Value: ID=df42490580a92549-22430c47eada00b4:T=1675902625:RT=1675902625:S=ALNI_Mad-6R2KDVBrZH7yGe0bQpApWlijQ
.aly2um.com/	1970-01-20 18:53:18	Name: __gpi Value: UID=000009a61513ddc6:T=1675902625:RT=1675902625:S=ALNI_MZzmYAOfT_SJENULI7TLae-WID56g
.doubleclick.net/	1970-01-20 19:07:42	Name: IDE Value: AHWqTUnckPlG0Y_Dwo0mMSzGNJeU8xuDGpYiicOFQDBcaN9hhcuRiB-jT60TxZ_ZceA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012301242213000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cdn.ampproject.org
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iambodybuilding.tv
pagead2.googlesyndication.com
partner.googleadservices.com
t.co
tpc.googlesyndication.com
ust.aly2um.com
uxe.luxe
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.244.42.69
190.115.26.9
192.185.74.39
2606:4700:3030::6815:3954
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::66
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::69
2607:f8b0:4004:c1b::71
2607:f8b0:4004:c1b::84
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80f::200e
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0977d950e286c5589af2575e3bd8d399acdb35db81c3e1b00766f29c0879510b
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0f15aadac41313750cd06cdfe078b9acf508a07b14c0ac87f567261a5dd8c594
1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f
174177ca5eea53e6095ccec761e8358776368544544ae7d6edfce6ca7d9edee3
177532443cd2d86d071966cf070a6ced3dabc31eb30cd650e5ea08c9b9b64262
18daca27f8bf46c750ecb1a7112d3b4c3eb6fc4e882e7b5858c4e53a1c1a00dc
1c8ea607ff6fd8bf47b6b70cc5b6619c316e79708eb03df737f24151e08748e0
1c907e723cb4ed28945bffdd0f7428b903d0dc2f287948cb7c63f4fcf8c98415
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
30fd7cd9d4e377d54641231202e3d204aa8a8534761ce786cb50d0ee6b9c0764
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cf1cce48ccf3af2de675fe8acb468dde5ccbdd1daca0854c50308b78bf7633e
42ca0e5b1d8dfaa5389170e171d76e5af8fd5b47a4190129922b9c3ddddcbda4
4d5a962615df1f643883c47c3cf91e89151ceef9d1ee87ba016ec827624f7a50
554227ad20ac9875f9d6d87f1fc17187a6a6ae9e1f7c14c89acd5bdaf5d748df
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55df7f7d0d42e81487b548426ec04f3eaaa8c7c36e1fb65862096537795c21fd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e3d6507084708005dc7e537941751f5049a6c76b41c59b76ba2bf096b12cd80
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648dc4c79f5d207a223c6484f6a37be8a831aeaf3538e71e2226873a61e5d3bf
68dafa86e3e91d08377cf18eefced5f7ec0ef95a43a59b67ea3f305fd4a23ae7
6901bc329b7cfb2a3c4a1132950bb925b82acf7b1b5fef83be810a493034bf26
6b1c9fa6b169e842fd821baa62fbfcf2cc431aea5297a02b224a856b1cf5503e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
708a1656db71da032b12211a2c120bd90c2ea35bb79682d47ac7c8ee866a148d
714438333b0696e7edd1ee9abae5ce106c78fd4b123e5b85cc022bdcbdc091fb
75b2e79eafe0591be9ac1b860fa4dba9ef10e2195cec4935046f5669595e8fb9
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7d8e04607d98816764c79bb3ada2ed14c6a6156c18e0077bde5ca3de8bebfee3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
89276121705102d05f9e0f71ef0e9e31d9d0c1998d942b229bca5722d19a0666
8a64b1d1078ecdd4f5ef8e7898d36d64f32f17f487ea40d919816d67ad5937a4
8c879eeb94772bab91304c31dd36f6dde553f405e82b6c179a64cde4c0e059c7
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
99f560de70da3a6b3a685ae949023f4cb0c2fbc3f64abd1b6e2b9156c304e5a8
9d999d1081892f1697c9d51d9cfbafdd43693d451ff17c8d0e7d7654b9b6b09a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ef8301a06e83c5474d24b97b2ff0071d33075672c1b08fdff5b0f3154d59ede
a106ebe60b3db05562be088ab86f82d158f2de0d8cb4ec0344259861c144ab98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7d0b7e0f62aea20d3ebabdeb451ee70994181ff35e0f02636847b29e44a66d9
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b42b9c43f0d51a693442a4745188b78bcbb16064aa54682d2ecc730ef40881f1
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b94733b6afe777312b5bebb0f6b2fc9953f73021c884e1e54670a8fabdf4a60b
be273d4c7d85cd461d187ca88edba1964c7650a20685ad6b5d637f0eba5fbc1d
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c87143b862cea96f3ef5d10ceaf0d938872fc42324a1e8249700be8277f49985
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
cb124944c727678f4951706b8e25e4abb85da826c1f09b34384ec0630001107d
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
d5d1cb97e89e714688d0ead772aff60a4d8ed3321526ace8ec2b3f3593fa9f93
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
dca13c1c90d28d132e722dcecd86164585782ca6d665466ef31376456171487d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779a4c6cb3f21fcf05f7ed9c70a7ed4fe8c0d5374f4fa7584d3917e7e7ee81d
e820af1377e530b8025e86532c2ae97ea60dc315d93ee6bda9f6eeca80516153
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f8b589cdc20c57c6d9cde66304e7127da716ae586afebf57fba444d8cc18fa
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

ust.aly2um.com Open in urlscan Pro 2606:4700:3030::6815:3954 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

100 %HTTPS

83 %IPv6

13 Domains

18 Subdomains

18 IPs

2 Countries

938 kBTransfer

2344 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ust.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

100 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

18
IPs

2
Countries

938 kB
Transfer

2344 kB
Size

12
Cookies

89 HTTP transactions
3 data transactions