cutty.app Open in urlscan Pro
2606:4700:20::681a:db1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cuty.io/Q18titUI40
Effective URL:
https://cutty.app/Q18titUI40
Submission: On January 23 via api (January 23rd 2023, 2:53:32 pm UTC) from CZ — Scanned from DE

Summary HTTP 237 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 40 IPs in 11 countries across 45 domains to perform 237 HTTP transactions. The main IP is 2606:4700:20::681a:db1, located in United States and belongs to CLOUDFLARENET, US. The main domain is cutty.app. The Cisco Umbrella rank of the primary domain is 575915.
TLS certificate: Issued by GTS CA 1P5 on January 20th 2023. Valid for: 3 months.

This is the only time cutty.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2606:4700:303... 2606:4700:3031::6815:4bd0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:db1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
1	142.91.159.191 142.91.159.191	7979 (SERVERS-COM) (SERVERS-COM)
4	2600:9000:249... 2600:9000:2491:2000:12:409c:d0c0:21	16509 (AMAZON-02) (AMAZON-02)
2 7	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
25	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
4	172.64.132.29 172.64.132.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	108.138.7.92 108.138.7.92	16509 (AMAZON-02) (AMAZON-02)
5	172.67.137.92 172.67.137.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:400d:80e::200d	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
28	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 14	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
1 1	172.104.45.159 172.104.45.159	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:e638:e78b:4e7a:3c4d	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.29.201.72 52.29.201.72	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
2 2	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	52.193.58.193 52.193.58.193	16509 (AMAZON-02) (AMAZON-02)
1 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 1	104.87.133.65 104.87.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	46.4.62.19 46.4.62.19	24940 (HETZNER-AS) (HETZNER-AS)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	35.176.33.61 35.176.33.61	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.110 65.9.66.110	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
6	3.10.236.156 3.10.236.156	16509 (AMAZON-02) (AMAZON-02)
237	40

28 2606:4700:3031::6815:4bd0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cuty.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cuty.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:db1 (United States)

ASN13335 (CLOUDFLARENET, US)

cutty.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.191 (Netherlands)

ASN7979 (SERVERS-COM, US)

nannieslamaic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2491:2000:12:409c:d0c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1b9b1cxai2c03.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.7.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-92.fra56.r.cloudfront.net

slaqandsan.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.137.92 (United States)

ASN13335 (CLOUDFLARENET, US)

ihopuchcomp.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::200d (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.201.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.45.159 (Singapore) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1625-159.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:e638:e78b:4e7a:3c4d (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.201.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-201-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.58.193 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-58-193.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.87.133.65 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.176.33.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-110.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.10.236.156 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-236-156.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 192	252 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28836 ad4m.at — Cisco Umbrella Rank: 9591 assets.ad4m.at — Cisco Umbrella Rank: 37206	2 MB
28	demand.supply live.demand.supply — Cisco Umbrella Rank: 34226 api.demand.supply — Cisco Umbrella Rank: 74219	40 KB
28	cuty.io 1 redirects cuty.io — Cisco Umbrella Rank: 838962 cdn.cuty.io	881 KB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 156	91 KB
15	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 73 adservice.google.com — Cisco Umbrella Rank: 70	4 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	218 KB
8	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18712 api.webgains.io — Cisco Umbrella Rank: 49878	62 KB
5	ihopuchcomp.xyz ihopuchcomp.xyz	2 KB
5	slaqandsan.xyz slaqandsan.xyz	6 KB
4	webgains.com track.webgains.com — Cisco Umbrella Rank: 40045	54 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 82915 static-de.ad4mat.net — Cisco Umbrella Rank: 115742	8 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8470	1 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 27232	202 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	255 KB
4	cloudfront.net d1b9b1cxai2c03.cloudfront.net	116 KB
4	cutty.app cutty.app — Cisco Umbrella Rank: 575915	43 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 47056	5 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 691	489 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 595	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 689	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 702	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 417	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185 Failed	96 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 938 id5-sync.com — Cisco Umbrella Rank: 393	17 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46272	629 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 47464	624 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 80790	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 70051	330 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 72059	184 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 59631	672 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15193	696 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 5281	44 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11998	552 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 23885	439 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 4737	233 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 11919	517 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 15394	555 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 554	539 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2439	334 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	76 KB
1	nannieslamaic.com nannieslamaic.com	1 KB
237	45

	Domain	Requested by
27	cdn.cuty.io	cutty.app cdn.cuty.io
25	live.demand.supply	cutty.app live.demand.supply client
16	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net cutty.app 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
14	cm.g.doubleclick.net	1 redirects 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cutty.app 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
12	assets.ad4m.at	as.ad4m.at
11	pagead2.googlesyndication.com	cdn.cuty.io securepubads.g.doubleclick.net tpc.googlesyndication.com 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com www.googletagservices.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com as.ad4m.at ad4m.at
7	www.google.com	2 redirects cutty.app tpc.googlesyndication.com
6	api.webgains.io	analytics.webgains.io
5	ihopuchcomp.xyz	cutty.app
5	slaqandsan.xyz	d1b9b1cxai2c03.cloudfront.net
4	track.webgains.com	as.ad4m.at
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	accounts.google.com	2 redirects cutty.app
4	pogothere.xyz	d1b9b1cxai2c03.cloudfront.net
4	d1b9b1cxai2c03.cloudfront.net	cutty.app slaqandsan.xyz
4	cutty.app	cutty.app
3	63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	api.demand.supply	live.demand.supply
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	cutty.app securepubads.g.doubleclick.net
2	cdn.track.production.webgains.team	as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	ad.doubleclick.net	2 redirects
2	googleads.g.doubleclick.net	cutty.app
2	onetag-sys.com	1 redirects 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	static-de.ad4mat.net	as.ad4m.at
2	prod-rtb.ad4mat.net	cutty.app 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	www.googletagservices.com	securepubads.g.doubleclick.net cutty.app 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	cc.adingo.jp	63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
1	ads.travelaudience.com	1 redirects
1	ads.avads.net	1 redirects
1	rtb2-useast.e-volution.ai	63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
1	im.bluevoox.com	1 redirects
1	a.c.appier.net	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.facebook.com	cutty.app
1	www.googletagmanager.com	cutty.app
1	nannieslamaic.com	cutty.app
1	cuty.io	1 redirects
237	60

This site contains links to these domains. Also see Links.

Domain
cuty.io
sulvo.com

Subject Issuer	Validity	Valid
*.cutty.app GTS CA 1P5	`2023-01-20` - `2023-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.cuty.io E1	`2022-12-06` - `2023-03-06`	3 months	crt.sh
nannieslamaic.com R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.pogothere.xyz E1	`2022-12-31` - `2023-03-31`	3 months	crt.sh
slaqandsan.xyz Amazon RSA 2048 M02	`2023-01-19` - `2024-02-17`	a year	crt.sh
*.ihopuchcomp.xyz E1	`2023-01-19` - `2023-04-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-01` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://cutty.app/Q18titUI40
Frame ID: 60FBDCB2C8B5DB31F49F26FCA527E130
Requests: 106 HTTP requests in this frame

Frame: https://slaqandsan.xyz/Q05uTlYiLA0jaSJzDGgjMSJTa2QFa1wIMnIsVyxnIDYPJ2Qgfl1gNS8hGyowMSEAOngtKxprZAUGOgg+DR9dLSANNyMiBQcpFgUOdgELIzp1LV4IJw4kWj0RFzYCCT8ZDS8mbiAKLAcnBQwdPRwRfiQvLCAAJQkAehQ8PSINJx5rZAEbPSVkDyBbCTcpJR4HAzN6CCQ9OQktKjoTCjsKBjl6VgAuGjonIyVxCAALZwokBSsfBx8dFD0WBQwZGDkbAHs5GRo/Kx8pOQcAFxE+DyBmNw9cIiclFiQGDy4mAS0SFT4PIGZzBgcEIyYZNAsSLX9LfBAgOVd4NARjPCMEGzlbHgIOLCUdbiwHPDk6DwkGNhsbIhwrO3ILCyBnZnwoLWd7ICMKPTYJXCInByM0CDAHHwUFFAk+DyBmKAsHdiwKIx4dMC4pGwUhFiQgHT4uHD8+JiUWHhQwCxRaKmYZegogJnAbAHs5EycnHBoQIQUUPRYFDBZjcxk2dyMiNDQFMBJoBD05LT5TGTN2ACkfGSYoIhg5ER8/
Frame ID: 87BD6502C0BBB2634A93B1337F5EBDFE
Requests: 2 HTTP requests in this frame

Frame: https://slaqandsan.xyz/MFZ0NTVRNBdYClFrFhNAQjpJEAd2c0ZzUQE0TVcEUy4VXAdTZkcbVlw5AVFTQjkaQRteMwAQB3YyOWFZSRgjDGZmPgxhYHUAJXNSWAE2Qll4FBhGbWUhMlR0ZRMxc31bJCYFQmgwHgBccQI2Qm1iMjp2c3YFNWcNVQA1c2JyECZkdGYfMWRNfRkiY0FgFyFZc2MERVBgWxQkd15pHCVwBWQANmBtZBQ5fHRcYzByBFsSIXdNcTVFWlNzABd9bUg6O3IEQxosXgFyEzIFd2YhLWRtYRM9ZF1EMDJ0WkcTMgV3ZD4AV2JhAxdkbVQdNUJeexdFRmx4E1l0c3Q9Mn99XBctY3NDDCx3RmUVDmR0aBctbWRhGD90Qlw3LFJRdgA2AWRoDj1WZHEDMGJzeQ4xcwVyDhxRYnIQQGRjRzISYFl1FyNSf2UeMXdPaDExdG1xADZ3dAESNWBwdxIiVn1oZj5sc3YHEGJ3SBcXBFpzEhhCcmcEEHhhRwdSX0ZfOAQIU3wSAkBQewcnDXd1ZA
Frame ID: 0C4912EE3D5EC1A0D25B4EC6460B5C14
Requests: 2 HTTP requests in this frame

Frame: https://slaqandsan.xyz/SktxejErKRIXDit2E1xEOCdMXwMMbkM8VXspSBgAKTMQEwMpe0JUUiYkBB5XOCQfDh8kLgVfAwwhEix3HCkLI2IaIQIwchseRTdnAxsjSHMjEwY8aQUyKDtmCw0CM2I5CDQQRiYdQQ11CRM8GGUIHQIgZCYqND4JMx4ZO2QaMSspc3soBjdgegcjIlItDxYJUhoiST1mInsGGXd7PCMyCCYYFihzLxg4PWYIHlRIcwMjBi5geA5GPUkEDygtYywMNDwBECJBLmB4Dhg4XSIDKyJzKS83KFsQGRI7YxIjBiJgExo4KWQOHgYjAQQ8IxxzEhkfMWAECCsUHD4oMDxjIBEkHlUNGCROcDIFNT9fCC8zEgF+GxYVZRt5NANyJh4QKl8yADM/dDMbI0trAg8jDWkSCTAjZjIJMxYIIRInTnISeSsSYi0ZMzNbGwEnDXx+KDdLRhgMOxNgGx05HkgIGDMNFyA4HhRBdz81TlInO0kAQxI
Frame ID: 82FAEF41464B0ED37FEA810C41888970
Requests: 2 HTTP requests in this frame

Frame: https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=78e15bd8c96491e9
Frame ID: 02730E94C9EED10D6D62BF7D2C7E5139
Requests: 3 HTTP requests in this frame

Frame: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7556B17EBA805B66335E833F8967ED72
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSno4jZ_SSdIY8aOkub-8DBaXXYSDSJPJb9imVrfh5W1X1xCrd2OVuWp2wW-Q5pn1gpio9_F3JV9FTXHq8SeMtDRR31eZDwFJhFyoq6_zUbHQpWnqxNCq5sSD6Xp3eh6k1S4FzG0ZbLkQKlmU3Hc-KKCU2QjDS9mNdZ9dhm_P2Yn_fZrM4uXThEKAQEy5WdlD-sfi290zKNCA6eE6tpAG5lL1LNChiJDgnpR99NGDSOwguAP89MxskKPGo3pFHbwes1WGOnexgVBK8ImXzHwlcNvPE4V3IeXszuEeWNifl5AYtW0Z449mUYeh8LKWBobZz_-oubnM0Gqg8OVZZWU7uygrxZ5kVlRw9pQmOOW4EdLmry0C3S4NSKiwcbTSTvxl3&sai=AMfl-YTF4M7eSHDwTjTbkYIJNdK3bgrVXmH_azzhoOLQnXd86EUIpYXTfoeGN6Ir2zCfPHTC6N9BAPGAv8ZVeFQQTwT7ziU1bUZd4S-uDNB1h7rMVw2lhRlCADASPEAbGEORXbPM2s1kPEzp3dwUREyKzdo&sig=Cg0ArKJSzEOXSowq1wb_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7B148A653411F7F10076D991BCDA28A4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuCbiPfRbWW984AMWI7YXtVXBLJjU7r09_Dsw6Xf1xknSO3x-UFQfFuEvNt7wfk8T0ioCmOY6rK8N33ir-PQN3CtQYp80wacWc1RJbmXCfXSF5zlF9E1d0G_zuoyeiLqn7-7wurSJnNRb7DVvYAHdd5WN7NOC8noZXEPN8I6P3NIlQXECpCKZI4_0C9NV5tQkAJL0ASCV8LVi8KNS3eveV_f_64wi4U3bEKfUr4uGCoLNkdgppY-ybdHUOcqlXGdb09w4c8BXd9KTms0cv3nYbqIsO65tF2rKa4glwElmoMj7bDr9f18e3fK5pbNvMg4BhJjYfWghgPwYgtNG8NX4TmamCzjXRaaqTnW99Bwuo3UcUhCafbEBfZBxyN1OBm68&sai=AMfl-YStlffMc4NSQru8PG-xTnkIullxy0HZsE72JSy9IhIilfDecItSJBl-d-sKiuY16vMev1ZPqt-pNv0RXyOrnxpidw3FnTeF_BmNNdpSAD-GKzj4q_3Sj8s6WXy7byFpK_2rAf80yUhmnr60qlQoYek&sig=Cg0ArKJSzPIl7KZNcIwEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 31F92024004176C46B9D68C3B160BE66
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXcTKo9oKfyWBKPxgtXBa-EndcbqGlPqJ6-_KICCcyXQwPtm2uHNf5vxbtt5kKY6loK9H-MOgBqRUkyDQuRlkjPHu_wumrRGusndIyfF2qdYgiDpdhdgC9VK2t7SjLLIFKZhuVWdSwm--6q06xbEDiQgygMAzDOQp9X6O5J2gQlsS3zPK869xOTwmN9-rovDjVED8jgdaHlLGb8C1ZcGPjU_ti7P8vLl2SpXM6qf88SNyTAh1rnwI7_XAOF5nJKP9FBBTgTIySTERpyBePdIrx6Obxhd16f01xKLTK9aus33JgfqWR_SxiveoaPFPIMOdrnLIfxfNeAYcF4Bhhjh9KQc8_VSPurupCRgL6YaQdwy8jIMnRqGGWtEuN03KpvCH1&sai=AMfl-YTUspTDgydcNF2N3rvwLdAdb48MAFHqvMtdpWD6FKD7WQsojn3BVzswSWtN6AR8RczWWzPJJsuxBghrtRE8ZKxljSSDo_yvHrThywCVrOnZyUe_uOgy84Mthyh8738ITWQJ04eFzCLHCBDJPgLzlA&sig=Cg0ArKJSzFGY1CPjwABcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C6A696F796F23ED72FAC8873E562E016
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F67D63F6E762CD05E9FDE2D6BDFDAC15
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04197DDFA76CBADC346DE9F6905C617B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvke2ytKPfp9-tMVOGACIpOu_C2TBZc20lRWppGYcEBJ3FSffqkn5FJ1g4iqonR2dFQn134T9m23iy3s41GiXPUlbYUleooH-wPqLk45JkdGbdfvHmjkmSlUIwMe-I3TxLes3g0Jir_f8B5rGBYCTrcrUS4ETjD1EpIrjopxVS_bUk0PCYrntaI1L66NIHvvo8wUabEYSffMqO3_Hw1P-v4E97CQ8dMpHUcV5EsVqB7SSscBJ6B3EAyyI-uiADkZT1e0FlN59HYJb9TLD6-RfwyfzPdXBoDZtZB5M6ZbXBs7NJrPUvN80qe-PBI9B3_uZIniZS2YUfIXsU5t6KdMhCTqTjoiLaOjqLUkZUaSX7Z8ZFRz2_uIIH4uVi_wnExBX8&sai=AMfl-YS2mpaL3eoqeKrl78ZTlWKbgC7ZJDMCFagvNwgeSFbSHC_AvQ_zXitA4GC9KUZeFouYi1qJHgLFmUv8bKCiHS-xgViKkeTr-Xu2cADLFnNMDKQcCxgPkKs8Fz32g2tAnQ&sig=Cg0ArKJSzADvfAv1y3LxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EBC9D09474BA2A3538FECA7262C2DE6C
Requests: 2 HTTP requests in this frame

Frame: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A139C55204B8283B3BC1C7192D33ECA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js
Frame ID: 5E81548C012F740F67F1359CCFC58858
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kd444abgvmw3vrfqes5tym3avej1xe26hf43bnkpx7d06a6cdrfbq8vhexfk09j0psw6s2c8a94m1mm7ce6cg1cqapdc2243rk3fa7xac78g7k9bdk74pb1shzf9dgjj0591t087n62rks20383knx6r7xw54meqs87nfa209qdea1qpc5ck7dr5djhg9r0nq93ayztw9t9x6g4481r7s2mkj3yvzj3z4d1xjxy3p2d6r75ttkq115hdkcgazgrekzd6z6bspqjgwxecnx9xvje0ha4g8mhf06ct9897ntc78ktnz6amq5307ehajcxd2cnr9jp02w73ngqserddvh50xa3d6qxj0gj79y90ex63gq1cwtfhxyhzmr97ed0gy2ebbdq4cbgv3pnkssbze2g95b03anq&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 54905A8370E288695583EC9B35DA60E2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 142BBECF3D3880D3640DB7380164AFE5
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
Frame ID: E7CB724A50E2CCFE9DDFDA51641E5A53
Requests: 14 HTTP requests in this frame

Frame: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F656C841B404F5243A9FE340319AAB89
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g4t34vmedw4p4r3cpnptspn1k1m3fsn13wms6kn75kx0hwnay4g6wtc7ggwn54w19jamhzwy7jhvvr3qce3rarx8x3e4crjqh02n71sam2ts8rh36h7n73v9mxwxs290jrb6pahy7q19wxn55gjd4v7bdpwqj24df83cch2f6br8sbsew2z54tg9y41q99zdrh3yt5qbp3a3be2xjgt9hm2xsb0t5q31qtkxdas5t4smwjkm25xgj88186n0xysh1fb91qm0t0dxj7120yyfjvskryy7peyfj19e5brhfrakk8tmj03mbmg8vw464n1p15yf134qw10wqbqdgqh9f4cnmndvz6asc2yfe4kr274ndh28mw78wmqsk2613mb64vgw0zwsj86recdtpdkbpysmmbqcvnh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 1FC826EC6CFE8DD9EB58F7E5DE370A8E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8D997D56BC1912B026EB6D811C9A786
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 272B6E8F34F7C3F2E64C532BF6F4C0A1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8WRqYNTwbTpK3HmRM__soE4UlaLQlPAh0-RfSccOQj6GFnwvlFNlwE7zPDUTkvidlj6j3D7LGVcy9GbUlwjk0h6pDJDiHTE6wTYcYoyx1sycMBPSpAH-XYW6AmpLRnN5qMrmHdIf2qiD1MIlWqL4Nj8ugGzy7DeggYH9vyixM0XfImBP2bfmmtGsU8-WiLQLMd_BiPw74_aOolfCJ256_f-JBil4tcjzqtS0lXtaqVtZE2BJ_rN8-OpGTnNDKI3vM3GcXq8vBY05ktfBaMp3YiFsntJ5sfpK9jN-40xDxTIaHCreisB2xRglenHPK102scaKKVfxOtHw_Pk8hG6h0lFrQP-22um5mG1ZbetOWPvQtnrVMMNpuPqfNf4McDmDV&sai=AMfl-YRQX-0FAazAFk5957rTHr1ZnU_tyget_BqifY-xdte5KuHDbmEqyIOEjIntZVMwthIZYp_R4GnwId9HGYhOXLCyLAUoqiH1PDbDKmkYPdlzcoSTTSad7GHLAJQ3-xB5omvC3CzWbKxhfEJ-rJEINEQ&sig=Cg0ArKJSzKjReuRbEjY4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E532926857F19E3A93256CA36A4B4CD5
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A6E92EFFB6CBC7BF010C89E0406F92F8
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Frame ID: A75B6AA02EA03DDB21B26001BC83F821
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Frame ID: F1962F3147666A6A61283FD5DB19EBCF
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs
Frame ID: ED98826202B2D85440DF41E9DA0B068C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shorten Links And Earn Money | Cuty

Page URL History Show full URLs

https://cuty.io/Q18titUI40 HTTP 302
https://cutty.app/Q18titUI40 Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

237
Requests

88 %
HTTPS

47 %
IPv6

45
Domains

60
Subdomains

40
IPs

11
Countries

4185 kB
Transfer

7134 kB
Size

41
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://cuty.io/

Search URL Search Domain Scan URL

URL: https://cuty.io/payout-rates
Title: Payment Rates

Search URL Search Domain Scan URL

URL: https://cuty.io/register
Title: Earn Money

Search URL Search Domain Scan URL

URL: https://cuty.io/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cuty.io/terms
Title: Terms Of Use

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://cutty.app/Q18titUI40&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cuty.io/Q18titUI40 HTTP 302
https://cutty.app/Q18titUI40 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1190213220%3A1674485605929540&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd2seJmQESx7zflF73BNgidFNnHjYsNSPeBm4mGBIyW7MPLS1qRjnzrGMpTxL0LyDY4ML_8Dw

Request Chain 55

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-418529419%3A1674485605940644&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDmfmTzrgt0ia3y3F2sKnwrOxeEMflJDRTPw5HUlD0_neo5NfgukNg-x-6nJb8nmzYGjlvFQ

Request Chain 138

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECUJh2jaWExND7zlkiSaceU&google_cver=1&google_push=Aa02lx9k_THRxA233BQocnLMO11GL0WuB3QH6pZoNosnWtbwoO2FwsOMJPVVBsBsSvTWU3iTlwY2Ys0fRKZV75DN89aeDUZtCGs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUJh2jaWExND7zlkiSaceU&google_push=Aa02lx9k_THRxA233BQocnLMO11GL0WuB3QH6pZoNosnWtbwoO2FwsOMJPVVBsBsSvTWU3iTlwY2Ys0fRKZV75DN89aeDUZtCGs

Request Chain 139

https://a.c.appier.net/gcm?google_gid=CAESECJuB8n-xQJTLPU-qUO3KIs&google_cver=1&google_push=Aa02lx9Hmt_wSRWYLXmzvR1_-8jJiNT6rcZc5Ah2sVW8xgZpN0jbRIQa7q3LV9z8En7q0ix8-xSkjUsn54LJnOarJtzMwQTJuEk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q1dKT2gxa3JDR2F0TFZ3OGFKX09Zdw%3D%3D&google_push=Aa02lx9Hmt_wSRWYLXmzvR1_-8jJiNT6rcZc5Ah2sVW8xgZpN0jbRIQa7q3LV9z8En7q0ix8-xSkjUsn54LJnOarJtzMwQTJuEk

Request Chain 140

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO1mS_JMPINDnNFubCM3l-Y&google_cver=1&google_push=Aa02lx-QAH9_XvC4qvAwrLupXJG45BrJ0JMvXeteulaLqHRqcyBLeMNcNyvbQjdP-Bx1h-x60VpXSnC2DRnC_vBiPmAhP_WAm8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-QAH9_XvC4qvAwrLupXJG45BrJ0JMvXeteulaLqHRqcyBLeMNcNyvbQjdP-Bx1h-x60VpXSnC2DRnC_vBiPmAhP_WAm8w&google_hm=eS1yRzZRNk1sRTJwSEhsTTVKLlBFekFPZnFHRklqcGdkNH5B

Request Chain 141

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBLmMIBpKBj3n7eNFa2Hv3o&google_cver=1&google_push=Aa02lx9Xnrlaec_8UoxeY9z7f8vBvIcBG90nBAT3yt16AWBBX1siSnBm50KU7H9hcl6IUWcbovcMP-MTjl30I8kk2VGgoROu83Nw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBLmMIBpKBj3n7eNFa2Hv3o&google_cver=1&google_push=Aa02lx9Xnrlaec_8UoxeY9z7f8vBvIcBG90nBAT3yt16AWBBX1siSnBm50KU7H9hcl6IUWcbovcMP-MTjl30I8kk2VGgoROu83Nw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rTYe3yhJRTmljF2P2z4AdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9Xnrlaec_8UoxeY9z7f8vBvIcBG90nBAT3yt16AWBBX1siSnBm50KU7H9hcl6IUWcbovcMP-MTjl30I8kk2VGgoROu83Nw

Request Chain 142

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEJ_3xx4y_TzGfhtL5NzVsPI&google_cver=1&google_push=Aa02lx893gxFzl4TIAC8TdL9fPlEYdJbpSAC4BluPYyt5rzt7bu4tAS-ke4emPZc8iGwoJbfLqDpw_yB8KurV-9bNMXmCvXcyRx8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx893gxFzl4TIAC8TdL9fPlEYdJbpSAC4BluPYyt5rzt7bu4tAS-ke4emPZc8iGwoJbfLqDpw_yB8KurV-9bNMXmCvXcyRx8&google_hm=QlMuMzZlMS1kNmIwLTQyOTYtYWY5YQ==

Request Chain 144

https://ads.avads.net/sync/ggl?google_gid=CAESEMESb_iTMZAv7vcVbgR11FM&google_cver=1&google_push=Aa02lx_r0RAATbY_WWn8_AES8ELIrDAa4YPFmEpAzX8EjhpRCi5TBzjEMRSGAkPM9FYBXhG7UfwgbLc_CrvIrD2cspYNjqEyNPg3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTcwYjE2MzctODMyOC00ZGY2LTliY2QtZTY0ZmY5MmM2M2Qy&google_push=Aa02lx_r0RAATbY_WWn8_AES8ELIrDAa4YPFmEpAzX8EjhpRCi5TBzjEMRSGAkPM9FYBXhG7UfwgbLc_CrvIrD2cspYNjqEyNPg3

Request Chain 165

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&google_cver=1&google_push=AavPq0OR8vfYIs0Rwvil13ImsjghlqvIJDzMYN8gMxdtFh5-IHnHGedSQFT9XLdfQ4ZBKfKiGRigYo2JfMwpkrmGdTKGmlu3zbKr HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&google_cver=1&google_push=AavPq0OR8vfYIs0Rwvil13ImsjghlqvIJDzMYN8gMxdtFh5-IHnHGedSQFT9XLdfQ4ZBKfKiGRigYo2JfMwpkrmGdTKGmlu3zbKr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y0JSWFlUTTkxUGpZY241&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&google_cver=1&google_push=AavPq0OR8vfYIs0Rwvil13ImsjghlqvIJDzMYN8gMxdtFh5-IHnHGedSQFT9XLdfQ4ZBKfKiGRigYo2JfMwpkrmGdTKGmlu3zbKr

Request Chain 166

https://ads.travelaudience.com/google_pixel?google_gid=CAESENmzZvm1OTl45IuU2fKdRHA&google_cver=1&google_push=AavPq0Pr9BW_CeIAK481kXfGar_WXgrNleTf38au3A3jaHOSt_3JLPKXdpduTsaZcE9eT4jN7q5SrvRv1HFi-aqJjo3YufbX5YBE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OHUaLJItSnWFzPJEtz1cMg2&google_push=AavPq0Pr9BW_CeIAK481kXfGar_WXgrNleTf38au3A3jaHOSt_3JLPKXdpduTsaZcE9eT4jN7q5SrvRv1HFi-aqJjo3YufbX5YBE

Request Chain 167

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHx5xzM51ePo4bVo-hvRQL0&google_cver=1&google_push=AavPq0M4mAOMOFprS7LwhYp7F7Fd3vXehQYYY4hCj453Ee5IpRrxDLh_42Mcvafu_JM6vQBHfqZri-AJYrXsHl4Vopvr5ajZp8M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M4mAOMOFprS7LwhYp7F7Fd3vXehQYYY4hCj453Ee5IpRrxDLh_42Mcvafu_JM6vQBHfqZri-AJYrXsHl4Vopvr5ajZp8M&google_hm=eS1WbXJHV25oRTJwSHV3blJyZnNaZ3AyaVdfZ0xRRWpqOX5B

Request Chain 168

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7ikUgv9IzKESXduq6EnXw&google_cver=1&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7akuOfgIK1AVQzXKdRS9JS7WGV3 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ7ikUgv9IzKESXduq6EnXw&google_cver=1&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7akuOfgIK1AVQzXKdRS9JS7WGV3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4MDI4Nzc2NzI0MDQwOTE1Ng&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7akuOfgIK1AVQzXKdRS9JS7WGV3

Request Chain 169

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP1zMHBSgkeEXpGH-zefxP8&google_cver=1&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQvbPuCyvNKOwn HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP1zMHBSgkeEXpGH-zefxP8&google_cver=1&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQvbPuCyvNKOwn&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQvbPuCyvNKOwn&google_hm=GCO9rGZHkC8Km2-9T8m64RbK

Request Chain 171

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFASTIGII4_SUhDWXim_l_k&google_cver=1&google_push=AavPq0OPSKMO3hrtSKEW5QvRGxgZaj5ze6RKAhDQKYeaIp5_gq1tLP2WTSYLs5PdWNB3cs_lAhCeoFI5skplzQ31Cy3e8Lhy578Ahw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OPSKMO3hrtSKEW5QvRGxgZaj5ze6RKAhDQKYeaIp5_gq1tLP2WTSYLs5PdWNB3cs_lAhCeoFI5skplzQ31Cy3e8Lhy578Ahw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 195

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1674485607_b1ea7680-9b2d-11ed-a66f-223554f889ce&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 203

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNq64P743fwCFQPhuwgdvL4Iew;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 206

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fponeid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=

Request Chain 226

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

237 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Q18titUI40 Show response
cutty.app/
Redirect Chain

https://cuty.io/Q18titUI40
https://cutty.app/Q18titUI40

52 KB
18 KB

244ms
174ms

Document
text/html

2606:4700:20::681a:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutty.app/Q18titUI40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e8584c61bd4b0f4d64413d1fcdc674bd7a1a73917b4979d6e85ea1c9f1edcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 78e15bd8c96491e9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 23 Jan 2023 14:53:25 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yz1w8og8x0eRs4N7QJ1m4%2FAFJf02oUpHrgo6KN3dB%2F0yGuCBJZN6RliCoDMsp%2FuTrZ2jPrcdg1FBUfcbU9CMSQIjfdcsfSDVLfcjV1ONtp9S4p2SCF9%2FHW8TciobB8ivi%2BYC8jjQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78e15bd77fa4910a-FRA
content-type: text/html; charset=UTF-8
date: Mon, 23 Jan 2023 14:53:25 GMT
expires: -1
location: https://cutty.app/Q18titUI40
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=375emWAminSqpAMOez%2BRuAtHLQfDkFupb3BiMykTumCCHkhhUWX3wNJNlp66vOjkabt6Z6QT0MYawAB56mX6aUSWRZiYM3f1zHGDvXYlxSv4gfWeU35npoevi77%2FrPa8E%2BB38Gna"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 153ms
59ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d27c8ab7e8071771e28d1ee6bc3cf0fb9845b7f38e22a7e1b08cbd6669900a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 14:37:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Jan 2023 14:53:25 GMT

GET
H2 200 public.css
cdn.cuty.io/css/ 51 KB
10 KB 55ms
32ms Stylesheet
text/css 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1914851
cf-polished: origSize=52548
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Dec 2022 14:22:02 GMT
server: cloudflare
etag: W/"63ac510a-cd44"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66audSQUc62quk4f1E1d8Bf222iKfOYV%2BiK1d2kwsj4BFi8EIprzPTfewovSCHZlQbvARVNViTwLKyjUxda4qLhDI2al1VZNEDGwi1fWUsgWJaE2iI1fNBMaYDzZgWd6AF4JQXiZXvw3ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 78e15bda1c6c910a-FRA
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 logo.svg
cdn.cuty.io/images/shared/ 6 KB
3 KB 67ms
61ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/logo.svg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1914851
etag: W/"63b16742-175a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wq98E1uVKX4ezhKMp3cX7yZfue5vuiHJRJkBjaqSUqtp8RL8uj1qszyQ7HgtrdR3H9bcapH8duqk06iz%2Bd2Qh9NuL%2BBLMt%2BHWa96YHSg55taapDN3ADoReO1OmEstgHCdlhfx4GYPTH00g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 78e15bda1c72910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 locale-en.png
cdn.cuty.io/images/shared/ 24 KB
24 KB 42ms
37ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-en.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318348
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24647
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-6047"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okV950blcYshYTji5XV7ggL3988caDAvmlifrV4vtQzp2jrqf6E9TG4vOZgWEXg3sW1Amswgb%2BKKkXNwK0fzfqhfEzqt%2FPDBWLB6ENzxOZzx3Zw6KdW%2FuytuwU7eQsIxd1fvdmuf6evetQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda1c74910a-FRA
expires: Fri, 12 Jan 2024 18:41:26 GMT

GET
H2 200 arrow-down.svg
cdn.cuty.io/images/shared/ 220 B
556 B 37ms
31ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/arrow-down.svg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1914851
etag: W/"63b16742-dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMe6eUmGVVdyMugDoboOnGFQrxBeYVk%2F5oBZSnYIE4jty%2BsTbw36XmPOmrMIucFKPQPz5WAOXSy5rdiLHn5mXiB%2BJ8naF5kL4X0e1GVLIbb5wox43QUTgZtlGLBDLreAgXIiJGax2%2B5rWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 78e15bda1c76910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 locale-es.png
cdn.cuty.io/images/shared/ 12 KB
13 KB 39ms
34ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-es.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 318334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12579
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-3123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikNi4xZmhJ1T6AEi51qmoCh5vqetIIwWzUnkuitlOdapIa01OKEtDEO2edvKWkfoA%2FxQGAuhsOvZp4sJMhwW0hcIFfCS8hfbpfAZK905zMSmm%2BdX3u7zZQgebXpLNa14ZoGWGYt2H8FWBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda1c71910a-FRA
expires: Sat, 06 Jan 2024 21:26:51 GMT

GET
H2 200 locale-ar.png
cdn.cuty.io/images/shared/ 50 KB
50 KB 50ms
44ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-ar.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218025
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51070
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-c77e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPnbYCtQR0rgG5j%2FGb2MC54prNemnZoJoUf%2FqiwgxrxWl3QBsUFliKTU5qGsr5n%2BIFoqhfqs9tvZX64SJ2JAlQVkRQ6tEpnJWU4cnGehgSwmww8gtTanGKK9yz5BC9a%2BUZxvg4m2Odt8Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda5cfb910a-FRA
expires: Sat, 06 Jan 2024 19:01:27 GMT

GET
H2 200 locale-fr.png
cdn.cuty.io/images/shared/ 16 KB
16 KB 50ms
43ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-fr.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300144
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16411
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-401b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWwPv1cJWLv9Zj%2BctNQ2PigzKLICpbbPutBDCaL6wrrK4coudZ5KsUBi%2BkRYjzX%2FO2dkFVn6N%2F7Rh42eQ%2FVqAHn%2FXE3vMEAY5LE0ipDnrVGuWpYBKhs%2FW8xaHVsJBAEzN8gp9zY67t1drg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda5cff910a-FRA
expires: Fri, 12 Jan 2024 18:04:16 GMT

GET
H2 200 burger.svg
cdn.cuty.io/images/shared/ 207 B
501 B 49ms
43ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/burger.svg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1914851
etag: W/"63b16742-cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXo9ObNwtxRuWFCx%2FQd%2Fz%2BKNi0wwlkpgo9LZPztQGzQLLW0adsAzi0NF%2FA4hqfjQii1xvBz7DVNISdRTvb8xiLUNOxdUQZpFeyb60WG1JYG6kE%2Fal5GgNfu1sNZ8obKkxiOFEJannSUstw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 78e15bda5d00910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 x.svg
cdn.cuty.io/images/shared/ 209 B
475 B 48ms
42ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/x.svg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1914850
etag: W/"63b16742-d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrV8S1en7bNrHDlYoZaNKzE6rmA0hfzPPT2UMR2fGrNVcsj7rn9sZbt3EmbhhKnvT26H7AMk4Ixkkodmptpxj9tH5BakO%2FrvUyF9iXBSZpTC3rXqcf0M0lbAZ8NKqYiFHu%2Fd8OudbYxxZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 78e15bda5d01910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 facebook-icon.png
cdn.cuty.io/images/shared/ 409 B
774 B 48ms
42ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/facebook-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 304407
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 409
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-199"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trBl35ZC88tb%2FRYXyVcWIi6WQWEPUmmyUWINULZ78AOwv1kecL7lhRTbklafOiOYRzHmsc7WFYr6UL%2BFx3yHvrqy%2BKnnoyYji4Rc97jL%2F9K3QN94oQzerxmj9FpMIdekgiMhcQ2vUnxCUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda5d02910a-FRA
expires: Fri, 19 Jan 2024 22:05:11 GMT

GET
H2 200 twitter-icon.png
cdn.cuty.io/images/shared/ 809 B
1 KB 47ms
41ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/twitter-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119657
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 809
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-329"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzetQEud%2B56l7DfD%2Bzv4qH3gboEMX9N%2B6TQ4tGjZLSXU97KIeAA4lk2Jve5xkPWOCeSU3a5A0jzuxtwYYMMXvtc4NKtIwDUBvbGxZQ2%2FGKcNSrgRdUJIwE96HBYB7t0SHLm7ociS6C84CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda5d04910a-FRA
expires: Fri, 19 Jan 2024 18:53:46 GMT

GET
H2 200 linkedin-icon.png
cdn.cuty.io/images/shared/ 222 KB
223 KB 35ms
30ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/linkedin-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 221570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227769
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-379b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Atu%2FYgJxq1LIebDsRYDRM1dz8pCJnjgBLns9Ag8kqCs0miWt1CABSstXTXRygz981I3zsKuwKWcEl%2B5BRlbad4kvVwv5jjXUzrF9BfRQbLBlZGhmF8%2FoO0J0toV8XsYZmgLCiH9OiN2x%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda5d05910a-FRA
expires: Fri, 19 Jan 2024 18:54:41 GMT

GET
H/1.1 200
OK 60028 Show response
nannieslamaic.com/1clkn/ 6 B
1 KB 272ms
35ms Script
application/javascript 142.91.159.191
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://nannieslamaic.com/1clkn/60028

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.191 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 23 Jan 2023 14:53:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 / Show response
d1b9b1cxai2c03.cloudfront.net/ 351 KB
114 KB 253ms
179ms Script
text/plain 2600:9000:2491:2000:12:409c:d0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2000:12:409c:d0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e2ee89c7d8b005855815d9322fc256807b79e35dfd1bc02df09d3e383ea4ba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: gzip
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 115923
x-amz-cf-id: bHpF6Aiiysi6bkeflrRc_ZLsmxLazsMkFppZbCVPpWbk3HuzP65w0g==

GET
H2 200 step-1.svg
cdn.cuty.io/images/public/ 2 KB
938 B 46ms
42ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-1.svg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1914850
etag: W/"63b16742-658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzLvlzAzX1h26sXFS1GBwyt5G%2FwSOgznq%2FE37eQzc%2FBxcuL2Zdn%2B0UWyPsYF%2Fhtiz%2F3sMZCLXY2r283vk2xtFHOQvxZPJFVnmgzYd%2BTdm%2FUGeeD9%2F4f87zVv9TIUzej9YiK7d8%2BK2Hqo6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 78e15bda5d06910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 step-2.svg
cdn.cuty.io/images/public/ 2 KB
1 KB 49ms
44ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-2.svg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1914850
etag: W/"63b16742-607"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWohM9D7RP%2BGYYbk2IHHIp6S9ms3cIFITN%2F5pQVGqXHDf17Gau%2FLlCb0S9m%2FssjRfV3laC%2FVQaQobW%2BqIw3qoQYDklMFNJeV3DE%2BjBs6hUk%2FxccPQ%2Br9wix%2FIiDiAiKKzNJVps7Ft63Itg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 78e15bda5d08910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 step-3.svg
cdn.cuty.io/images/public/ 1 KB
746 B 46ms
42ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-3.svg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1914850
etag: W/"63b16742-45b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCh9lBhFSvQe%2FHqA383mHX2iLGRiuxxrDG9e6NNkl6HcLY5CnO%2BF0Go0oM3wI6gkhohL9nCwdGoT8rOKYXyRFyHijryCw43Xs2AklX%2Fs5O1X%2F4SUGxTxQCsq%2BG95IrhTrt7S76Zd8cm7tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 78e15bda5d09910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 money-tree.png
cdn.cuty.io/images/public/ 27 KB
27 KB 49ms
44ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/money-tree.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123347
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27646
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-6bfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6dHGNjyKPW72BXavLsrPs6CA6B49%2BTJc0DgBmbR%2FDkaIpQw0%2Fw2YEYise4kepmcPuNtoqvi427u42DH1Yconaxx%2FhXB1YbYxeQxi902fEvxEKyk%2BY%2BVGG8C%2FVAc5fsEE%2Bi7WETqB5Rhgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda5d0c910a-FRA
expires: Fri, 19 Jan 2024 18:53:48 GMT

GET
H2 200 bitcoin.png
cdn.cuty.io/images/public/ 30 KB
31 KB 47ms
43ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/bitcoin.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1540553
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30766
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-782e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjvrpGIOxmbQZl2HPA4iUHlhyJqB4vtLo5ZqjHVnhcEd95A19q6mxfJ%2FSBsXKDJ3HJaIl37qu5i5bFJ35mR%2FGNwwNZf8HsFUawt6ptKhheSiSOQqAQOrnAe5pSNEdELcKYjoJy3zQMSr9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda5d0e910a-FRA
expires: Fri, 05 Jan 2024 18:01:56 GMT

GET
H2 200 payeer.png
cdn.cuty.io/images/public/ 1 KB
2 KB 71ms
67ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/payeer.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1450766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1390
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-56e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThiO5JHJVSJ1oA49KBN%2BHO5nOfaxclzf83fQhpxvAQGkjy7QRA%2FIUcQiw40%2BfUJHdjJpMrL6YoDwgcxwg%2B8K1PkOBqXhoV8ylpClTJDmCMD6UxC9HxYOgNXaXOUf4%2FZ4wrr9NVH0gw1pPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda7d48910a-FRA
expires: Fri, 05 Jan 2024 18:28:34 GMT

GET
H2 200 paypal.png
cdn.cuty.io/images/public/ 24 KB
25 KB 65ms
60ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/paypal.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315218
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24721
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-6091"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDbEU863SzRtnT9DSgyYJJVAhu9KGPtqWJcFEEw9CtUQtXG%2FsY%2F9bLPvW8NVtYRv352y2mm3A8xzZO7i5uI02pc%2B5QQqKm2uAKBrbfBF%2FV%2BQ44lY5%2BVHvWd5ONDNgbylKtiBMM0qe7%2BkJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda7d4a910a-FRA
expires: Fri, 05 Jan 2024 17:57:05 GMT

GET
H2 200 perfectMoney.png
cdn.cuty.io/images/public/ 198 KB
198 KB 72ms
67ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/perfectMoney.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 941957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202386
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-31692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mugcc7SGhKg08sJjnlukHYCDM7Lx9UbWZ6w%2FKZHZbpaq1nAMtrlxKUw7VxmpJhT6wmJHsPNnBzPYJjxFEiKf67JIePorDfL0ATAvsHfD3%2F9M3MSLrIn%2FDOXQng%2FxsUaUpztsTv4%2FykpYdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda7d4b910a-FRA
expires: Sun, 07 Jan 2024 01:16:34 GMT

GET
H2 200 advcash.png
cdn.cuty.io/images/public/ 8 KB
8 KB 65ms
61ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/advcash.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1446677
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8141
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-1fcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS31efguEZVkU8w6kfJoONA%2FYqE6Ag0OlgMd72S4HNi8jZXPi%2FvERfunMeveSA%2FsLjmhdqobyBud6ivzPuQOC6sR0JgtAjSoo09PN6CRGX9BpGwytWI1u3IcNwcaqeFwxl3AYtd898bHow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda7d4d910a-FRA
expires: Sat, 06 Jan 2024 20:30:14 GMT

GET
H2 200 airtm.png
cdn.cuty.io/images/public/ 2 KB
2 KB 72ms
68ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/airtm.png
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 932602
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1558
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHW62OO2euRqiiIvHfrOVgp%2FUQtrGgKEJbdrrvZTDPi2kkv9hj7HtHuqaeyPZC%2Bnh5lzS%2BO4fCsw9JVr%2FucGRxTTjwkBqgEp5%2BJU8b8GQpT0QuKh4ohLJarO1ynYsF4Ojmu4Z0xqx4buHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda7d4e910a-FRA
expires: Fri, 12 Jan 2024 18:18:59 GMT

GET
H2 200 base.js Show response
cdn.cuty.io/js/layouts/ 104 KB
37 KB 62ms
56ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/layouts/base.js?id=bc813ca38dc4dbda754827e747c2432c
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e205035f95d2df2de450fc415ca764d947545541d1b3501ba2c76f8094c877e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-1a0b0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkf604xfB5Oidfx6Mrl1WWhMnfJRI%2BPTz0ZWTB2dR%2Bj8UEDsmoFWxpqFs%2Fl457AMpAv41OH%2B%2FgO2Cn%2FOlm8%2FfluliJ%2FyV0W9bltQL6rGwYtbvciWKyjFglp4biEVWLXR%2BbM49Ih43WdTYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 78e15bda1c70910a-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 first.js Show response
cdn.cuty.io/js/public/links/ 24 KB
8 KB 72ms
68ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/links/first.js?id=d283d38a711a8751c0103864121763a6
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059fbd3e3fd10036ccca55b5d8ca87fc56519c981f8920765f8258272a78dcda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588931
cf-polished: origSize=24370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-5f32"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIrdDbaD41IVE7Gk1qq%2FhEA7yEZWQIJ0UlIsnLadLRFZhleLVjslooPhqGdrtxdFpskDe8QS9pPEsVkIdeKqm6aH1RBa%2BN9kVTz%2BMbO3CsTRwWcGBaU4Bhhppfu%2Fo9McrD%2FzmHWQbrtKSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 78e15bda7d51910a-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 169ms
59ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbd08f2c4c52ca2c903bf94dd72aea0181ada5543ddbdab9c684291254432aca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Mon, 23 Jan 2023 14:53:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 157ms
60ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b9e598f076283a5fa43b7c6216db61dd61c4bbf860a70c04893e018f27e3bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 23 Jan 2023 14:53:25 GMT

GET
H2 200 nav-links.js Show response
cdn.cuty.io/js/public/layouts/_partials/ 3 KB
1 KB 72ms
68ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6170c176158b385f669ef60f0f8ff573663f2f5356d3bd3721e4fbbd9d2f3af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-c19"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6tMYw2ByawlLMPqrPmqZHLHOYi%2BsARtzhAql5tppwr7oQUFpKtAgY8tKt2UlO9fcHEulMsB59jqsLVTpa3sL97LK%2Bk%2B%2FRxh5AmrQeGlo2xaSs7LBJ11ommPvUH7k%2F0lqsm1iEjKaKciFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 78e15bda7d52910a-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 app.js Show response
cdn.cuty.io/js/public/layouts/ 335 KB
100 KB 77ms
73ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a03ddeac46f9ebc3f24a15581bd42c80926fcbabb42c59bfad5c169bdbfde1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 588931
cf-polished: origSize=343473
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-53db1"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAYtcJe5KeCRaFFuDqC8v8YfP3xoY6SYzgzywG7efQi9n5pMIG7JmvEjyUlqud2uijPd2K%2FmiuQxuGLAZrJNNVC8MpNm8rzJIgd1sCs06nVtGd8bL%2FfQ%2Fpo0XRzXQIapYt5c4sv9Nnuk%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 78e15bda7d53910a-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 212ms
148ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f0ed2ce334fcc6f1b0afcf1bd4f3506d20da2949012da76ae205cd6773a56fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 537
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 78e15bda6d2a9b40-FRA
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 heading-background.png
cdn.cuty.io/images/public/ 95 KB
95 KB 73ms
73ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/heading-background.png
Requested by: Host: cdn.cuty.io
URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1914851
cf-polished: origSize=107203, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96971
cf-bgj: imgq:85,h2pri
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
server: cloudflare
etag: "63b16742-1a2c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGxb3HILsF7ghtCDZNyZlO4FClsSbpuvYAbC8a2ivny0Aalzfi3oR7K6qBXStp4SK%2FVkfhbiIvdFAPyUuqkqZMG5x5eH25WQkPJclT23ulRvJcM4AFCHgHMRFd2F01JeOsO%2BtcC9U5dYIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78e15bda7d55910a-FRA
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 131ms
36ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:25:50 GMT
x-content-type-options: nosniff
age: 1655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 14:25:50 GMT

GET
H2 200 impl.v16.3.0.js Show response
live.demand.supply/ 73 KB
23 KB 37ms
36ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.3.0.js
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb6a860427095d495e066d7a3911ef977a5266b874f76d762fbca1b9b6739ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GMX2V689ENQZTBQ4NFCNSXD1
date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
age: 175256
cf-polished: origSize=74953
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"b19940580c70e30455a2254a785a8919-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 78e15bdb5ef39b40-FRA

GET
H2 200 Y3V0dHkuYXBwLw== Show response
live.demand.supply/p4/v16-2-0/ 530 B
452 B 98ms
98ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwLw==
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86cbceb103552cf2e7edb7c614b2564328a8c74811d9b525a445dd8bac73a9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78e15bdb5ef59b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
536 B 61ms
34ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=213&cs=c&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
age: 1868502
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15bdb88cd91d7-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 266ms
118ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5347c4105095bfd7a60d36cebf6326aa7be3c361650fb65db295b6062389ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27707
x-xss-protection: 0
server: sffe
etag: "1460 / 773 of 1000 / last-modified: 1674475854"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 23 Jan 2023 14:53:25 GMT

GET
H2 200 Y3V0dHkuYXBwL1ExOHRpdFVJNDA= Show response
live.demand.supply/p4/v16-2-0/ 530 B
383 B 99ms
99ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86cbceb103552cf2e7edb7c614b2564328a8c74811d9b525a445dd8bac73a9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78e15bdb6efc9b40-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
603 B 73ms
47ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZFAM2C77ABPCNY7JSA
date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1868425
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 78e15bdb88cf91d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cutty.app_fluid_lb+sq_firstpagefirstbannerad2 Show response
live.demand.supply/cp/ 29 B
391 B 177ms
176ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagefirstbannerad2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97b5f97a81f476a8dfbc0f9e0fc6338a4382d3fba6e69b10359aa711ed219b51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 78e15bdba90691d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 cutty.app_fluid_sq_firstpagemiddlebannerad1 Show response
live.demand.supply/cp/ 29 B
392 B 163ms
163ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_sq_firstpagemiddlebannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5eef3b2cbff39fa9ebe8dbb361f0c2b2797235898e4f7ae7f53ff2291db5f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 78e15bdba90891d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 cutty.app_fluid_lb+sq_firstpagelastbannerad1 Show response
live.demand.supply/cp/ 30 B
393 B 176ms
176ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd5f32fff9e491b04cdb43c89c457d601aa418cfb2918af71fa764786196de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 78e15bdba90a91d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 100ms
31ms Fetch
binary/octet-stream 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 23 Jan 2023 13:31:55 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://cutty.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPBAJKASmR5v7tl5fnu9lQTDOcS6t%2BtpESZTkRkOMRF2lqmIpNGbpofPp65b7mkRpJwgbRmB6MwxGPtws%2BEex5YoYEKW4vYAGbSLBPA0qOd%2FCmwJaMEPCQ8XsU8dF3bn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 78e15bdc5f009196-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
351 B 195ms
127ms Fetch
text/plain 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bed0d34ceb553f63979106b2727e758c35bad031f390b8c8ddd7704e7edbaf3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjyvJr4pUcKrB8GVo2I%2B1hcBGJoXEj1wGcOLdr6wx%2FckcS2qf05BCltxk%2FJGu0ldB3VtQEqyycpGMSR%2Fh0oe2p0nMpbc%2FLxPfxx0Qoi9GTwPpeZl5LYTmltzAuVDhmQi"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://cutty.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 78e15bdc5f049196-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
slaqandsan.xyz/ 0
485 B 179ms
116ms XHR
text/plain 108.138.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://slaqandsan.xyz/utx?cb=VuQ9e2HPmi5A&top=cutty.app&tid=961706
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-92.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:25 GMT
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://cutty.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: xNO2auCjsjkcvGmf6lpukYVKlnWVxkd_ebm7fcirimLTVwNaA1KqbQ==

GET
H2 200 / Show response
slaqandsan.xyz/Q05uTlYiLA0jaSJzDGgjMSJTa2QFa1wIMnIsVyxnIDYPJ2Qgfl1gNS8hGyowMSEAOngtKxprZAUGOgg+DR9dLSANNyMiBQcpFgUOdgELIzp1LV4IJw4kWj0RFzYCCT8ZDS8mbiAKLAcnBQwdPRwRfiQvLCAAJQkAehQ8PSINJx5rZAEbPSVkDy... Frame 87BD 3 KB
2 KB 156ms
116ms Document
text/html 108.138.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://slaqandsan.xyz/Q05uTlYiLA0jaSJzDGgjMSJTa2QFa1wIMnIsVyxnIDYPJ2Qgfl1gNS8hGyowMSEAOngtKxprZAUGOgg+DR9dLSANNyMiBQcpFgUOdgELIzp1LV4IJw4kWj0RFzYCCT8ZDS8mbiAKLAcnBQwdPRwRfiQvLCAAJQkAehQ8PSINJx5rZAEbPSVkDyBbCTcpJR4HAzN6CCQ9OQktKjoTCjsKBjl6VgAuGjonIyVxCAALZwokBSsfBx8dFD0WBQwZGDkbAHs5GRo/Kx8pOQcAFxE+DyBmNw9cIiclFiQGDy4mAS0SFT4PIGZzBgcEIyYZNAsSLX9LfBAgOVd4NARjPCMEGzlbHgIOLCUdbiwHPDk6DwkGNhsbIhwrO3ILCyBnZnwoLWd7ICMKPTYJXCInByM0CDAHHwUFFAk+DyBmKAsHdiwKIx4dMC4pGwUhFiQgHT4uHD8+JiUWHhQwCxRaKmYZegogJnAbAHs5EycnHBoQIQUUPRYFDBZjcxk2dyMiNDQFMBJoBD05LT5TGTN2ACkfGSYoIhg5ER8/
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-92.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: fc43f08021dabc77fc2c32b7d464e16cebb702b9eee5bffb6e908cbacfdb8563

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1239
content-type: text/html
date: Mon, 23 Jan 2023 14:53:25 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id: KOBWVtc7YtWi_UkIEZBFOUplXReurLPTDB-eVYlwxc4Okb8H0p7MUw==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 99ms
56ms Fetch
binary/octet-stream 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 23 Jan 2023 13:31:55 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://cutty.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8PzOHrCIejKda8JkkMAJZtRahJ%2B8XwIPKUk2Y%2BPZ6ShMcadJG7O98Zp%2FN5pzrSWIoMplqu4PGZJrMiiuTntu4yBbLHp3XpelNIZP541NHyVyHYJwUYtYrGiIh1TCiXU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 78e15bdc6f089196-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
369 B 167ms
123ms Fetch
text/plain 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3bd452d4feb90eed0329afcbfd5ebff9bb47ab6ec37e569e8478d66e266361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ka9fw3ij4a3msIzR6Mhety37%2BnWEXm5kNbAt3PU1UYE3hgkqTKH8zAsmvlF9PxYCw5Eh%2F%2FDBNnfYXRgHB90KbEaleMDaWo1CTOXHgynLqDkfy4aPdqPH8PYxr3n7KPR5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://cutty.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 78e15bdc5f059196-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
slaqandsan.xyz/ 0
487 B 152ms
115ms XHR
text/plain 108.138.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://slaqandsan.xyz/utx?cb=hZBA458gMfBp&top=cutty.app&tid=960534
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-92.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:25 GMT
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://cutty.app
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 6ISj0f-Hy8WkBe95SiU-F0s31DZbFyyaW2VN8iPjGbAJyeHkfRCDPg==

GET
H2 200 MFZ0NTVRNBdYClFrFhNAQjpJEAd2c0ZzUQE0TVcEUy4VXAdTZkcbVlw5AVFTQjkaQRteMwAQB3YyOWFZSRgjDGZmPgxhYHUAJXNSWAE2Qll4FBhGbWUhMlR0ZRMxc31bJCYFQmgwHgBccQI2Qm1iMjp2c3YFNWcNVQA1c2JyECZkdGYfMWRNfRkiY0FgFyFZc2MER... Show response
slaqandsan.xyz/ Frame 0C49 3 KB
2 KB 140ms
115ms Document
text/html 108.138.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://slaqandsan.xyz/MFZ0NTVRNBdYClFrFhNAQjpJEAd2c0ZzUQE0TVcEUy4VXAdTZkcbVlw5AVFTQjkaQRteMwAQB3YyOWFZSRgjDGZmPgxhYHUAJXNSWAE2Qll4FBhGbWUhMlR0ZRMxc31bJCYFQmgwHgBccQI2Qm1iMjp2c3YFNWcNVQA1c2JyECZkdGYfMWRNfRkiY0FgFyFZc2MERVBgWxQkd15pHCVwBWQANmBtZBQ5fHRcYzByBFsSIXdNcTVFWlNzABd9bUg6O3IEQxosXgFyEzIFd2YhLWRtYRM9ZF1EMDJ0WkcTMgV3ZD4AV2JhAxdkbVQdNUJeexdFRmx4E1l0c3Q9Mn99XBctY3NDDCx3RmUVDmR0aBctbWRhGD90Qlw3LFJRdgA2AWRoDj1WZHEDMGJzeQ4xcwVyDhxRYnIQQGRjRzISYFl1FyNSf2UeMXdPaDExdG1xADZ3dAESNWBwdxIiVn1oZj5sc3YHEGJ3SBcXBFpzEhhCcmcEEHhhRwdSX0ZfOAQIU3wSAkBQewcnDXd1ZA
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-92.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: cdff2861f10b799c1b8f5564ab4d80ada546fe2425dd5bdd5e0e5303a8828f86

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1227
content-type: text/html
date: Mon, 23 Jan 2023 14:53:25 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id: iNckuftl1XxNJ8_5J78aaek2wqeqn65yNzzioRrWQtit6539ZU8bUQ==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

GET
H2 200 dDMbI0trAg8jDWkSCTAjZjIJMxYIIRInTnISeSsSYi0ZMzNbGwEnDXx+KDdLRhgMOxNgGx05HkgIGDMNFyA4HhRBdz81TlInO0kAQxI Show response
slaqandsan.xyz/SktxejErKRIXDit2E1xEOCdMXwMMbkM8VXspSBgAKTMQEwMpe0JUUiYkBB5XOCQfDh8kLgVfAwwhEix3HCkLI2IaIQIwchseRTdnAxsjSHMjEwY8aQUyKDtmCw0CM2I5CDQQRiYdQQ11CRM8GGUIHQIgZCYqND4JMx4ZO2QaMSspc3soBjdgeg... Frame 82FA 3 KB
2 KB 134ms
117ms Document
text/html 108.138.7.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://slaqandsan.xyz/SktxejErKRIXDit2E1xEOCdMXwMMbkM8VXspSBgAKTMQEwMpe0JUUiYkBB5XOCQfDh8kLgVfAwwhEix3HCkLI2IaIQIwchseRTdnAxsjSHMjEwY8aQUyKDtmCw0CM2I5CDQQRiYdQQ11CRM8GGUIHQIgZCYqND4JMx4ZO2QaMSspc3soBjdgegcjIlItDxYJUhoiST1mInsGGXd7PCMyCCYYFihzLxg4PWYIHlRIcwMjBi5geA5GPUkEDygtYywMNDwBECJBLmB4Dhg4XSIDKyJzKS83KFsQGRI7YxIjBiJgExo4KWQOHgYjAQQ8IxxzEhkfMWAECCsUHD4oMDxjIBEkHlUNGCROcDIFNT9fCC8zEgF+GxYVZRt5NANyJh4QKl8yADM/dDMbI0trAg8jDWkSCTAjZjIJMxYIIRInTnISeSsSYi0ZMzNbGwEnDXx+KDdLRhgMOxNgGx05HkgIGDMNFyA4HhRBdz81TlInO0kAQxI
Requested by: Host: d1b9b1cxai2c03.cloudfront.net
URL: https://d1b9b1cxai2c03.cloudfront.net/?xcbbd=961706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-92.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 3853ccce7978b60a38e8e5a2f7b5fd56cec00ad9f7fefa61f14a6e2e1458361a

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1211
content-type: text/html
date: Mon, 23 Jan 2023 14:53:25 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id: vGMaBYBycogjMwyRGz4h3B3JOJgXjeawHXTOt84CdTwK5mH3vtjPKg==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

GET
H2 204 b3RVRkJASzY1fwsaPQUMNz4XFRoiOQQTACAQFAgBPTElPgAqLXMyKwtJbHBzWERjYDIGEGh3ZBwANDI3HElkYCsBEjp7ZBlJZGhxW1pmd2xdUiB7c0kAJSclUkVzNjYbGGh3dFhAYX53WURgcXZa
ihopuchcomp.xyz/ 0
408 B 200ms
126ms Image
text/plain 172.67.137.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihopuchcomp.xyz/b3RVRkJASzY1fwsaPQUMNz4XFRoiOQQTACAQFAgBPTElPgAqLXMyKwtJbHBzWERjYDIGEGh3ZBwANDI3HElkYCsBEjp7ZBlJZGhxW1pmd2xdUiB7c0kAJSclUkVzNjYbGGh3dFhAYX53WURgcXZa
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fCsUN3X3OJpxjSto2CdfV1v0egmbwXrYX3Hk4045xBQPFY3GYPnFB2mwbW%2BFnEnX2YJCCBOFibyUcLgJEWFbmHG7xgP%2FIMzHflIS4ypTbmUHQXgGx7BThy7q8yLz5WHb9o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 78e15bdcbe19b3a7-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 206ms
143ms Image
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S-1190213220%3A1674485605929540&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSign...

0
0

238ms
238ms

Image
text/html

2a00:1450:400d:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1190213220%3A1674485605929540&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd2seJmQESx7zflF73BNgidFNnHjYsNSPeBm4mGBIyW7MPLS1qRjnzrGMpTxL0LyDY4ML_8Dw
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Server: 2a00:1450:400d:80e::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Jan 2023 14:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KxMc9jDzAjasej3vq2uCDg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1190213220%3A1674485605929540&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd2seJmQESx7zflF73BNgidFNnHjYsNSPeBm4mGBIyW7MPLS1qRjnzrGMpTxL0LyDY4ML_8Dw
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S-418529419%3A1674485605940644&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...

0
0

78ms
78ms

Image
text/html

2a00:1450:400d:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-418529419%3A1674485605940644&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDmfmTzrgt0ia3y3F2sKnwrOxeEMflJDRTPw5HUlD0_neo5NfgukNg-x-6nJb8nmzYGjlvFQ
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Server: 2a00:1450:400d:80e::200d , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Jan 2023 14:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4Ts7-dslZZF1JyP0P8FrIQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-418529419%3A1674485605940644&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDmfmTzrgt0ia3y3F2sKnwrOxeEMflJDRTPw5HUlD0_neo5NfgukNg-x-6nJb8nmzYGjlvFQ
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 SGY3djlnWVQFBB8weS9jeChQF1R5MFMxey8EcTgJKTF9A2wABRECUCxbDkAJfVUDUEkhAgpHHzsSVgJMO1sGUFAmAFhLHz5bBlgKfEgERxd6QEJLCG4SRxdedVcRBk08CgpHD39SA04MflYCQQ9x
ihopuchcomp.xyz/ 0
249 B 204ms
130ms Image
text/plain 172.67.137.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihopuchcomp.xyz/SGY3djlnWVQFBB8weS9jeChQF1R5MFMxey8EcTgJKTF9A2wABRECUCxbDkAJfVUDUEkhAgpHHzsSVgJMO1sGUFAmAFhLHz5bBlgKfEgERxd6QEJLCG4SRxdedVcRBk08CgpHD39SA04MflYCQQ9x
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEWUw10wLy%2BhlemjuhrcoFfVEAvcRnFsdRcukcE3HRThHkw0VjBxsTiWGjRdfYCL7E%2FqbpmYtgiZZDr%2BghXFJmBUOFZJctzu5%2FDKRKORsChw7VcokObV9%2BjQe474tVxTS8s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 78e15bdcbe1cb3a7-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 ED4bMSkLe00gOkImVmF4AX5faHsAel5ndgQ
ihopuchcomp.xyz/SmtQTjZlVDM9CwU+O3p7JCYAKHctKAIPA3woNwx0CQUVB3cPKnY6Xy5WaXgHfVtnaEYjD21/DmwYJC9CPxhtfxAjBTYhC2wdbX8YekViYARsHm1/ 0
244 B 204ms
131ms Image
text/plain 172.67.137.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihopuchcomp.xyz/SmtQTjZlVDM9CwU+O3p7JCYAKHctKAIPA3woNwx0CQUVB3cPKnY6Xy5WaXgHfVtnaEYjD21/DmwYJC9CPxhtfxAjBTYhC2wdbX8YekViYARsHm1/ED4bMSkLe00gOkImVmF4AX5faHsAel5ndgQ
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2C5aqD7eKb0rdQaGDTJTIWZk8yWogo0tz58lWXUculuDvDBpQxtm9CIFRuoW7Ob2oeJ4ZF6WzTmheA%2B9zSo3vhdKIclDwWNyLd7GhiQTzsbskArtsd8U9Rh%2F8kF%2FchZyPiY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 78e15bdcbe1db3a7-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ 404 KB
162 KB 50ms
36ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 05:53:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165715
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jan 2024 05:53:35 GMT

GET
H3 200 cutty.app_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
392 B 181ms
180ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07129112525182e697e7b05a5f481f66086c478050c0017ce53d4cb6b2329187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 78e15bdc8a9791d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 184ms
90ms Fetch
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.cuty.io
URL: https://cdn.cuty.io/js/public/links/first.js?id=d283d38a711a8751c0103864121763a6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49642
x-xss-protection: 0
server: cafe
etag: 15351847487012643540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Jan 2023 14:53:25 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
496 B 38ms
38ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNN40JMWXW15DE1R3FSH39KR
date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
age: 642021
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15bdcbac791d7-FRA

GET
H2 200 invisible.js Show response
cutty.app/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame 0273 38 KB
16 KB 28ms
28ms Script
application/javascript 2606:4700:20::681a:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=78e15bd8c96491e9
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aff358bda87632f1b082c3a9dffcb51f8e0648535bbb80ef61708c6e25908e97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13ORbv%2FP3sJeYCQRyV5ZbvJd%2FuKafsVxLo3X9DQVZp87Nmt%2BF55YR9qzeK8Be%2FzvWBb0wAnbh%2FL%2BPr0Xkbyi9HIFmogcnS%2FEcRz7eBvk7oqyyo043ObbJKcGlKDVJvSwOB6wNBC7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78e15bdcb93291e9-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
334 B 98ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=2oe1i0&_p=1330819793&cid=354501130.1674485606&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674485605&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FQ18titUI40&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cutty.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_sq_firstpagemiddlebannerad1&pdc=0.7600304603576661&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
age: 1868502
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15bdccaee91d7-FRA

GET
H2 200 cutty.app_fluid_sq_firstpagemiddlebannerad1 Show response
api.demand.supply/v16-2-0/a/ 303 B
498 B 99ms
37ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/cutty.app_fluid_sq_firstpagemiddlebannerad1?&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af9b86895225cf0eb508597af6bc5112647e896e96e61c6a45af3b5ab9bc6f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 564
etag: W/"12f-iFWmGB7CzQL64WQ9GXLrTpyQahs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78e15bdd2b33929b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 35ms
34ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&pdc=0.3753772974014282&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
age: 1868502
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15bdccaef91d7-FRA

GET
H2 200 cutty.app_fluid_lb+sq_firstpagefirstbannerad2 Show response
api.demand.supply/v16-2-0/a/ 304 B
501 B 106ms
46ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/cutty.app_fluid_lb+sq_firstpagefirstbannerad2?&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a4131862ba801d4677a15bc305ca04e40861a908584a9470ab733d2a1734e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3258
etag: W/"130-3stFHJsCm33Z/ePf1B4TUMmuLaQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78e15bdd2b38929b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 46ms
45ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&pdc=0.22894073724746702&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:25 GMT
cf-cache-status: HIT
age: 1868502
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15bdcdaf191d7-FRA

GET
H2 200 cutty.app_fluid_lb+sq_firstpagelastbannerad1 Show response
api.demand.supply/v16-2-0/a/ 303 B
693 B 96ms
36ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/cutty.app_fluid_lb+sq_firstpagelastbannerad1?&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10304c108616a4cd69a1a7e08ab1c00638b58a863d0413e6ddcf033c1d2a1057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2758
etag: W/"12f-w7EosRrJdAMF1q9B3O52YMluyYw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 78e15bdd2b3d929b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pica.js
cutty.app/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0273 22 KB
9 KB 29ms
28ms Other
application/javascript 2606:4700:20::681a:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a120e7d729f4a010c4e7179884002bebd44e5ffb9e14817256169f7f95b3eeee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geHtPk2hYYaExw6xKrEZcqP2USdFnQYn8UUxyBcFWaXA78BmMNbw1%2FSmD5zJlJOetzuxLgxHE15b8GVx8HqKWsoQC1rAO5211ZRqzvPJatg6Ihekcyi%2FDudHQncRlmGzrJlE4gEjGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78e15bdcf9b491e9-FRA

GET
H2 200 dMTlyNW9SVhxTUEVQFghWBwlHBlsXUwFaAUEEFHkrR0wXfj5iATBwXRdNCFFSAR8eVAFWBFRQAVIEQxMOVVtPAUlFSR1eUkBPBkYJQE0TVBUXTBMIAl5DG1kDUBxAc1ofCVcHXxlOG1sLXk4BEF0BVwYQXQEIQhtfFAowEF0BThtbWQUcQXdKAwkKA1sYHE-AFDkF... Show response
d1b9b1cxai2c03.cloudfront.net/ Frame 0C49 673 B
756 B 165ms
165ms Script
text/plain 2600:9000:2491:2000:12:409c:d0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1b9b1cxai2c03.cloudfront.net/dMTlyNW9SVhxTUEVQFghWBwlHBlsXUwFaAUEEFHkrR0wXfj5iATBwXRdNCFFSAR8eVAFWBFRQAVIEQxMOVVtPAUlFSR1eUkBPBkYJQE0TVBUXTBMIAl5DG1kDUBxAc1ofCVcHXxlOG1sLXk4BEF0BVwYQXQEIQhtfFAowEF0BThtbWQUcQXdKAwkKA1sYHE-AFDkFJHlAYVFsZXBsUCzQAXAYXQQNKAwlaXgdFVB4QXXIcQAUDWFIXEF0BXhdWBF4QVwdfUlEAWgJUHEBzXgEAXAVBBA1DAUEGDVcHX0JYFFQdWBxAc1oCDlwGWRdMTwQ
Requested by: Host: slaqandsan.xyz
URL: https://slaqandsan.xyz/MFZ0NTVRNBdYClFrFhNAQjpJEAd2c0ZzUQE0TVcEUy4VXAdTZkcbVlw5AVFTQjkaQRteMwAQB3YyOWFZSRgjDGZmPgxhYHUAJXNSWAE2Qll4FBhGbWUhMlR0ZRMxc31bJCYFQmgwHgBccQI2Qm1iMjp2c3YFNWcNVQA1c2JyECZkdGYfMWRNfRkiY0FgFyFZc2MERVBgWxQkd15pHCVwBWQANmBtZBQ5fHRcYzByBFsSIXdNcTVFWlNzABd9bUg6O3IEQxosXgFyEzIFd2YhLWRtYRM9ZF1EMDJ0WkcTMgV3ZD4AV2JhAxdkbVQdNUJeexdFRmx4E1l0c3Q9Mn99XBctY3NDDCx3RmUVDmR0aBctbWRhGD90Qlw3LFJRdgA2AWRoDj1WZHEDMGJzeQ4xcwVyDhxRYnIQQGRjRzISYFl1FyNSf2UeMXdPaDExdG1xADZ3dAESNWBwdxIiVn1oZj5sc3YHEGJ3SBcXBFpzEhhCcmcEEHhhRwdSX0ZfOAQIU3wSAkBQewcnDXd1ZA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2000:12:409c:d0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3991b0b38f1d624a4f6123550a39241ec12142a27e4f9dc802fae8ae1673d1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slaqandsan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 481
x-amz-cf-id: o5D44S0oLlfpqQhe4LDtECl5rFhJsHqFcxsagd19Lf05GgAi5Bn1Dg==

GET
H2 200 c18nMDkuG2lqDmZFfDQkKBJpan0kEi8zImpSfmguKwUjNShmRQppfXpZfHZ4d0Z4dnp3Un5oPiIRLSokZkUKbX50WX9uazZKfQ Show response
d1b9b1cxai2c03.cloudfront.net/HTFhNQ3cvNyMlSDgxKX5Oeml6c0FqMj4sGTxlGiZCAh8cDBIqFBssJR0JazcNKGV9ZRstNip+USk2Ln5GajkpIUp4fjkzGCdlPDUDPz48NxYtIms2FnE1IjkeIDQsZkUKbWNzUn5oZTQeIjwiNARpan0tA2lqfXJHYmhocD... Frame 87BD 783 B
821 B 169ms
169ms Script
text/plain 2600:9000:2491:2000:12:409c:d0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1b9b1cxai2c03.cloudfront.net/HTFhNQ3cvNyMlSDgxKX5Oeml6c0FqMj4sGTxlGiZCAh8cDBIqFBssJR0JazcNKGV9ZRstNip+USk2Ln5GajkpIUp4fjkzGCdlPDUDPz48NxYtIms2FnE1IjkeIDQsZkUKbWNzUn5oZTQeIjwiNARpan0tA2lqfXJHYmhocDVpan00HiJueWZEDn1/cw96bG-RmRXw5PTMbKS8oIRwlLGhxMXlrem1Een1/c18nMDkuG2lqDmZFfDQkKBJpan0kEi8zImpSfmguKwUjNShmRQppfXpZfHZ4d0Z4dnp3Un5oPiIRLSokZkUKbX50WX9uazZKfQ
Requested by: Host: slaqandsan.xyz
URL: https://slaqandsan.xyz/Q05uTlYiLA0jaSJzDGgjMSJTa2QFa1wIMnIsVyxnIDYPJ2Qgfl1gNS8hGyowMSEAOngtKxprZAUGOgg+DR9dLSANNyMiBQcpFgUOdgELIzp1LV4IJw4kWj0RFzYCCT8ZDS8mbiAKLAcnBQwdPRwRfiQvLCAAJQkAehQ8PSINJx5rZAEbPSVkDyBbCTcpJR4HAzN6CCQ9OQktKjoTCjsKBjl6VgAuGjonIyVxCAALZwokBSsfBx8dFD0WBQwZGDkbAHs5GRo/Kx8pOQcAFxE+DyBmNw9cIiclFiQGDy4mAS0SFT4PIGZzBgcEIyYZNAsSLX9LfBAgOVd4NARjPCMEGzlbHgIOLCUdbiwHPDk6DwkGNhsbIhwrO3ILCyBnZnwoLWd7ICMKPTYJXCInByM0CDAHHwUFFAk+DyBmKAsHdiwKIx4dMC4pGwUhFiQgHT4uHD8+JiUWHhQwCxRaKmYZegogJnAbAHs5EycnHBoQIQUUPRYFDBZjcxk2dyMiNDQFMBJoBD05LT5TGTN2ACkfGSYoIhg5ER8/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2000:12:409c:d0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c26475bb7e7dc26a17273e505078ea1ad0b32f99c574c47c31b0c59d4448498b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slaqandsan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 545
x-amz-cf-id: T2bq1hUC6HtnNLNXGUBJSeEUgxV-sCLGwsq5l2pO2l6A39ee9ICssw==

GET
H2 200 jcVFVbzYSPjsJCQU4MVIPR2BiXwFXOyYAWAFsISsCEjwlV0wDCXMbTBVsZUlaED8yUhAUPzZSB1cwMQ0LRXcgDgscPi8GWh0wcF1wRH9lSgRBeSIGWBU+IhwTQ2E7GxNDYWRfGEF0Zi0TQ2EiBlhHZXBcdFRjZRcARXhwXQYQISUDUwY0NwRfBXRnKQNCZn-tcAFR... Show response
d1b9b1cxai2c03.cloudfront.net/ Frame 82FA 186 B
461 B 168ms
168ms Script
text/plain 2600:9000:2491:2000:12:409c:d0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1b9b1cxai2c03.cloudfront.net/jcVFVbzYSPjsJCQU4MVIPR2BiXwFXOyYAWAFsISsCEjwlV0wDCXMbTBVsZUlaED8yUhAUPzZSB1cwMQ0LRXcgDgscPi8GWh0wcF1wRH9lSgRBeSIGWBU+IhwTQ2E7GxNDYWRfGEF0Zi0TQ2EiBlhHZXBcdFRjZRcARXhwXQYQISUDUwY0NwRfBXRnKQNCZn-tcAFRjZUddGSU4AxNDEnBdBh04PgoTQ2EyClUaPnxKBEEyPR1ZHDRwXXBAYWxBBl9kYV4CX2ZhSgRBIjQJVwM4cF1wRGJiQQVHdyBSBw
Requested by: Host: slaqandsan.xyz
URL: https://slaqandsan.xyz/SktxejErKRIXDit2E1xEOCdMXwMMbkM8VXspSBgAKTMQEwMpe0JUUiYkBB5XOCQfDh8kLgVfAwwhEix3HCkLI2IaIQIwchseRTdnAxsjSHMjEwY8aQUyKDtmCw0CM2I5CDQQRiYdQQ11CRM8GGUIHQIgZCYqND4JMx4ZO2QaMSspc3soBjdgegcjIlItDxYJUhoiST1mInsGGXd7PCMyCCYYFihzLxg4PWYIHlRIcwMjBi5geA5GPUkEDygtYywMNDwBECJBLmB4Dhg4XSIDKyJzKS83KFsQGRI7YxIjBiJgExo4KWQOHgYjAQQ8IxxzEhkfMWAECCsUHD4oMDxjIBEkHlUNGCROcDIFNT9fCC8zEgF+GxYVZRt5NANyJh4QKl8yADM/dDMbI0trAg8jDWkSCTAjZjIJMxYIIRInTnISeSsSYi0ZMzNbGwEnDXx+KDdLRhgMOxNgGx05HkgIGDMNFyA4HhRBdz81TlInO0kAQxI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:2000:12:409c:d0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 455437a6e76255307f43fd003d3d00e1491a4d4185fd15ee70fd393f8c88e29d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slaqandsan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 184
x-amz-cf-id: U3aEYa3MysfizBaZi-yz5Bdsp0nkLEwOzEQ1BZ-x4A5lCbU--yKFqg==

GET
H2 200 pubads_impl_2023011901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
130 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 23:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133253
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 19 Jan 2024 23:26:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 135 B
108 B 139ms
67ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a22008244d7b85fbb6f174a7cf8c2dc9c495e08810d5982f276bfddedee928ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Mon, 23 Jan 2023 14:53:26 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&pdc=0.26264989376068115&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:26 GMT
cf-cache-status: HIT
age: 1868503
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15bddac6791d7-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 42ms
42ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNVRAWWEVV0FNCNA1W6NSR50
date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1317609
etag: W/"1d4502a12de3cc5a1f0e398c3e53f4ab-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 78e15bddabee30f0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
497 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=cutty.app_auto_728x90_sticky_display_bottom&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNN40JMWXW15DE1R3FSH39KR
date: Mon, 23 Jan 2023 14:53:26 GMT
cf-cache-status: HIT
age: 642022
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15bddac6991d7-FRA

POST
H2 200 78e15bd8c96491e9 Show response
cutty.app/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0273 2 B
569 B 63ms
62ms XHR
text/plain 2606:4700:20::681a:db1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutty.app/cdn-cgi/challenge-platform/h/g/cv/result/78e15bd8c96491e9
Requested by: Host: cutty.app
URL: https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=78e15bd8c96491e9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78e15bdebd3591e9-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDyFJ8T9cV4SAMW9mwcwJrJ3C9BnaRayNx3kYsJzNoUD0isrFVJT2eB9jdS9XdWvpP%2FQ8qx0uhaaixXyrX9bHfzfM1VaJwSAZVwPmXvgApZu%2FAv51UgRFZ3jGYhTJ%2BWLfH4cZQXS2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 150ms
57ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 151ms
58ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 416ms
416ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=562496159430656&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C4d3ee50e-9453-4613-a5ec-6919ef0a5e59&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=1&adks=3288306879&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.11%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1674485606223&lmt=1674485606&dlt=1674485605419&idt=773&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e08510dec52ca6f9b4826278d920dd0af6dce266c6c4202bfb22799770aa6b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10088
x-xss-protection: 0
google-lineitem-id: 5562801801
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 434ms
433ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=1713753446323546&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cbaf135fa-8002-4844-8cb4-6fdeec129911&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=2&adks=937572184&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.33%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1674485606229&lmt=1674485606&dlt=1674485605419&idt=773&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

764a24ce637830ef67e306049f8a1a272ff4583536eec4e80992d9c56f9e06c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9999
x-xss-protection: 0
google-lineitem-id: 5564064437
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 1169ms
1168ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=2945254416123153&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cd2a5005f-627e-40a8-a0c9-92075b36f18f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=3&adks=2089231398&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.17%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1674485606232&lmt=1674485606&dlt=1674485605419&idt=773&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbdd212495d8c88b3632d2b4530043d244744aed9e997674ed41b2034228e408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9997
x-xss-protection: 0
google-lineitem-id: 5564063708
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 336ms
335ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=3622895670403187&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cd49caaef-eb18-474f-80eb-9df3f4fc38f8&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&adks=3670102738&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.22%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1674485606235&lmt=1674485606&dlt=1674485605419&idt=773&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0183e8db99fe855eea58a501b18becc10ab642ebe9360fc082946039536762dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9982
x-xss-protection: 0
google-lineitem-id: 5564064167
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7556 6 KB
3 KB 219ms
68ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:26 GMT
expires: Tue, 23 Jan 2024 14:53:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 Lm9iViU+MycFJXdhY0BnbDs9Fjl3YmNAZ2wkbkF4eWZ9Q2dkYHUFa31ra0difWZmSWRyZWBDZmwmIxExd2N1ACI+Pm5BYH1mZ0hjfGJlQmJz
ihopuchcomp.xyz/VkpSU3B5dTEgTQEMPiUkDggkMjZjegNhRSAdCicxNycmMBYTG3QnGTJ3a2VBYXpkdQA/ 0
272 B 126ms
125ms Image
text/plain 172.67.137.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihopuchcomp.xyz/VkpSU3B5dTEgTQEMPiUkDggkMjZjegNhRSAdCicxNycmMBYTG3QnGTJ3a2VBYXpkdQA/Lm9iViU+MycFJXdhY0BnbDs9Fjl3YmNAZ2wkbkF4eWZ9Q2dkYHUFa31ra0difWZmSWRyZWBDZmwmIxExd2N1ACI+Pm5BYH1mZ0hjfGJlQmJz
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.137.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uW6%2B85Yasvj%2F8MSbVUuXCSh%2BrNDGMPtc0DIOFKT1WsqUrN%2BHwRilz0FzeV%2FWqDGQTgtHS6fmNgvio6JejxqgtbUQUkrhUTby5ns7VGUWhqNOj7T4IJr8MTGE6vcEvI3jog%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 78e15bdf2864b3a7-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 popunder.gif
ihopuchcomp.xyz/ 35 B
553 B 38ms
37ms Image
image/gif 172.67.137.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihopuchcomp.xyz/popunder.gif
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.137.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Mon, 23 Jan 2023 14:53:26 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 13:48:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3867
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FgrR6jBGLV4md%2FgjsphqTJgHTQAkXi6gIfChc%2FQ%2FsfL27t0h%2B6ZdTY7CUT0XWU%2F7HKpKR76AbXpQUkA%2F8zMx8DnXYWe9zo7Ji3Wwp5OHATcZgzQiOl2TxznmYWtmo6HiOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 78e15bdf7d71b39e-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 85ms
84ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a62d68f3d87ae443180ec75093c24146cd859c00d546a0a95ef98ddf35bceeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10916
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 205ms
111ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 14:53:26 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 95ms
36ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
server: cloudflare
x-amz-request-id: SA6HX3EQ47WC1XE3
age: 272
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 78e15be19cd6bbd4-FRA
x-amz-id-2: 79htdQ19spsqbMsNoVBRii35mzPQHvikWi7aJxn5SqG/UqOCZhz0q3HBXssmXjmjVXk3tTNwmSU=

GET view
securepubads.g.doubleclick.net/pcs/ Frame 7B14 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B14 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 72ms
59ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 58ms
58ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 357ms
357ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=2111455504964829&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C149d7a2a-7ae3-45aa-953f-24e672858d8a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=1410006697&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D84&eri=1&sc=1&cookie=ID%3Dbb2f32d46dd03e4b%3AT%3D1674485606%3AS%3DALNI_MZZajRCUSAlwBaCrqkemFs3tUZxgA&gpic=UID%3D00000ba86095a9be%3AT%3D1674485606%3ART%3D1674485606%3AS%3DALNI_MaDjonOtMOCRqiehaEG2UXCq4eUQg&abxe=1&dt=1674485606595&lmt=1674485606&dlt=1674485605419&idt=773&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRi20fr43TBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abe7470c624b4610f6e6c1bcbef2fa2718865b5163b8f5a029a6df7354f70ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9803
x-xss-protection: 0
google-lineitem-id: 5563949749
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 31F9 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 31F9 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
6 KB 375ms
375ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=1132113947022540&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C2001a78f-7b35-4998-8840-5b838e4b0595&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=6&adks=4272646990&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie=ID%3D930c1ba414ecf0c0%3AT%3D1674485606%3AS%3DALNI_MZ-vrkOsKjXJlTSvkiLFAyrkx-hbg&gpic=UID%3D00000ba860c2ddd8%3AT%3D1674485606%3ART%3D1674485606%3AS%3DALNI_MYlFWRoXlkIovoP8h2hsCnyNXxnIw&abxe=1&dt=1674485606701&lmt=1674485606&dlt=1674485605419&idt=773&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRi20fr43TBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae4898fa3331bab36302a5948c65edd4a00577dde64b81232b7d97cf2296d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6094
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame C6A6 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C6A6 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 479ms
478ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=4477844420111252&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C213b6c4c-1021-4d20-bffc-f3f3b46db672&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=7&adks=4236531159&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie=ID%3D338229a4c60d2c59%3AT%3D1674485606%3AS%3DALNI_MbxhDY7vn-oJPfW6X7KCAaiIKGnmA&gpic=UID%3D00000ba85f3673d6%3AT%3D1674485606%3ART%3D1674485606%3AS%3DALNI_MZ6qCOD1gcPAjdOSHcA3m-Ou50VkQ&abxe=1&dt=1674485606717&lmt=1674485606&dlt=1674485605419&idt=773&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRi20fr43TBIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f464c14f05e0bd259eb3eae0fb254dc5adf7d498b0b914645fdb024925d867b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12023
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
318 B 88ms
24ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cutty.app
date: Mon, 23 Jan 2023 14:53:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F67D 13 KB
5 KB 38ms
36ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 21 Jan 2023 08:22:55 GMT
expires: Sun, 21 Jan 2024 08:22:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0419 783 B
919 B 59ms
58ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab2bd5f7b6e18490b4b474cf7fa4b6990e9ce4fc24b8c73cdc094d76d3257e1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N7z9LfqEGMzjdgjL9o2YAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-N7z9LfqEGMzjdgjL9o2YAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:26 GMT
expires: Mon, 23 Jan 2023 14:53:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame F67D 36 KB
16 KB 119ms
36ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 18:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 18:28:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0419 0
0 214ms
151ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011901&jk=526794240876182&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET view
securepubads.g.doubleclick.net/pcs/ Frame EBC9 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBC9 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 59ms
59ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 59ms
59ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 316ms
316ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=1618477601336746&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C9dac83f1-e85e-4045-b0af-8939d8cf8b9f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&adks=2191873836&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D84&eri=1&sc=1&cookie=ID%3D338229a4c60d2c59%3AT%3D1674485606%3AS%3DALNI_MbxhDY7vn-oJPfW6X7KCAaiIKGnmA&gpic=UID%3D00000ba85f3673d6%3AT%3D1674485606%3ART%3D1674485606%3AS%3DALNI_MZ6qCOD1gcPAjdOSHcA3m-Ou50VkQ&abxe=1&dt=1674485606971&lmt=1674485606&dlt=1674485605419&idt=773&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRie0_r43TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa837750b3c258d6562dbb7c18b674652dcb03d30f55dc7778c39307ed3fec1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11785
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A13 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:26 GMT
expires: Tue, 23 Jan 2024 14:53:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 43ms
42ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&pn=2&sn=3&pc=0.22894073724746702&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be46fef91d7-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 40ms
39ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&sy=add41fae-bcff-432a-a010-8050b2f80077&ts=84&cd=2&pud=213&pus=c&pue=694&pid=41&pis=c&pie=735&ppd=100&pps=a&ppe=794&pcl=908&ttc=1024&tti=2136&ttif=0&lca=794&lcak=ppe&lct=794&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=3c3c4cd0-ad09-4ced-9181-f7ce7f433f89&e=lm&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be46ff591d7-FRA

GET
H3 200 delayed_impression_vu_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/impression/ Frame 5E81 18 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5430e0c6ab72e7a9f124dc89b76e32c00f70e4ac38c3f4c311056fbebaf85ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 00:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7891
x-xss-protection: 0
server: cafe
etag: 11527628042352414540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 00:19:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 5E81 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 08:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 08:22:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 5E81 18 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 08:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 08:22:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E81 0
0 56ms
56ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1SqyleBnXem-3VMlXE79QKW-jtPLyK7aOZbRhdFbsyuvvuYTD1TmIqS_hiZeO1FcstueyIGb-lNMrTvBay7_VDm-2Fw
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5E81 24 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 07:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Jan 2024 07:30:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E81 155 KB
48 KB 160ms
159ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 14:53:27 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 5490 2 KB
3 KB 123ms
60ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kd444abgvmw3vrfqes5tym3avej1xe26hf43bnkpx7d06a6cdrfbq8vhexfk09j0psw6s2c8a94m1mm7ce6cg1cqapdc2243rk3fa7xac78g7k9bdk74pb1shzf9dgjj0591t087n62rks20383knx6r7xw54meqs87nfa209qdea1qpc5ck7dr5djhg9r0nq93ayztw9t9x6g4481r7s2mkj3yvzj3z4d1xjxy3p2d6r75ttkq115hdkcgazgrekzd6z6bspqjgwxecnx9xvje0ha4g8mhf06ct9897ntc78ktnz6amq5307ehajcxd2cnr9jp02w73ngqserddvh50xa3d6qxj0gj79y90ex63gq1cwtfhxyhzmr97ed0gy2ebbdq4cbgv3pnkssbze2g95b03anq&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e04f4ca4d8266668143368d77fe46d1d0eb3670fa65bc8aaadf706740ee1aec6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78e15be558bc902e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:27 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 142B 1 KB
643 B 38ms
37ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 07:57:21 GMT
etag: 48472445140208031
expires: Tue, 24 Jan 2023 07:57:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E81 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 692e1ed1d887bba4d2dfb9fada67913a5e4739fe4de7e3129655516ed20ef823

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301041800000/ Frame E7CB 221 KB
61 KB 156ms
35ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 21 Jan 2023 07:59:50 GMT
age: 197617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61740
x-xss-protection: 0
server: sffe
etag: "8e9029bac2b10828"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jan 2024 07:59:50 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame E7CB 15 KB
5 KB 215ms
95ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 21 Jan 2023 07:59:50 GMT
age: 197617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jan 2024 07:59:50 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame E7CB 94 KB
28 KB 220ms
100ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 21 Jan 2023 07:59:50 GMT
age: 197617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jan 2024 07:59:50 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame E7CB 5 KB
2 KB 233ms
113ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 21 Jan 2023 07:59:50 GMT
age: 197617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jan 2024 07:59:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301041800000/v0/ Frame E7CB 40 KB
13 KB 235ms
115ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 21 Jan 2023 07:59:50 GMT
age: 197617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jan 2024 07:59:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E7CB 8 KB
991 B 60ms
59ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 13:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Jan 2023 14:53:27 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E7CB 2 KB
2 KB 38ms
37ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options: nosniff
server: cafe
age: 24817
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 24 Jan 2023 07:59:50 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E7CB 295 B
319 B 37ms
36ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cutty.app
URL: https://cutty.app/Q18titUI40

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options: nosniff
server: cafe
age: 24817
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 24 Jan 2023 07:59:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E7CB 0
0 57ms
56ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSicsxJVEufxMxWWK0WTR5aX36NW7FRGtxp5cleETwCEF6fMxhJ6fZpAX3c8GfO4bm_yOAF8KrpilX4LA491TTbUfC11w
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E7CB 0
0 82ms
81ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcQjMZp_OY4XpL_ek9u8PtMC3iA2Z3tnHbv6A46DrELuWnO-PDhABIJWbyiFglYKAgLAHoAHe2fWMKcgBAakC7-BpnT9Nsj7gAgCoAwHIAwqqBOUBT9B3ms6hkjKMO00EdeMcBee697QGd13E0WvoQQWmLhokxIq_YGlNnuHwZGzjDQlnhSPwcA7B1pokk4akCLvqslu0JYR9RUCwmzPxX7g1Kk7NXYILru0w6ZBNY8A2IVMk2lvSifEmLndjA6eeEPKqLGhtD5Q8PH3DsxK3hKwhlxp4kP3EewFW9AjhSkPahxMOwkTVERjGhQRBpYCMItToNJCv55ViXPtQu0vcl4-REAW--JEL7gAVumyCl1z7m2pWuezvOB4yABaG8ISJmpkDdDe1vhXNyvdsCnlSwDzX1UjYPllY7cAExqbwjJUE4AQBkgUECAQYAZIFBAgFGASAB96RxuwDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQoPkB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=RljKGIs6_6g&uach_m=[UACH]&cid=CAQSOwDq26N9A6Cw8OLduQwQCoOS6Mjw1fC2VWvZycbSmnFeFFegeb0HqAnxvLdc5EgVczWHFE7qS6FYEf-gGAEgEw
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 29ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_sq_firstpagemiddlebannerad1&pn=2&sn=3&pc=0.7600304603576661&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be5192c91d7-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 29ms
29ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_fluid_sq_firstpagemiddlebannerad1&sy=add41fae-bcff-432a-a010-8050b2f80077&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=3c3c4cd0-ad09-4ced-9181-f7ce7f433f89&e=lm&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be5192e91d7-FRA

GET
DATA 200
OK truncated
/ Frame E7CB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6af51033af37e1c51d34646324a1038be289be6d555ff5be6bce9704f27ee815

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 142B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUJh2jaWExND7zlkiSaceU&google_push=Aa02lx9k_THRxA233BQocnLMO11GL0WuB3QH6pZoNosnWtbwoO2FwsOMJP...

170 B
232 B

61ms
61ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUJh2jaWExND7zlkiSaceU&google_push=Aa02lx9k_THRxA233BQocnLMO11GL0WuB3QH6pZoNosnWtbwoO2FwsOMJPVVBsBsSvTWU3iTlwY2Ys0fRKZV75DN89aeDUZtCGs

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220040-HHN
pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674485607.342786,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECUJh2jaWExND7zlkiSaceU&google_push=Aa02lx9k_THRxA233BQocnLMO11GL0WuB3QH6pZoNosnWtbwoO2FwsOMJPVVBsBsSvTWU3iTlwY2Ys0fRKZV75DN89aeDUZtCGs
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 142B
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESECJuB8n-xQJTLPU-qUO3KIs&google_cver=1&google_push=Aa02lx9Hmt_wSRWYLXmzvR1_-8jJiNT6rcZc5Ah2sVW8xgZpN0jbRIQa7q3LV9z8En7q0ix8-xSkjUsn54LJnOarJtzMwQTJuEk
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q1dKT2gxa3JDR2F0TFZ3OGFKX09Zdw%3D%3D&google_push=Aa02lx9Hmt_wSRWYLXmzvR1_-8jJiNT6rcZc5Ah2sVW8xgZpN0jbRIQa7q3LV9z8En7q0ix8-xSkjUsn54LJn...

170 B
188 B

58ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q1dKT2gxa3JDR2F0TFZ3OGFKX09Zdw%3D%3D&google_push=Aa02lx9Hmt_wSRWYLXmzvR1_-8jJiNT6rcZc5Ah2sVW8xgZpN0jbRIQa7q3LV9z8En7q0ix8-xSkjUsn54LJnOarJtzMwQTJuEk

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Q1dKT2gxa3JDR2F0TFZ3OGFKX09Zdw%3D%3D&google_push=Aa02lx9Hmt_wSRWYLXmzvR1_-8jJiNT6rcZc5Ah2sVW8xgZpN0jbRIQa7q3LV9z8En7q0ix8-xSkjUsn54LJnOarJtzMwQTJuEk
date: Mon, 23 Jan 2023 14:53:28 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: nginx
content-length: 242
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 142B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO1mS_JMPINDnNFubCM3l-Y&google_cver=1&google_push=Aa02lx-QAH9_XvC4qvAwrLupXJG45BrJ0JMvXeteulaLqHRqcyBLeMNcNyvbQjdP-Bx1h-x60VpXSnC2DRnC_vBiPmAhP_W...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-QAH9_XvC4qvAwrLupXJG45BrJ0JMvXeteulaLqHRqcyBLeMNcNyvbQjdP-Bx1h-x60VpXSnC2DRnC_vBiPmAhP_WAm8w&google_hm=eS1yRzZRNk1sRTJwSEhsTTV...

170 B
232 B

62ms
60ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-QAH9_XvC4qvAwrLupXJG45BrJ0JMvXeteulaLqHRqcyBLeMNcNyvbQjdP-Bx1h-x60VpXSnC2DRnC_vBiPmAhP_WAm8w&google_hm=eS1yRzZRNk1sRTJwSEhsTTVKLlBFekFPZnFHRklqcGdkNH5B

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 Jan 2023 14:53:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-QAH9_XvC4qvAwrLupXJG45BrJ0JMvXeteulaLqHRqcyBLeMNcNyvbQjdP-Bx1h-x60VpXSnC2DRnC_vBiPmAhP_WAm8w&google_hm=eS1yRzZRNk1sRTJwSEhsTTVKLlBFekFPZnFHRklqcGdkNH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 142B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rTYe3yhJRTmljF2P2z4AdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

63ms
62ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rTYe3yhJRTmljF2P2z4AdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9Xnrlaec_8UoxeY9z7f8vBvIcBG90nBAT3yt16AWBBX1siSnBm50KU7H9hcl6IUWcbovcMP-MTjl30I8kk2VGgoROu83Nw

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rTYe3yhJRTmljF2P2z4AdQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx9Xnrlaec_8UoxeY9z7f8vBvIcBG90nBAT3yt16AWBBX1siSnBm50KU7H9hcl6IUWcbovcMP-MTjl30I8kk2VGgoROu83Nw
date: Mon, 23 Jan 2023 14:53:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 142B
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEJ_3xx4y_TzGfhtL5NzVsPI&google_cver=1&google_push=Aa02lx893gxFzl4TIAC8TdL9fPlEYdJbpSAC4BluPYyt5rzt7bu4tAS-k...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx893gxFzl4TIAC8TdL9fPlEYdJbpSAC4BluPYyt5rzt7bu4tAS-ke4emPZc8iGwoJbfLqDpw_yB8KurV-9bNMXmCvXcyRx8&google_hm=QlMuMzZlMS1kNmIwLT...

170 B
188 B

58ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx893gxFzl4TIAC8TdL9fPlEYdJbpSAC4BluPYyt5rzt7bu4tAS-ke4emPZc8iGwoJbfLqDpw_yB8KurV-9bNMXmCvXcyRx8&google_hm=QlMuMzZlMS1kNmIwLTQyOTYtYWY5YQ==

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx893gxFzl4TIAC8TdL9fPlEYdJbpSAC4BluPYyt5rzt7bu4tAS-ke4emPZc8iGwoJbfLqDpw_yB8KurV-9bNMXmCvXcyRx8&google_hm=QlMuMzZlMS1kNmIwLTQyOTYtYWY5YQ==
Date: Mon, 23 Jan 2023 14:53:27 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 142B 42 B
233 B 394ms
103ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENbp5I-017f4a8HsIoqGi8E&google_cver=1&google_push=Aa02lx-PSorsQm4XOQ_PuNMJ5ZBqhGc9GksEW77IoJkn46pQBL7Twl2W8sQkgkcQSVntQlo6NYYL1IYTotG0hki-fwUlINcZZi23ZA
Requested by: Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 14:53:27 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 142B
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEMESb_iTMZAv7vcVbgR11FM&google_cver=1&google_push=Aa02lx_r0RAATbY_WWn8_AES8ELIrDAa4YPFmEpAzX8EjhpRCi5TBzjEMRSGAkPM9FYBXhG7UfwgbLc_CrvIrD2cspYNjqEyNPg3
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTcwYjE2MzctODMyOC00ZGY2LTliY2QtZTY0ZmY5MmM2M2Qy&google_push=Aa02lx_r0RAATbY_WWn8_AES8ELIrDAa4YPFmEpAzX8EjhpRCi5TBzjEMRSGAkPM9FYBXhG...

170 B
329 B

62ms
61ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTcwYjE2MzctODMyOC00ZGY2LTliY2QtZTY0ZmY5MmM2M2Qy&google_push=Aa02lx_r0RAATbY_WWn8_AES8ELIrDAa4YPFmEpAzX8EjhpRCi5TBzjEMRSGAkPM9FYBXhG7UfwgbLc_CrvIrD2cspYNjqEyNPg3

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MTcwYjE2MzctODMyOC00ZGY2LTliY2QtZTY0ZmY5MmM2M2Qy&google_push=Aa02lx_r0RAATbY_WWn8_AES8ELIrDAa4YPFmEpAzX8EjhpRCi5TBzjEMRSGAkPM9FYBXhG7UfwgbLc_CrvIrD2cspYNjqEyNPg3
date: Mon, 23 Jan 2023 14:53:26 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 142B 0
223 B 167ms
59ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IO3p-DTKuSWkLFLSJSqmwocAhj-NrK2MzX6lmoB6WL1XhTwZg6x-ElK8sw2UXy0GemMr_iw_o9

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E7CB 28 KB
28 KB 37ms
37ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 23:18:07 GMT
x-content-type-options: nosniff
age: 142520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 23:18:07 GMT

GET
H3 200 container.html Show response
63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F656 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:26 GMT
expires: Tue, 23 Jan 2024 14:53:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&pn=1&sn=3&pc=0.26264989376068115&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be5aa0291d7-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_auto_728x90_sticky_display_bottom&sy=add41fae-bcff-432a-a010-8050b2f80077&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=3c3c4cd0-ad09-4ced-9181-f7ce7f433f89&e=lm&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be5aa0a91d7-FRA

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 5490 90 KB
11 KB 52ms
50ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kd444abgvmw3vrfqes5tym3avej1xe26hf43bnkpx7d06a6cdrfbq8vhexfk09j0psw6s2c8a94m1mm7ce6cg1cqapdc2243rk3fa7xac78g7k9bdk74pb1shzf9dgjj0591t087n62rks20383knx6r7xw54meqs87nfa209qdea1qpc5ck7dr5djhg9r0nq93ayztw9t9x6g4481r7s2mkj3yvzj3z4d1xjxy3p2d6r75ttkq115hdkcgazgrekzd6z6bspqjgwxecnx9xvje0ha4g8mhf06ct9897ntc78ktnz6amq5307ehajcxd2cnr9jp02w73ngqserddvh50xa3d6qxj0gj79y90ex63gq1cwtfhxyhzmr97ed0gy2ebbdq4cbgv3pnkssbze2g95b03anq&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kd444abgvmw3vrfqes5tym3avej1xe26hf43bnkpx7d06a6cdrfbq8vhexfk09j0psw6s2c8a94m1mm7ce6cg1cqapdc2243rk3fa7xac78g7k9bdk74pb1shzf9dgjj0591t087n62rks20383knx6r7xw54meqs87nfa209qdea1qpc5ck7dr5djhg9r0nq93ayztw9t9x6g4481r7s2mkj3yvzj3z4d1xjxy3p2d6r75ttkq115hdkcgazgrekzd6z6bspqjgwxecnx9xvje0ha4g8mhf06ct9897ntc78ktnz6amq5307ehajcxd2cnr9jp02w73ngqserddvh50xa3d6qxj0gj79y90ex63gq1cwtfhxyhzmr97ed0gy2ebbdq4cbgv3pnkssbze2g95b03anq&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%26client%3Dca-pub-3831894559014614%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 430760
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dx5a2R1lnKQYkky%2BB2Zf%2BjJ%2FjWuWl9TUJQzr5Y2xdmp8b1m8346XfBMEtkJoy%2F2c8Rb%2FwdIYncd8Wp0nOf9eIdthTQ5ajUc%2Fm%2BOeYmJd36C2HTyafNCjCJZx3hF8BUyZOgU8bs0LtQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78e15be5c984902e-FRA
expires: Mon, 23 Jan 2023 15:53:27 GMT

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 5490 35 KB
12 KB 49ms
32ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kd444abgvmw3vrfqes5tym3avej1xe26hf43bnkpx7d06a6cdrfbq8vhexfk09j0psw6s2c8a94m1mm7ce6cg1cqapdc2243rk3fa7xac78g7k9bdk74pb1shzf9dgjj0591t087n62rks20383knx6r7xw54meqs87nfa209qdea1qpc5ck7dr5djhg9r0nq93ayztw9t9x6g4481r7s2mkj3yvzj3z4d1xjxy3p2d6r75ttkq115hdkcgazgrekzd6z6bspqjgwxecnx9xvje0ha4g8mhf06ct9897ntc78ktnz6amq5307ehajcxd2cnr9jp02w73ngqserddvh50xa3d6qxj0gj79y90ex63gq1cwtfhxyhzmr97ed0gy2ebbdq4cbgv3pnkssbze2g95b03anq&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 517729
etag: W/"6080661f69dc3db9c889ba58b02808d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WL7p3JSiNGyh1Ult2IrOO18o%2FKDAXM3d%2FIJDOZRP3vzHuOQ5efkKSMgNll8Z4Y1lt9feVBMC%2Bwq5Wg8gzOdpwqicslCvp964Hyzc7Rg4fEd34u%2F%2FEZKFdeO5r5AOvjttsbSL7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78e15be5d9a7902e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F656 0
0 79ms
78ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmBuoZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEjQJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m15Tqz7oI2Vc4-SSpej4b0HQoBxs8jI_XV4Hq_STqDst4RCw5GvWVOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=vSl23mNlnIU&uach_m=[UACH]&cid=CAQSOwDq26N9TxJhcaC3ew0sp9V9jJNvC9ho2H-AthhxrlIkREvzxRc7v2hMBgaa1izcsBbEHmNa-O7BEKrtGAEgEw
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame F656 0
0 98ms
33ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j42q9aemx5sn83y10qzs4gc3jdnmx2w2qc074788ceqy9hvtpgcmzp2zs3xsr4c0j86mzaqnvnmwpbwddevddjjwx32rk9recyktyvshv5b3gsv8s6ykfpvtnb3y8srv5hedwps523ybtz517qeze4v190kp7bmq48dxjrtmt2951mzzm17nhyvh9rrk3mhckc03yvmhnvsadv4dg3rdv7gp8tzw96xn6t7gxka6rgt4j9e5e57b6e36sar7djg3ksfs01aztpgpm3vv4rza3gr0w8sqc1hg0dsv1ncrjtkz8fv72z2k6ewvvpbsw8sp20qpw2tetxj8vzgmv3w3hyh39xk3258by3pyqtsm20mc0yqjs8bfgxdg5kqj2ybcfkg&b=Y86fZwAAdpsIu9ChAAoq3zdAqCJQBHTG6X8oEg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 Jan 2023 14:53:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 1FC8 2 KB
2 KB 88ms
87ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g4t34vmedw4p4r3cpnptspn1k1m3fsn13wms6kn75kx0hwnay4g6wtc7ggwn54w19jamhzwy7jhvvr3qce3rarx8x3e4crjqh02n71sam2ts8rh36h7n73v9mxwxs290jrb6pahy7q19wxn55gjd4v7bdpwqj24df83cch2f6br8sbsew2z54tg9y41q99zdrh3yt5qbp3a3be2xjgt9hm2xsb0t5q31qtkxdas5t4smwjkm25xgj88186n0xysh1fb91qm0t0dxj7120yyfjvskryy7peyfj19e5brhfrakk8tmj03mbmg8vw464n1p15yf134qw10wqbqdgqh9f4cnmndvz6asc2yfe4kr274ndh28mw78wmqsk2613mb64vgw0zwsj86recdtpdkbpysmmbqcvnh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7dcef18cd587dea91f518153522b08077c7f14739790b611d039f2b02209e1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78e15be60b5b90c4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:27 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F656 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 08:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 08:22:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C8D9 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 07:57:21 GMT
etag: 48472445140208031
expires: Tue, 24 Jan 2023 07:57:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame F656 18 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 08:22:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7515
x-xss-protection: 0
server: cafe
etag: 5914713042212191929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 08:22:55 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F656 24 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 07:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Jan 2024 07:30:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F656 155 KB
47 KB 81ms
79ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48518
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674065973849303"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 14:53:27 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5490 3 KB
4 KB 101ms
34ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2524
x-guploader-uploadid: ADPycdvPzNjMo9AIUALoUqTWKJBNPOB_RfD71QBfUIwWWIDnAMaYGqyuQcsztbvDytgCKvsyldbe2I5ti2IHjt-ZsBHiHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ahWZFOYxDDPksLT2jE%2Bguh3BgyOeYkA%2B979XmYPYy7Glbx5YBj%2BgFAMxd4kFSNjmjTvGnX%2BHf8uuE5RkWtaYhrawdW14kwBHeK4JW6QIAduG8a7w3g62RwWBfkk5Y5Bpaec5EWrtM%2BPr%2BluC2DMVcT4"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78e15be6ae159bb0-FRA
expires: Mon, 23 Jan 2023 14:41:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 272B 2 KB
1 KB 47ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2314092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78e15be63be790c4-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 23 Jan 2023 14:53:27 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCgKSyy%2B%2BuhRXL77ZovJwgMOEEC4lEiHGW8yv0E8S5mzq69a9%2F0Wq%2BwF30uUdwN%2BK9CK5PwRfN7LtUBeB4%2FcYYprvJtpahAObzdyg3ZvSpxOlKIB7J8IOLTv34VCzDy3VznCCxQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame F656 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae4b527636fe7250d259e24c51ec1beded043f669477ec8e93af2b3a5f1b9e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8D9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y0JSWFlUTTkxUGpZY241&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&google_cver=1&google_push=AavPq0OR8vfYIs0Rwvil13ImsjghlqvIJDzMYN8gMxdtFh5...

170 B
188 B

58ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y0JSWFlUTTkxUGpZY241&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&google_cver=1&google_push=AavPq0OR8vfYIs0Rwvil13ImsjghlqvIJDzMYN8gMxdtFh5-IHnHGedSQFT9XLdfQ4ZBKfKiGRigYo2JfMwpkrmGdTKGmlu3zbKr

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 23 Jan 2023 14:53:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0616fc39f147daae8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Y0JSWFlUTTkxUGpZY241&google_gid=CAESEBcdVWfV8-G2re9FJn3LI5s&google_cver=1&google_push=AavPq0OR8vfYIs0Rwvil13ImsjghlqvIJDzMYN8gMxdtFh5-IHnHGedSQFT9XLdfQ4ZBKfKiGRigYo2JfMwpkrmGdTKGmlu3zbKr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8D9
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENmzZvm1OTl45IuU2fKdRHA&google_cver=1&google_push=AavPq0Pr9BW_CeIAK481kXfGar_WXgrNleTf38au3A3jaHOSt_3JLPKXdpduTsaZcE9eT4jN7q5SrvRv1HFi-aqJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OHUaLJItSnWFzPJEtz1cMg2&google_push=AavPq0Pr9BW_CeIAK481kXfGar_WXgrNleTf38au3A3jaHOSt_3JLPKXdpduTsaZcE9eT4jN7q5SrvRv1HFi-aqJjo3YufbX5YBE

170 B
188 B

59ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OHUaLJItSnWFzPJEtz1cMg2&google_push=AavPq0Pr9BW_CeIAK481kXfGar_WXgrNleTf38au3A3jaHOSt_3JLPKXdpduTsaZcE9eT4jN7q5SrvRv1HFi-aqJjo3YufbX5YBE

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 Jan 2023 14:53:27 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=OHUaLJItSnWFzPJEtz1cMg2&google_push=AavPq0Pr9BW_CeIAK481kXfGar_WXgrNleTf38au3A3jaHOSt_3JLPKXdpduTsaZcE9eT4jN7q5SrvRv1HFi-aqJjo3YufbX5YBE
x-host: tde-deliveryengine-production-fb497649f-qptn5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8D9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHx5xzM51ePo4bVo-hvRQL0&google_cver=1&google_push=AavPq0M4mAOMOFprS7LwhYp7F7Fd3vXehQYYY4hCj453Ee5IpRrxDLh_42Mcvafu_JM6vQBHfqZri-AJYrXsHl4Vopvr5aj...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M4mAOMOFprS7LwhYp7F7Fd3vXehQYYY4hCj453Ee5IpRrxDLh_42Mcvafu_JM6vQBHfqZri-AJYrXsHl4Vopvr5ajZp8M&google_hm=eS1WbXJHV25oRTJwSHV3blJ...

170 B
188 B

70ms
69ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M4mAOMOFprS7LwhYp7F7Fd3vXehQYYY4hCj453Ee5IpRrxDLh_42Mcvafu_JM6vQBHfqZri-AJYrXsHl4Vopvr5ajZp8M&google_hm=eS1WbXJHV25oRTJwSHV3blJyZnNaZ3AyaVdfZ0xRRWpqOX5B

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 23 Jan 2023 14:53:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0M4mAOMOFprS7LwhYp7F7Fd3vXehQYYY4hCj453Ee5IpRrxDLh_42Mcvafu_JM6vQBHfqZri-AJYrXsHl4Vopvr5ajZp8M&google_hm=eS1WbXJHV25oRTJwSHV3blJyZnNaZ3AyaVdfZ0xRRWpqOX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8D9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ7ikUgv9IzKESXduq6EnXw&google_cver=1&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7akuOfg...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ7ikUgv9IzKESXduq6EnXw&google_cver=1&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7a...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4MDI4Nzc2NzI0MDQwOTE1Ng&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7akuO...

170 B
188 B

58ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4MDI4Nzc2NzI0MDQwOTE1Ng&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7akuOfgIK1AVQzXKdRS9JS7WGV3

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4MDI4Nzc2NzI0MDQwOTE1Ng&google_push=AavPq0MKbcH_WgT81h0ClXXEnnQtG3HpnuyfkGgRRZcCFLwVgurD8TTLHH2LIZvzrPYtMUNtG7akuOfgIK1AVQzXKdRS9JS7WGV3
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C8D9
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP1zMHBSgkeEXpGH-zefxP8&google_cver=1&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQv...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEP1zMHBSgkeEXpGH-zefxP8&google_cver=1&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQv...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQvbPuCyvNKOwn&google_hm=GCO9rGZHkC8Km2-9T8m64RbK

170 B
188 B

59ms
58ms

Image
image/png

142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQvbPuCyvNKOwn&google_hm=GCO9rGZHkC8Km2-9T8m64RbK

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 23 Jan 2023 14:53:27 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0NtkQ3VAJE8d139_ZRhDP4t3xJAg98sFRhXE4CAlsETci4TESg70cdze_jIJYBsFN2louhZKjaqRRBhXgmQvbPuCyvNKOwn&google_hm=GCO9rGZHkC8Km2-9T8m64RbK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame C8D9 0
44 B 810ms
264ms Image
text/plain 52.193.58.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEIgNAez9Ej4qsaQhP_-U6vE&google_cver=1&google_push=AavPq0PxvY9m8bLKbGKWa16IH5VVKs47CCJhXJ19D0vB8dp8riVYOVGfHMiC8Qpodwu1LVV2PLW3_lGqEbD7C3cwq7Lebq1W0Q4
Requested by: Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.193.58.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-58-193.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:28 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame C8D9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEFASTIGII4_SUhDWXim_l_k&google_cver=1&google_push=AavPq0OPSKMO3hrtSKEW5QvRGxgZaj5ze6RKAhDQKYeaIp5_gq1tLP2WTSYLs5PdWNB3cs_lAhCeoFI5skp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OPSKMO3hrtSKEW5QvRGxgZaj5ze6RKAhDQKYeaIp5_gq1tLP2WTSYLs5PdWNB3cs_lAhCeoFI5skplzQ31Cy3e8Lhy578Ahw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

23ms
23ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C8D9 0
49 B 58ms
56ms Image
text/html 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3tBcpu-gw-LNFtnHjy6HiIPShGu4nniosF6cu6ttKguU3Ly2uyBlTZxUXDGBCJr9ou3JDZw

Requested by

Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET view
securepubads.g.doubleclick.net/pcs/ Frame E532 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E532 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 60ms
59ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 58ms
57ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 485ms
485ms XHR
text/plain 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526794240876182&correlator=233555951064334&eid=31071770%2C31070908%2C31071579%2C31071663&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C47e29a2e-9b84-49e9-9c5c-d9fc8cc96660&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=9&adks=3972824104&sfv=1-0-40&prev_scp=ti%3D3c3c4cd0-ad09-4ced-9181-f7ce7f433f89%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie=ID%3Dd166a59795ae7ec7%3AT%3D1674485606%3AS%3DALNI_MY7bZTOc7IqOlciQKespsfKz4P7Zw&gpic=UID%3D00000ba86081e5a4%3AT%3D1674485606%3ART%3D1674485606%3AS%3DALNI_MZ4njGPmL9o2HPspkWXUbkqN5vRQw&abxe=1&dt=1674485607421&lmt=1674485607&dlt=1674485605419&idt=773&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcutty.app%2FQ18titUI40&frm=20&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=354501130.1674485606&ga_sid=1674485606&ga_hid=1330819793&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRie0_r43TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e04e816bd78f33ab4d76ec764c224629a500de06c7660902677de1220992f5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12195
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame 1FC8 90 KB
12 KB 43ms
43ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g4t34vmedw4p4r3cpnptspn1k1m3fsn13wms6kn75kx0hwnay4g6wtc7ggwn54w19jamhzwy7jhvvr3qce3rarx8x3e4crjqh02n71sam2ts8rh36h7n73v9mxwxs290jrb6pahy7q19wxn55gjd4v7bdpwqj24df83cch2f6br8sbsew2z54tg9y41q99zdrh3yt5qbp3a3be2xjgt9hm2xsb0t5q31qtkxdas5t4smwjkm25xgj88186n0xysh1fb91qm0t0dxj7120yyfjvskryy7peyfj19e5brhfrakk8tmj03mbmg8vw464n1p15yf134qw10wqbqdgqh9f4cnmndvz6asc2yfe4kr274ndh28mw78wmqsk2613mb64vgw0zwsj86recdtpdkbpysmmbqcvnh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g4t34vmedw4p4r3cpnptspn1k1m3fsn13wms6kn75kx0hwnay4g6wtc7ggwn54w19jamhzwy7jhvvr3qce3rarx8x3e4crjqh02n71sam2ts8rh36h7n73v9mxwxs290jrb6pahy7q19wxn55gjd4v7bdpwqj24df83cch2f6br8sbsew2z54tg9y41q99zdrh3yt5qbp3a3be2xjgt9hm2xsb0t5q31qtkxdas5t4smwjkm25xgj88186n0xysh1fb91qm0t0dxj7120yyfjvskryy7peyfj19e5brhfrakk8tmj03mbmg8vw464n1p15yf134qw10wqbqdgqh9f4cnmndvz6asc2yfe4kr274ndh28mw78wmqsk2613mb64vgw0zwsj86recdtpdkbpysmmbqcvnh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%26client%3Dca-pub-3831894559014614%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 430760
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=880mdNhcBY2KvT0rPzMP0fxp3byyoiQ9QRPtaTfB%2BJGAygK6G2MCynUG2qF%2BYheqntBAJJsqYk2hgIWMHEfcvqF%2FleJJwqRiflYK7DPT5olrSmAOFa44ml0y2a1u4GGs%2Fbjc86iH%2Byc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78e15be6aca590c4-FRA
expires: Mon, 23 Jan 2023 15:53:27 GMT

GET
H3 200 fxpcopuw.js Show response
ad4m.at/ Frame 1FC8 35 KB
13 KB 65ms
65ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g4t34vmedw4p4r3cpnptspn1k1m3fsn13wms6kn75kx0hwnay4g6wtc7ggwn54w19jamhzwy7jhvvr3qce3rarx8x3e4crjqh02n71sam2ts8rh36h7n73v9mxwxs290jrb6pahy7q19wxn55gjd4v7bdpwqj24df83cch2f6br8sbsew2z54tg9y41q99zdrh3yt5qbp3a3be2xjgt9hm2xsb0t5q31qtkxdas5t4smwjkm25xgj88186n0xysh1fb91qm0t0dxj7120yyfjvskryy7peyfj19e5brhfrakk8tmj03mbmg8vw464n1p15yf134qw10wqbqdgqh9f4cnmndvz6asc2yfe4kr274ndh28mw78wmqsk2613mb64vgw0zwsj86recdtpdkbpysmmbqcvnh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 517729
etag: W/"6080661f69dc3db9c889ba58b02808d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQYi5htmNjwc4N8IWSA%2FY7dU3lsbfXwpFFz%2Bp0F0pU%2BhetbsSDmrn%2BXOreBbi3AHn8KcHZM%2F8uvof8moyCOn85v7ywQ6i55uoKr%2FEUPelM7kcgk3%2FIRpFXAKwy68LvRRV%2BwwRP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 78e15be6acaa90c4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 17 Jan 2023 15:04:38 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E7CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

165ms
73ms

Image
text/html

2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Jan 2023 14:53:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5E81 0
0 79ms
79ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtcElZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSOAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHbKQAcTTdNUfxiaOVYklDY2vYcVq3ju7qRs00zTPeOJ2YuYyhY-JuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=5klxzguefhY&uach_m=[UACH]&cid=CAQSPADq26N9vbHkGXOiKN8y4T_1wPtdm8G2SsS12c4A40wrRVIWxIpbesnq3v7YmkEJQ_a6zs9EmZYOfoAS8RgBIBM&cbvp=2&vis=1
Requested by: Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5E81 0
39 B 35ms
34ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h4keprh0yfm6v5rskrx4vv0qna68x57v63jvyrevnvy9164w88bss94vbq85fgj8c759ap96t5w3dqq6nrzfv3a13fjr3nkthmee62a19xrdkm04jzmtx8sb0gn9szyhrnjxkty7x730cgmqnka5cj57ksp1bg6vwt16w5ar2tqj7y3xyvj5t6ca0xrcnvwdky650yxjtgrh1nbkvtwywjsm27pwyw8wcdjzvazjwxcb1ahwd6hb6e508m6zshkhxay598pv7vsvrv0qa392eft25a0tm1snj6gn6qk974y298revzqxpcqj5rjmamsd30q34mmnzppnfyzwr8s14znraa28k12pxbqbs9dmd3txewz4te0w1cf49rb2d2p18vg&b=Y86fZgALrhYH_YJQAAEMhKMhOMMzOIuHn8R6yg&cbvp=2
Requested by: Host: 63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
URL: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 23 Jan 2023 14:53:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame 5490 2 KB
2 KB 85ms
84ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60a5d31a25c7241ceb8453c796b9285827f2a6344eebbe26a2a28dfae4c71b1d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=El0yd%2BIB29kg1XpdLuhqH4oZkm9LGdQsnvxq7XMXPAg9f3VjuZgfqlhrRYbe%2FbRP1KhouBjjsch7JEJlwuYPzfiN0KRA9p6lx62fPNYKpYmRRY3sNJ2Gnq42zNfm5aeiEMwmj9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78e15be7a95e9101-FRA
x-backend-server: aa-reachservice-group-europe-west1-gxt5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 79ms
51ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78e15be758bf9101-FRA
content-length: 24
content-type: text/plain
date: Mon, 23 Jan 2023 14:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLkHYI4W%2ByPzsuds1ThAGqeoZWGKc7%2BR3NLI32Y2AUiHIz4Jw7%2FAH0twfZOaXt%2BbwHjWyXrAu0InnHLLyOpYOSv2npnTz9056P31uRmVTTxHne%2B1o4ufEjjGnsFQKa%2FINPraHLA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1FC8 3 KB
3 KB 41ms
40ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2524
x-guploader-uploadid: ADPycdvPzNjMo9AIUALoUqTWKJBNPOB_RfD71QBfUIwWWIDnAMaYGqyuQcsztbvDytgCKvsyldbe2I5ti2IHjt-ZsBHiHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89k09IMcbwfW75GfXd7dGBEYwWkWxPthzCufazQiYFWWCzZJvcH3N8y3vG7q605tTS10WuM2fRHTnFobtoeZExtZI8WRzNGqwbQCu%2FDI5PWg2QmrR6XQLNs1txoUmQ7g3s%2FRGJgP5SKn0F4Wl8X8L3Nb"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 78e15be73fb69bb0-FRA
expires: Mon, 23 Jan 2023 14:41:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame A6E9 2 KB
1 KB 43ms
42ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2314092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 78e15be73d3c90c4-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 23 Jan 2023 14:53:27 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hmCRzi%2FQN1Q98WdcaoVBUalogfRUixGWE0yCTORG64RpSMgnpGMOmT7iKOnX6yLUlPzyR9bsdvh4xua8n4pAw9av5cFyml%2BeCf97NkOuAb88f6dgt6mj8bJju080otqByaeU%2Fo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 158ms
157ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011901&jk=526794240876182&bg=!mZqlmt7NAAYDMoyoIzI7ACkAdvg8WmVqBeAGbj2zNBoLiSKd5TTcJTnhHkR_4rMGTr3bHo8aBcergAIAAAA9UgAAAAVoAQcKAOba3CFEGusHGQbhGnujxMBsBHxrWlEd_C8wpsi8xeUeCQwC8YJy1XTWdAo2EVSv56y8Bo90U7KV_X5QPLPKi_U53Xd66XZT4G1uP16JSLyWE_z40nCLTWEn6wouW7q8XTKoEhULs4p22gftDuyZsVbaTqp9di5G2WyXJSmyALElDlMXUGGNuaRfWaMMQL3-wi74szpljipjTXth1nL47BwyQh3Y785fCBaQZ0LYZ3aUh_oy12_yUZfPa2zFFzMBRj1UfG29HOEJO2br9GamXJF8E4dyGOFe8SeLiS6SJdPkfiqjmqXyipkCnqQBUxSmw3uKnekBDOa3Uv3o9QAKjYa6bjRuR-TEIteNfWTBHElF90bFLo26B8JXfeBtUn6WGKozUDyza3E8C6oa46Xd2mhgEXMUAc2AEmcPyZhS189taDGlJIe2IgaZiYvQGxiyi68PFlXt9rpl2WG48UFnPb0sHLYlRMKHGE8ETxaertubXYA4FrLSGpoKoHmhhmblI_1SmSVAkJ7uxipaBId7avOidh5Kwlw_ImdXVXqPngSBeddq3maETtOgTNdNBkIzpQwwH0ihDdQ3cSUCOaT1FeY7k72TfFvmqDqh9GvhL96ApY-Q2Dcupju_mdixpVO5sZhWhG1mHB59iHIsr58A3t6cCWrPZXEdk0aPN9ZuHIKK4ZMMG_vEhMcoOuHZOLoJIHxw7WiLjD2SwDuUgauRb-EzdeAecVSCi2SSgBia1D-KKu7RNnmaPLrHepPWUf7JUoNSQcpoyr771T-KTTx49-aTGbAbXIX5EvyhkVRomoDE3EZxHVLffpw31X0kZYBEX9uINdCTbP4V9IcuEAhWJ1qeCi04ebh04Q5LAiJB4HkFfMwOGKzWGv7GhvWrGoj0VASEQUOk8AvhwfTDPdd-ysh4o1mLuRZcWjPOhzmnugjR8ibakMJWD53LjQjZq-VgHYKu6aBlQ2BgmaZ5baxQIGNj0brpuEtKXEKiWH1nfB0zTVN_nszoPVkH9R5UsQ9n-aIkQf5a2CrUsVr01h5p53b7l98M2lwpkgN0jHeGJTZsLWbM6_49xXGqJd0JrIkhAez7aYjfMWbj8RFVKvSjBGnybswtptG3nTMUBn0Y-3JFDH56YN4U-el5kcV28E3fmrJUmiWtfUVF67NSXz_wPq7qjUcWfVS_puXpPTW1bkv4o3PLZ2ADEG0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H3 200 rs Show response
ad4m.at/ Frame 1FC8 2 KB
2 KB 62ms
62ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1b39d8a0f2295682ad1eb9a869ec7cf33020d372be996b47b661a59bc70486

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xhg%2BsPuS9i70OCf4w1Agcenl4lHGhGklG4JDaeII3hKwGBLuD%2BK6qpISgfKjG9OTjIgGkWYWT6H4WkUZ6ohsmDICPhEBMmqzXvyI8Pm6nM2Sxhkh%2FDy%2FQwQYSxrZk%2FtBpL4Nt5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 78e15be819f59101-FRA
x-backend-server: aa-reachservice-group-europe-west1-gxt5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 84ms
84ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78e15be7891b9101-FRA
content-length: 24
content-type: text/plain
date: Mon, 23 Jan 2023 14:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3XMle9S5sHAhm9faC9jkTGvyLoReCqS7uzKp0VP5PLqUK9L31BdyiKDqq9JdFZnp2k%2FuuUOVBPrLhDTJdKOlddlSLHrwT0sEwYcs%2FhtBoQ%2Beh5G9WKFnki%2B1HxRXJC%2BSt%2BVdUw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-gxt5

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A75B 13 KB
4 KB 51ms
51ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0505b7443eeaf23a35b397b9ed40f3d610bc31df7cbc8506551a492652bb4678

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kd444abgvmw3vrfqes5tym3avej1xe26hf43bnkpx7d06a6cdrfbq8vhexfk09j0psw6s2c8a94m1mm7ce6cg1cqapdc2243rk3fa7xac78g7k9bdk74pb1shzf9dgjj0591t087n62rks20383knx6r7xw54meqs87nfa209qdea1qpc5ck7dr5djhg9r0nq93ayztw9t9x6g4481r7s2mkj3yvzj3z4d1xjxy3p2d6r75ttkq115hdkcgazgrekzd6z6bspqjgwxecnx9xvje0ha4g8mhf06ct9897ntc78ktnz6amq5307ehajcxd2cnr9jp02w73ngqserddvh50xa3d6qxj0gj79y90ex63gq1cwtfhxyhzmr97ed0gy2ebbdq4cbgv3pnkssbze2g95b03anq&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%26client%3Dca-pub-3831894559014614%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78e15be83ea490c4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:27 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F196 11 KB
5 KB 59ms
58ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2117cd091d79e5709dcb521cce8923564d56f7661a5d5392b59a8a5ef6820ec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g4t34vmedw4p4r3cpnptspn1k1m3fsn13wms6kn75kx0hwnay4g6wtc7ggwn54w19jamhzwy7jhvvr3qce3rarx8x3e4crjqh02n71sam2ts8rh36h7n73v9mxwxs290jrb6pahy7q19wxn55gjd4v7bdpwqj24df83cch2f6br8sbsew2z54tg9y41q99zdrh3yt5qbp3a3be2xjgt9hm2xsb0t5q31qtkxdas5t4smwjkm25xgj88186n0xysh1fb91qm0t0dxj7120yyfjvskryy7peyfj19e5brhfrakk8tmj03mbmg8vw464n1p15yf134qw10wqbqdgqh9f4cnmndvz6asc2yfe4kr274ndh28mw78wmqsk2613mb64vgw0zwsj86recdtpdkbpysmmbqcvnh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%26client%3Dca-pub-3831894559014614%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78e15be88f1a90c4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 14:53:27 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame A75B 90 KB
12 KB 41ms
41ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 430760
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWhDNDXqI4m%2Fff5rLOBuP12ELd9cxY7BHICmKHtOq8NaL6R75h4UcerX%2FrNzVuUHc1jFuY91my%2F%2FYvbDUeWur0Dwg3%2BYLEGIgVHhe4nIyV5I8A9AnLtfAutGIcr2hr8Ut7zDS5%2FMiN0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78e15be89f3990c4-FRA
expires: Mon, 23 Jan 2023 15:53:27 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame A75B 44 KB
44 KB 59ms
43ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 316916
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk5aU4TGoSQBszZKbRoSGoToBgXlFNr8D4cAYuD8VB05IaYiF0QoVDgFLm2MvwnUnbRxMnPDqxRrYuLsq%2BwJ95UubrYqN4tEtQJiZ%2FbpUte1ZHekwiyINMhveA1n6UQaS%2FlrxCR0dZq57Ca%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8be7e902e-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame A75B 222 KB
222 KB 71ms
57ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2486579
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZUPRcCag85vo8WrJao%2BHTWblKG0ixNtANM%2FSI%2F9QDeDMcXgc0WO9B%2F2BcLjeJVqx5TfJfUyN0lsXvrL3vI%2FG78FnyWaNWZU%2FPlqJu%2BvS7v23QQ4ZkDKcI7oOBvxWjUM7USJ2RDB6Xjr%2BCyw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8be7f902e-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame A75B
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1674485607_b1ea7680-9b2d-11ed-a66f-223554f889ce&insert=AW&&gdpr=0&gdpr_consent=

0
672 B

122ms
58ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1674485607_b1ea7680-9b2d-11ed-a66f-223554f889ce&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:28 GMT
via: 1.1 additional-webserver-green-g4xh (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 343212077
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=cf1e7960771b2942
cf-ray: 78e15bea2b579ba6-FRA
expires: -1

Redirect headers

Date: Mon, 23 Jan 2023 14:53:27 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1674485607_b1ea7680-9b2d-11ed-a66f-223554f889ce&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame A75B 127 KB
128 KB 70ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1860985
cf-polished: origFmt=png, origSize=233620
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130164
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:10:51 GMT
server: cloudflare
etag: "d1d171dd651522f41a2fc0dba256a546"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eq3cIqwuMdXTXSUQNZl3N5%2F9vWjSVMIPgXhyqA4JkzIo2fphIvJF0qbZ9gKjjuNs3Jdtd5m%2FSZZ9j1tK9L9%2F%2F1g%2BC3R6PXb%2BSTkAIFPSCn1y%2Fbr1tkbSk7sNEQuIhdVCPp1lfywQryppVeQH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8be80902e-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame A75B 461 KB
462 KB 57ms
43ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1848724
cf-polished: origFmt=png, origSize=731561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471752
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTRH%2BRKByh%2FBa5XZyc%2FM6UVjsEfpHuY1esq9G4eYzdxEP9kFO8SNlIB%2BFavrgrh6%2FIFIjYm5Pkhlh%2BlqC9Z0XbltuzxDO1NLD7WOPhqEo8n1BBiF2%2F%2FMRajGGkQQw1r3qncWNVteLh4bMafV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8be81902e-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H2 200 32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame A75B 53 KB
54 KB 45ms
31ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 934686
cf-polished: origFmt=png, origSize=85233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54280
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:18:26 GMT
server: cloudflare
etag: "0bc184d99872986e7c36d6945f607e59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJzgD5shhlKsyhKtZcqdLsjDpV8spYqUqBYv7S4GLQb66vOb5VF6yJFga3Q%2B1EIWZNIaTkSnXfOS3oICdkWMQR7qg6EfkurSeqxJpJnCXUnqtT8Lqe6JWXPYYmd4bhZi7isp3a4AaZRzZR2M"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8be7a902e-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H2 200 831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame A75B 193 KB
193 KB 56ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2647071
cf-polished: origFmt=png, origSize=311499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 197460
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 17:45:43 GMT
server: cloudflare
etag: "3e47fe2e828ecba46fd7e6ae452966ae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtag0ZTHrMG05LcVmUZLHBY9WTX4BqxVhk9d8uISLrWJQdQn8vN%2FYUR9zaUFl1mUlGC3%2Bx1D29ntG4Rm%2FGTAMugA2sx3LgTv1wrfivlpN5VIv9ie2GN2w%2Bn726xG9SplA62gerjqeHprF8Wv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8be7d902e-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.28/one-ad/ Frame F196 90 KB
12 KB 62ms
60ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.28/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1674054542
age: 430760
cf-polished: origSize=92334
x-guploader-uploadid: ADPycduOIlCudx-XVm5qLJi8OhY2jaf2lPA8q3ch1u6Nvu_xQSn08NrWkH7ortp-rZRuBMU9kt_cX7NUmpL0qskSxV4pk8f0m1q2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 18 Jan 2023 15:09:31 GMT
server: cloudflare
etag: W/"c37ad1fc922bacd7adf1cb37da63f83c"
vary: Accept-Encoding
x-goog-generation: 1674054571046429
content-type: text/css
x-goog-hash: crc32c=4A2ZRg==, md5=w3rR/JIrrNet8cs32mP4PA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfuyRskrnfzCCkEmPbhrh0goAYxENYOinS%2B9qXaFyq9EnRE0SWtjTegeL96iD5yFqKWxdczj%2FCneGPG2wdJIDM6%2BHJxvnQYfTp8FB822FAg7AfEIRtDjZikJcSi3%2BLQYYUC0ATmL9p0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 92334
cf-ray: 78e15be8efb190c4-FRA
expires: Mon, 23 Jan 2023 15:53:27 GMT

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame F196 53 KB
54 KB 39ms
37ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 942224
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54YZJvaqlgPFpxnFtS4r4gbdHA7wmWQoOAS%2BRLU25lCK0X9X%2FQ5jt7J2QG9CBHhMtjmcO2kRWjtrkDAYrBZDzLal29tDYnUVWFF33i8s%2FsUiIB4URW3l5SGkzWmN%2BwbBW2xDk0tUsNW29D2d"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8efb490c4-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H3 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame F196 11 KB
11 KB 54ms
54ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 512346
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bra3W5Vca5m1l0BqQiMZLgUO9XzFBWmnsahzlwOh%2FzNMacq0m48d%2Bxj228w9rHALcj0lTDoFTN20fHPNvv1%2BtRk5v6Ns05wobDhNF28Zz2mNH49eLMWvsG75g55QdhMi8TcNsEO%2BSPoZ%2B%2Fjq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8ffc790c4-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame F196
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNq64P743fwCFQPhuwgdvL4Iew;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202301...

49 B
1 KB

168ms
41ms

Image
image/gif

46.4.62.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.62.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads4.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 23 Jan 2023 14:53:28 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Mon, 23 Jan 2023 14:53:28 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame F196 10 KB
10 KB 101ms
100ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2485419
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DT7pBcaPh8j6Q3svOHLhEky0nf5XLbV5Gr6%2BSbJ2G12GoL%2FmvMCSpfaSXqWQtu3GEWUlk0gndK9E9%2BiSwiWzH8akWgx3sc7rxueuPb9k0KC%2FPJ4QtJhManB70%2B3ObzdzSl%2B9XlPMHXyBYYiS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8ffc990c4-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H3 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame F196 51 KB
51 KB 52ms
51ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2487325
cf-polished: qual=85, origFmt=jpeg, origSize=128978
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52014
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 May 2022 12:16:42 GMT
server: cloudflare
etag: "aa8c145ca1b6cb2be4e511f8f6f2685d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WI9Qk346lUlDsph1DLUt0mdfuaMW2%2BKPEoGnaqpLgWZKEZpRjY6DYibz7aTCx5O63FtIIDrfY1m%2BlcQItAh9bYcDBnQ7L3S0ZaAJKTeR8FbItziWwgwMycXMTHE7hFFmPCRN7WDcTxBnBZ%2B9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8ffcb90c4-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H2

200

view.aspx
pb.media01.eu/ Frame F196
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fponeid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fponeid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=

0
629 B

123ms
37ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fponeid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 23 Jan 2023 03:53:27 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 23 Jan 2023 14:53:28 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA17:8E12_91EFC182:01BB_63CE9F67_10B36504:2BF9
X-IPLB-Instance: 40027
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fponeid__dc_reach_suite02wkz&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame F196 8 KB
8 KB 79ms
78ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2486435
cf-polished: origFmt=png, origSize=12956
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7692
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 14:32:10 GMT
server: cloudflare
etag: "c6c297b07f296b60586b8613b6e9b5cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ro4OMgXjDeROGWOQuaRvGOhXYRB2WL2FvQrWMa8mYTP54doGqCws2SRYDUaq3929xhjpKQXojytJ7nZhWAVPzDVL0ZV5438hwi%2BNVioA6pujezumeRsK1U6fnb0%2BCSgw3WAd57kxjppItm34"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8ffcc90c4-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H3 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame F196 422 KB
423 KB 80ms
79ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 932918
cf-polished: origFmt=png, origSize=632572
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 432334
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Dec 2021 17:30:00 GMT
server: cloudflare
etag: "ee529fd62e145fb264303add5fb5a944"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XFJVk%2B8hNNNG%2Fc4WL37UxV076Tkh8M58H1opFyjoinFJrYe5n1t%2Bzze%2BCObYN1%2FnMI%2BTBb03EYB3rj1dDVdrOustSsm6NKr0i6ctU5sMdCyrJKfHc1AvQtYofPUeqKT9mufh9C8xlGQSZY6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 78e15be8ffcd90c4-FRA
expires: Tue, 24 Jan 2023 14:53:27 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A75B 1 KB
2 KB 217ms
108ms Script
text/html 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jq9z70f5n91j6kmraj77jk16kd4pw91mfgcbg3dn13aq5gj0eyfhhx3b69d0pafnqms5p2pfyhrpb8qr99pmxyd9c7xxjewpyjbyn0abpjrwa0by0p9a8p9fppez4qj6d22z1a9xr9mf71jhhvbpdmaa14eek9wtqprcrn8sew3b5peqvnbbegmhnczh8n00fbxn3k32ypeewzbtwb14ra61bfs97086agkt2sazc86kda1rgbet4jx27bxgs118bg44%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a567414569b7c2cab6db6feadd92237ced0c9393a6d63f0bb507a049cd13a37c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:28 GMT
last-modified: Mon, 23 Jan 2023 14:53:27 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 23 Jan 2023 14:54:27 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame A75B 2 KB
2 KB 218ms
120ms Script
text/html 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kny7y4r0cyvdjzq953ht9vak3bqw29zy62bj9tvrz6hd00jppg47arszeacyq3s5az1p64w8hc91z0exg3tj6hay817bhd8qpets1f8axaw7tpw7yyft2hhvzzrtnqx5ed1rc14szrg0x7qf5tns5dtvy5bw7f9yxaj53vbv2rabtdemyfmz34ve3qt1k9wvm3wtmbkrgpv23q3tqrbhatczfpg4y10fnes2nbb2rk4bmn8j6nyzh57p3pq7fqkx1f7s9r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcVoneid__dc_reach_suite02wkz&viewref=oneidRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7oneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5127d0cf61e7acdcabc059edf915cb35c5c3f666e2484ff7b2b6a9bb231adf49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:28 GMT
last-modified: Mon, 23 Jan 2023 14:53:27 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 23 Jan 2023 14:54:27 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame F196 2 KB
2 KB 133ms
92ms Script
text/html 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hjzb06e80twdmfkvfgw9scebqnkc1xapd7bg6jp3ce0wqszrbqyz518taqpht58640z2z5ptwd4jbt862ekxnvkc44fc16bheyzgydhav4qxzyv15ejr4v2mbc3ee5kfc5vzkpr1yq0f6tb43seqhsy0rkgm1y9dhxvayrnv1a678r64aasmtqsmnqg9jfkm6mgkr94q7cf3rhc24hrh5xvx468eyyfmgcs3jbrjgb3mx9b6zjaq8x42pj57hg7jk43m%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e5aff37e562a9007e8c6d6dee2bcd3388d9a8c9c0e4ec5f56866c6994906ae99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:28 GMT
last-modified: Mon, 23 Jan 2023 14:53:27 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 23 Jan 2023 14:54:27 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022301041800000/ Frame ED98 221 KB
60 KB 39ms
35ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ec6225a4e15fce914847fb3a4ac496b393c23cf38f0a614293b0e7311b7c33b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 20 Jan 2023 02:51:58 GMT
age: 302489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61636
x-xss-protection: 0
server: sffe
etag: "6860505b1f6c104a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 20 Jan 2024 02:51:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame ED98 15 KB
5 KB 50ms
46ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 23 Jan 2023 14:23:09 GMT
age: 1818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5230
x-xss-protection: 0
server: sffe
etag: "98e8559bf0300638"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jan 2024 14:23:09 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame ED98 94 KB
28 KB 52ms
49ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 21 Jan 2023 20:11:22 GMT
age: 153725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
server: sffe
etag: "80143a542ab189b2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jan 2024 20:11:22 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame ED98 5 KB
2 KB 59ms
55ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 20 Jan 2023 12:46:58 GMT
age: 266789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "c26873ae23a2dfcc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 20 Jan 2024 12:46:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022301041800000/v0/ Frame ED98 40 KB
13 KB 50ms
46ms Script
text/javascript 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022301041800000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 20 Jan 2023 15:34:41 GMT
age: 256726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a53f7d5e2894160e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 20 Jan 2024 15:34:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ED98 8 KB
895 B 61ms
59ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 23 Jan 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 14:01:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Jan 2023 14:53:27 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ED98 2 KB
2 KB 39ms
37ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options: nosniff
server: cafe
age: 24817
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 24 Jan 2023 07:59:50 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame ED98 295 B
319 B 39ms
37ms Image
image/png 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 07:59:50 GMT
x-content-type-options: nosniff
server: cafe
age: 24817
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 24 Jan 2023 07:59:50 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ED98 0
0 58ms
56ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaToOHQGNqw_3up7ujx7QxQlFjkOpuP7hgvrKXlPqiQHBZ74sMxsig4Iz9dZFfd0-eCV9X_X8_XOrxpFv2dBOTFG28unCg
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame ED98 0
0 81ms
79ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdAP2Z5_OY7yaHdyg7_UPjKC8oAm7teDNbsyyzbiLEbuWnO-PDhABIJWbyiFglYKAgLAHoAHB_MLgKMgBAakC7-BpnT9Nsj7gAgCoAwHIAwqqBOUBT9CeDyUzUGUynJ8A9CQCqHtcQDkxO0UL-BbrZKEfeFj2AdZhbg2DGoNtiA0xDJh1LkrCEDcmcCiB5S_PSOgSBL8IJrfcSFzKdSfbe_gjZxfPJxdj6u0huwMF29D2aY7m12P6A4l-Qwh4imLI3cVlpqj604FgAjzb8xMh8Yh5UGBmTOJMucmhVlruVCho12HiXOMvtPCTUknc3-3gjh_GOWCA549WQD1JkiQGdDnj5RzvZlzn8NqfWoo8mDV36ACmcaIhLgBDyVybq_AWjNtTHhYSk97LMsT4pV43b3H3YtftzWW0AcAEnOuFg5cE4AQBkgUECAQYAZIFBAgFGASAB8G0k8ADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-eUC0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=17kp587ZQuQ&uach_m=[UACH]&cid=CAQSPADq26N9AkFGfafUxi6XDT93SBTMe1dLbAh2l3mOKeEaT_jdyoi_-Fm3oeezQm1lDmhYMs1B9d-l58pAMRgBIBM
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 39ms
38ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&pn=2&sn=3&pc=0.3753772974014282&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be9989b91d7-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 31ms
30ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&sy=add41fae-bcff-432a-a010-8050b2f80077&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=3c3c4cd0-ad09-4ced-9181-f7ce7f433f89&e=lm&dsReferer=Y3V0dHkuYXBwL1ExOHRpdFVJNDA=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.3.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
date: Mon, 23 Jan 2023 14:53:27 GMT
cf-cache-status: HIT
age: 1868504
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 78e15be9989d91d7-FRA

GET
DATA 200
OK truncated
/ Frame ED98 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf50ba5cc565e194f7269daf24ab93f8f708c5e16bbab13ca17dd10e5ad12f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame ED98 28 KB
28 KB 35ms
35ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 23:18:07 GMT
x-content-type-options: nosniff
age: 142521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 23:18:07 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame ED98
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

89ms
88ms

Image
text/html

2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: cutty.app
URL: https://cutty.app/Q18titUI40
Protocol: H2
Server: 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Redirect headers

date: Mon, 23 Jan 2023 14:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F196 85 KB
31 KB 120ms
26ms Script
application/javascript 65.9.66.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hjzb06e80twdmfkvfgw9scebqnkc1xapd7bg6jp3ce0wqszrbqyz518taqpht58640z2z5ptwd4jbt862ekxnvkc44fc16bheyzgydhav4qxzyv15ejr4v2mbc3ee5kfc5vzkpr1yq0f6tb43seqhsy0rkgm1y9dhxvayrnv1a678r64aasmtqsmnqg9jfkm6mgkr94q7cf3rhc24hrh5xvx468eyyfmgcs3jbrjgb3mx9b6zjaq8x42pj57hg7jk43m%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 15:31:21 GMT
content-encoding: gzip
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 84127
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 5j7Q8BDHnGwz1HEMSbpv81m36GYVxDd38VfSPmKwL8GErOiL6ROo5w==

GET
H2 200 1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame F196 2 KB
3 KB 86ms
23ms Image
image/png 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1674485907&Signature=E5XSQRS2EBqwwONhdbmItkA8R9zpZxMSnW9T5XEytBw-aMir1tKHYqT1LbiaFoIA5Y7E~fGZXv6W~idWXCxLkkVXEXNU1Q-cjNRewFpGFG7~YxlfQ7UFkRTr31~3zEeRwssEE0xmYXzIVJGGCRLYdsb6Vhl0fJJbbH7HxMd9lLhoEZpM~-bj6I~ednAphnch5fYfmRUGYGyqx5JOTNc4dpuuAM5VMR9N3Wsy~bEXSVaYo5t4eJ9qKd4HbtbLTUHeEcADobijOCTe-0E9qPJWYx2f4zlbPzqWxwbSYveeHhZpStwpK2N4JWu6kht2Z0tAzPRB1bwoioWqKHXSMM6p0Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=195016%2C15573%2C177100&b=2beH6fqfjA7QCVHWHkt8txxDaxS7T7G4fg%2CPxefBfbfDEQF9HjHbtMtK7xCJS9TPM7Fp%2C4rehEf5fAX7kCGH9HdtAtMXz7fbSpTr6XuK&f=4rehEf5fAQEjUGH9HdtzCmmRfbSpTr6XuK%2CbM4CQfZfeDVaYHbHzt8C1d8fbSJT5WecJ%2Cr2GcQf9f3ZwkUAH7HjtJCV5R1tYS8TKxdhd&c=728&d=90&e=&g=84f307541a3f83275099012777a3d987%2F14710763058211960987&i=20774%2C26474%2C65803&j=14%2C41%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607726&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hgzavxjzt2cb7aw9ka84b7gq4mh0v93w0a7hwvyv0bexgg0hyf2p57wycrxw05qhv9x2t59p5c85gbsg6bdn6w519d28thtjfthynhcwy798fqm1fcask7f6xcrp1mdgxanm3jp1pxdzrbxsgqtkq7tq6k5js7kvk01s214cg68jrt9b5qr8ef0s1r15yrtga65fyj1dtmcvd8qg4qz95f17qe3p5phyc0e6h3h0vem308nph0r6w8r3qff6hjav98stxrxveazj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwB_mZ5_OY5vtAaGh7_UP39WowA2Q4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJqQLv4GmdP02yPuACAKgDAaoEkAJP0ICRs96_dBP9TShOdHKaOf13yAzARvBBPkDZ6WOjowrYFyNFIiqJC6deSSBvP00Vna2i0NXOVQRgl-13f30Wo5z-94pwfk_jdP4cIgKOEJIAKciiOEMT7SHMhOOcm0j8VJ-eQ5rGUwhFWWN7xd2JSjMyHoRzsilZTtruP-HejboBBmLROVnX3oLtSFdl3JufaKITFLzunGAGe49m4Vm6LnjwcpigyRpuQQKwR-YaOqHK2r-8YMSo9_28komlGLpxdPbXfH8teMktGEOIqP65O6hc3NP0mhacRjC2hehuYNfoVAv4m14RqR969JzboywV7X4iJtMimQhmXzgRRYOHab0BUK8zzQhlOPSWnP1bOuAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2n8kQ65nZlFxw4kUkdtmmN4doWEA%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 23 Jan 2023 05:09:58 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:31:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 77737
etag: "90a67412ed0b25c3e4ca2ad17658d5e1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2545
x-amz-cf-id: 85InwM8CgGaRpNSJCatoGi-Yo26xn5aONL3tBH0Y0Df6l_gVSAkiVg==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A75B 85 KB
31 KB 137ms
45ms Script
application/javascript 65.9.66.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jq9z70f5n91j6kmraj77jk16kd4pw91mfgcbg3dn13aq5gj0eyfhhx3b69d0pafnqms5p2pfyhrpb8qr99pmxyd9c7xxjewpyjbyn0abpjrwa0by0p9a8p9fppez4qj6d22z1a9xr9mf71jhhvbpdmaa14eek9wtqprcrn8sew3b5peqvnbbegmhnczh8n00fbxn3k32ypeewzbtwb14ra61bfs97086agkt2sazc86kda1rgbet4jx27bxgs118bg44%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 15:31:21 GMT
content-encoding: gzip
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 84127
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: lEVi-8eWBayv8S8eg5Yamc_vhkpDhab2n4JVVToaVUtfd30FP-GVIA==

GET
H2 200 link.html
track.webgains.com/ Frame A75B 48 KB
49 KB 111ms
111ms Image
image/gif 35.176.33.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.33.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-33-61.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:53:28 GMT
last-modified: Mon, 23 Jan 2023 14:53:28 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 23 Jan 2023 14:54:28 GMT

GET
H2 200 Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame A75B 2 KB
3 KB 84ms
23ms Image
image/jpeg 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1674485908&Signature=kVnvlC43Xa9yoMoXQA9TgANe4KIoLAbg3VkDDaU1HfvnmhUpMhCCvBHpAHJq3VGlNUJbniqqmCS86U3edTbpxBLo07UAsj~uK8dTqg5QmT1Q~vKvx~MiMqbdvwcWc4ghuTfDadZuvdr1RaDjNGoIjPaUELC4lzEBI0Z4QuEpqIEtclr8oaCWOwFOCXnvWcZ-pLk3-zpzwAGFmzVu4uXJgv4bW4iHwArjyU6lvvGdNgEez~E9dHrnH8exy3x8nw4oFEhP-Fw-fIXoHv1W-vhFFRZ8Er7Plo4LHgqKTDknUbO~n~3pYOH7srOc9uU13uKc9cJJhYm7D61NvSBebzZdsw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=728&d=90&e=&g=da189eeb7d53334d95fb8f1f81d20099%2F10537445513349374712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1674485607682&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gbt2p56h12428vmvsxwybr45zwtjctfy2zkazgqjj1cvgb1kmws9fbec2atj3nvf5m0dcb4yayyppa6zb3jdw5q077sgmbb7xbk5snkybe9xdx68sfzy6n8kwh9w75h2r1ffrdkcvph71g13yz5mdhtze1br4fmq4g04fq476g0s2m4q38q6hnvsqk46c8ym5tm1msz2ebz7mxamk1525xvqeexve0z2kzhsh88f7d42gn6vh630fy3p8v5na8t0e3zny120g2a4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9BrVZp_OY5bcLtCE9u8PhJmEMJDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpAslggL_tSbI-4AIAqAMBqgSRAk_Q6S7BzaN862EfMkgkm-NhjbkYp9y3ltfuAy2s-bQU7CY2wplIgT16g3UGolK7QqhV1jzfiQQviOk6gSWv2ZsWwIrgSIIHKtiYlbbgTfi3TItmgfZEMQaeCi395wuUa6CeMXN6g70zMLAT-doFX8jAPmBCiCitXMNbjkRlWNr_D7yK3Cm5dXstiqrRkoAsdex7HCZXewr628OYbXp1KeQPEyFg5wT4OZNeQO397aoh10J7OgMRe9Hje_O908Qmwv69E0E1W7JWXW2qVTh9SuWQ_DrCfyzZ0Qa8hW3nJ0IWRYI3yDgfwHaIQiaBmirTP9AdccD-3aTEhJMfBnLA9nnsEQVBxXeX9ZNNFol-7twrSOAEAYAGv8uJxrfT-dFboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0bq-SEH8UVEjdBymt1eZLuchDQgg%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 23 Jan 2023 05:00:34 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 13:56:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 77737
etag: "66da632e2658ba90a2b4863be372b9cf"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-storage-class: REDUCED_REDUNDANCY
accept-ranges: bytes
content-length: 2298
x-amz-cf-id: sJ8f59o6nE3oq2WnAGfQVfEcSE15lSgMe0F8E6EjfTzoYHOC8k54DA==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5E81 42 B
64 B 151ms
150ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIy5umbElQJQB-7pb7Gambgtdo6Q4dnuL5s3jDrzg7SYF0XxGU_eKDE9xxkC6P6MAJo1uPTGBJkpigcMN4jzv8Qna8&sig=Cg0ArKJSzGM8KZiOW9tsEAE&cid=CAASF-Ro4DzK3lN1xKkTnjgZ6x4cGp9qaGiK&id=lidar2&mcvt=1000&p=798,415,888,1143&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4272646990&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674485607135&rpt=240&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F656 42 B
64 B 152ms
152ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYXxejdl6wsbgmQtfbRiG13Q1uyPyLxAJy_XOr5zsro_ncHCk1XWTRm23_qmRv9KjCyDuCZFiVLXRrDXIaKPQGVHtD&sig=Cg0ArKJSzODoH41dlRruEAE&cid=CAASF-RoJi9YGW5Ds15AU1HH1OmE41WJq0lT&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2191873836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674485607296&rpt=193&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E7CB 42 B
64 B 161ms
161ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4HzGwiNebfY6hDTuqjRxZHm6gjL9vV_MWACU22ckOf1K04UjQvjJXb_RozrUFeqcjBb7xjt8JzsEpq9l0gjLYLEPtpaE1zCmtI-eslRxSqBMmFfTvOWFidHuDjpOSPVfm5gwNCw&sai=AMfl-YTUcGXd2ZnBuR30tD_siHQ29keXyhBH9_RtFMJeO9AddOpZkqfCEyfC0j_PUdU5PpGaTNQ7XNIFOgaI2fgO-ptk7kaG83PHoDkDTe3dsUJsClEM07FIrK8yGmAz-g&sig=Cg0ArKJSzEHavF2THQdKEAE&cid=CAQSOwDq26N9A6Cw8OLduQwQCoOS6Mjw1fC2VWvZycbSmnFeFFegeb0HqAnxvLdc5EgVczWHFE7qS6FYEf-gGAEgEw&id=ampim&o=415,434&d=770,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=332&tls=1332&g=100&h=100&tt=1332&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame ED98 42 B
64 B 164ms
163ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOvI8umJt-TngByy_ZwKk-wucp8Il9Ot-iKCepk9ArvJQ7hNMGwJpf4czc-pbilFBFV1AUuG2U9DMSvYLi77DqwK0yGujlNl6fBUOOt73duKozd8n0_W2yojsTkeVj35h-ca1hbg&sai=AMfl-YQWenXnpXMcTdj75mzyeQy_T2e8y39ukF1ULkNkU2yr8laRwLDuICXlYjK8kV09N0lNPHAJWZLHoFyNZfDVDc_Mv3PXsHbNVDdcKJcqSTJ8CExXR_9Q3CGrtXWNmV0&sig=Cg0ArKJSzAgk6cJdHbupEAE&cid=CAQSPADq26N9AkFGfafUxi6XDT93SBTMe1dLbAh2l3mOKeEaT_jdyoi_-Fm3oeezQm1lDmhYMs1B9d-l58pAMRgBIBM&id=ampim&o=415,275&d=770,280&ss=1600,1200&bs=1600,1200&mcvt=1093&mtos=0,0,1093,1093,1093&tos=0,0,1093,0,0&tfs=149&tls=1242&g=100&h=100&tt=1242&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Jan 2023 14:53:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A75B 16 B
232 B 95ms
94ms Fetch
application/json 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-236-156.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Jan 2023 14:53:29 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 158ms
38ms Preflight 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-236-156.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 23 Jan 2023 14:53:29 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A75B 16 B
232 B 89ms
89ms Fetch
application/json 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-236-156.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Jan 2023 14:53:29 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 143ms
38ms Preflight 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-236-156.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 23 Jan 2023 14:53:29 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F196 16 B
232 B 89ms
88ms Fetch
application/json 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-236-156.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 23 Jan 2023 14:53:29 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 132ms
38ms Preflight 3.10.236.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.236.156 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-236-156.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 23 Jan 2023 14:53:29 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSno4jZ_SSdIY8aOkub-8DBaXXYSDSJPJb9imVrfh5W1X1xCrd2OVuWp2wW-Q5pn1gpio9_F3JV9FTXHq8SeMtDRR31eZDwFJhFyoq6_zUbHQpWnqxNCq5sSD6Xp3eh6k1S4FzG0ZbLkQKlmU3Hc-KKCU2QjDS9mNdZ9dhm_P2Yn_fZrM4uXThEKAQEy5WdlD-sfi290zKNCA6eE6tpAG5lL1LNChiJDgnpR99NGDSOwguAP89MxskKPGo3pFHbwes1WGOnexgVBK8ImXzHwlcNvPE4V3IeXszuEeWNifl5AYtW0Z449mUYeh8LKWBobZz_-oubnM0Gqg8OVZZWU7uygrxZ5kVlRw9pQmOOW4EdLmry0C3S4NSKiwcbTSTvxl3&sai=AMfl-YTF4M7eSHDwTjTbkYIJNdK3bgrVXmH_azzhoOLQnXd86EUIpYXTfoeGN6Ir2zCfPHTC6N9BAPGAv8ZVeFQQTwT7ziU1bUZd4S-uDNB1h7rMVw2lhRlCADASPEAbGEORXbPM2s1kPEzp3dwUREyKzdo&sig=Cg0ArKJSzEOXSowq1wb_EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuCbiPfRbWW984AMWI7YXtVXBLJjU7r09_Dsw6Xf1xknSO3x-UFQfFuEvNt7wfk8T0ioCmOY6rK8N33ir-PQN3CtQYp80wacWc1RJbmXCfXSF5zlF9E1d0G_zuoyeiLqn7-7wurSJnNRb7DVvYAHdd5WN7NOC8noZXEPN8I6P3NIlQXECpCKZI4_0C9NV5tQkAJL0ASCV8LVi8KNS3eveV_f_64wi4U3bEKfUr4uGCoLNkdgppY-ybdHUOcqlXGdb09w4c8BXd9KTms0cv3nYbqIsO65tF2rKa4glwElmoMj7bDr9f18e3fK5pbNvMg4BhJjYfWghgPwYgtNG8NX4TmamCzjXRaaqTnW99Bwuo3UcUhCafbEBfZBxyN1OBm68&sai=AMfl-YStlffMc4NSQru8PG-xTnkIullxy0HZsE72JSy9IhIilfDecItSJBl-d-sKiuY16vMev1ZPqt-pNv0RXyOrnxpidw3FnTeF_BmNNdpSAD-GKzj4q_3Sj8s6WXy7byFpK_2rAf80yUhmnr60qlQoYek&sig=Cg0ArKJSzPIl7KZNcIwEEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXcTKo9oKfyWBKPxgtXBa-EndcbqGlPqJ6-_KICCcyXQwPtm2uHNf5vxbtt5kKY6loK9H-MOgBqRUkyDQuRlkjPHu_wumrRGusndIyfF2qdYgiDpdhdgC9VK2t7SjLLIFKZhuVWdSwm--6q06xbEDiQgygMAzDOQp9X6O5J2gQlsS3zPK869xOTwmN9-rovDjVED8jgdaHlLGb8C1ZcGPjU_ti7P8vLl2SpXM6qf88SNyTAh1rnwI7_XAOF5nJKP9FBBTgTIySTERpyBePdIrx6Obxhd16f01xKLTK9aus33JgfqWR_SxiveoaPFPIMOdrnLIfxfNeAYcF4Bhhjh9KQc8_VSPurupCRgL6YaQdwy8jIMnRqGGWtEuN03KpvCH1&sai=AMfl-YTUspTDgydcNF2N3rvwLdAdb48MAFHqvMtdpWD6FKD7WQsojn3BVzswSWtN6AR8RczWWzPJJsuxBghrtRE8ZKxljSSDo_yvHrThywCVrOnZyUe_uOgy84Mthyh8738ITWQJ04eFzCLHCBDJPgLzlA&sig=Cg0ArKJSzFGY1CPjwABcEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvke2ytKPfp9-tMVOGACIpOu_C2TBZc20lRWppGYcEBJ3FSffqkn5FJ1g4iqonR2dFQn134T9m23iy3s41GiXPUlbYUleooH-wPqLk45JkdGbdfvHmjkmSlUIwMe-I3TxLes3g0Jir_f8B5rGBYCTrcrUS4ETjD1EpIrjopxVS_bUk0PCYrntaI1L66NIHvvo8wUabEYSffMqO3_Hw1P-v4E97CQ8dMpHUcV5EsVqB7SSscBJ6B3EAyyI-uiADkZT1e0FlN59HYJb9TLD6-RfwyfzPdXBoDZtZB5M6ZbXBs7NJrPUvN80qe-PBI9B3_uZIniZS2YUfIXsU5t6KdMhCTqTjoiLaOjqLUkZUaSX7Z8ZFRz2_uIIH4uVi_wnExBX8&sai=AMfl-YS2mpaL3eoqeKrl78ZTlWKbgC7ZJDMCFagvNwgeSFbSHC_AvQ_zXitA4GC9KUZeFouYi1qJHgLFmUv8bKCiHS-xgViKkeTr-Xu2cADLFnNMDKQcCxgPkKs8Fz32g2tAnQ&sig=Cg0ArKJSzADvfAv1y3LxEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8WRqYNTwbTpK3HmRM__soE4UlaLQlPAh0-RfSccOQj6GFnwvlFNlwE7zPDUTkvidlj6j3D7LGVcy9GbUlwjk0h6pDJDiHTE6wTYcYoyx1sycMBPSpAH-XYW6AmpLRnN5qMrmHdIf2qiD1MIlWqL4Nj8ugGzy7DeggYH9vyixM0XfImBP2bfmmtGsU8-WiLQLMd_BiPw74_aOolfCJ256_f-JBil4tcjzqtS0lXtaqVtZE2BJ_rN8-OpGTnNDKI3vM3GcXq8vBY05ktfBaMp3YiFsntJ5sfpK9jN-40xDxTIaHCreisB2xRglenHPK102scaKKVfxOtHw_Pk8hG6h0lFrQP-22um5mG1ZbetOWPvQtnrVMMNpuPqfNf4McDmDV&sai=AMfl-YRQX-0FAazAFk5957rTHr1ZnU_tyget_BqifY-xdte5KuHDbmEqyIOEjIntZVMwthIZYp_R4GnwId9HGYhOXLCyLAUoqiH1PDbDKmkYPdlzcoSTTSad7GHLAJQ3-xB5omvC3CzWbKxhfEJ-rJEINEQ&sig=Cg0ArKJSzKjReuRbEjY4EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cuty.io/	1970-01-20 09:18:10	Name: XSRF-TOKEN Value: eyJpdiI6ImNETEFqMk9CanFuakY3STRMQUJDVXc9PSIsInZhbHVlIjoiVm5kNmROcjdLL0w5OUh2ZTJDTzd2SEZPTCtJOXdKUEJ5SG5sQkxhTC9PVllvT3prY1JvWXAwVW1qVWd0SGlkYWtROGtNZ2p1ZXY1WEFqQmRrcTRZVGYybTVJdVRXZTk1UFlGVUI2SXdYT1Z6WGRUSWM1VC9PNTQvd3dwYkhLT2oiLCJtYWMiOiIwYTkwZjI5NDEyNjI5OWEwOTBlNWMzMjRjNjgwZmVmN2ZlOGU4NDRiZmQ3NzE1MmI3MWI2ZjkxZjQxNTVlYjVkIiwidGFnIjoiIn0%3D
cuty.io/	1970-01-20 09:18:10	Name: cuty_session Value: eyJpdiI6ImtvUWVpMHRsT09CTWF6ZlhRWGVNUmc9PSIsInZhbHVlIjoiLzJsS00wMTQ2R1JtU3ZqOWRDK2dOK0ZiWnQrTGJKbENWZElzWlV5ZHV1SDlPaDNtOEM4eUYwWTJ3eGwvNTFtcEduT0lKYkdDTzBSWlJ1YUM0MDVmanFPbVIyOE5TS2Rna3VsdjB3WUpXMi9vNWNXSGIzNXV1WS9BbVBYOGxVUTIiLCJtYWMiOiJjMmZkZGU3NDZiODIwMzljZGI5ZmU5OTY5Mzg2NDMyNGI5YWY4NjM3MmI0YTYyZGUzNjExN2E0NDdjNDc5YjI3IiwidGFnIjoiIn0%3D
cutty.app/	1970-01-20 09:18:10	Name: XSRF-TOKEN Value: eyJpdiI6Ino3SGNxWlRkOGVBcmRFZnBLWXdGcXc9PSIsInZhbHVlIjoiK0FZK0d5NVVWK2xOZWdGNlFNb0k4d3psc3BXcVpkU1dXOTgveEhsbVhOVnVrSExwL2oxNStsdUc5YVlRZzNUNFd2azlYNlRWUmNqWFh1VVFIanhJbThqN3dGWjNoRFIrem5lcHVjYkllZFRzY1hOeVpVQ3hSTndXbEZaSnduZjQiLCJtYWMiOiJjMDJmYjAwMTI0YjE0Zjk2Mjc3OGVmNTg2Y2Y5MTg3OTgwZjM4NWUwYWRiNTIxZDEyOGI0NjBlNjAyNzA5NGZhIiwidGFnIjoiIn0%3D
cutty.app/	1970-01-20 09:18:10	Name: cuty_session Value: eyJpdiI6ImRjOVAvTTBXVW1pa0dFdlJDMXNhRlE9PSIsInZhbHVlIjoiY0FGWnZvUmp2dVlnMGRIaEkzdmlRaXorU1hRd0VxV25wMHVGbzhiZDJVb3FFQjduRy9IZWJoNktnYkVZdTY2SmdmSkI4Zld2NXlTd3pDdEd6LzVlM1ZHTGU2TGxyUVRTUEFxZnJDZzVmcDF4L1hyR2w2Zm5VOG54dXBpUEdqT3ciLCJtYWMiOiI5ZWQwMGMyOGNlZjIwZmJlZjBlZDE4MmUxOTA0MDE3ZDcyYzEwNTRjYThhMzBhYjFjYzMyMjZiMzA4MjNkNjhiIiwidGFnIjoiIn0%3D
live.demand.supply/	1970-01-20 18:44:05	Name: demandSupplyTi Value: 3c3c4cd0-ad09-4ced-9181-f7ce7f433f89
.demand.supply/	1970-01-20 09:08:07	Name: __cf_bm Value: pQRQAsV9FrCqdVP42fMVNeZvEQHmZzz057_dj3pNJK4-1674485605-0-AQrKh7qRy408CyZO3fiHUOz5I77vjDpFiS+3TtZvy2IkZS6QlZcHPGpJOv3u4EYKb1FVN6coOkI3aJuasc3tSj0=
nannieslamaic.com/	1970-01-20 09:09:32	Name: GL_UI4 Value: eJw9jUtugzAYhCHm0SgFdSQOkCPYApqwrHqILpGx%2FxA3YEeGBvX2tSq1q%2Fk0D00URbuqRPzIGNiXbHE800nWomsv6qS7ph5EQ207vKozca5r0WBvln6Vw0RrgueRLHmjeuU0FXgJ0Z9zs26zCdLBS6sLpHNoTAXywbttIV8xJFbOhOz96l3QdJafzoMJ3gU2NnDMsXNLxco98g9jdRiWB%2BwEL4sswuE%2ByfXi%2FNwbncVIRy81IX7Dk5Irjc5%2FI9e03FZ3B9yk%2B%2F%2F%2B7y%2FbBEem6WFUOHfrlfwPe0hKnQ%3D%3D
nannieslamaic.com/	1970-01-20 09:09:32	Name: GL_GI10 Value: eJw9i8FugkAURREMQiuYm%2FgB%2FoAkUJN2a5S46LrrCcLTTBremwxT7fj1Vpuwujfn3hMEQbjMEWqDvCrfi7LcFFX5UVRviM4kCPc15q38sLNecdMTZgeyfcMesaWzFs7w%2Bl9UKx3hZV%2Bvv%2Fib5crj8PAyTFvtfIb0Ec9vniDSg0H6Sf5Kx9X2gJTJqcEQdUh3Yo3YxhHykT69OEKiB2Ws%2FPp4goXTPd2EScnpNJD7Q5NLHN4BzxBAAA%3D%3D
.cutty.app/	1970-01-20 18:44:05	Name: _ga_GGDCMPL4QP Value: GS1.1.1674485605.1.0.1674485605.0.0.0
.cutty.app/	1970-01-20 18:44:05	Name: _ga Value: GA1.1.354501130.1674485606
pogothere.xyz/	1970-01-20 17:46:29	Name: csu Value: 798747459287330@1@1674485605
.cutty.app/	1970-01-20 09:08:07	Name: __cf_bm Value: uvHP5SV1jQ23E0G64170YvOuMlH5LQFnQX2_9pm9Dos-1674485606-0-AUtoYKG65OmdbrgDW8oDpmQ1d8kZtwAS6a9N/0ZtCiZ5/1twb6cPLikeJs7Tt5eNMUJMf6MChPbGdL45fPpkr4MGJJ0+zJGLon3C8yOEhmg1Xu+zR4H0U9fJuc9fLyq+85LHGY9qpCbdhMjlDchSD2U=
.doubleclick.net/	1970-01-20 18:29:41	Name: IDE Value: AHWqTUnU2rVLrkx5DdCPChD9VxPXyutlHF6OjfUzYoV8csPwKsOiwNfy67I5bWpfbTo
.ads.avads.net/	1970-01-20 18:44:05	Name: av-mid Value: 170b1637-8328-4df6-9bcd-e64ff92c63d2
.ads.avads.net/	1970-01-20 09:28:15	Name: av-tp-gadx Value: 1
.pubmatic.com/	1970-01-20 09:09:32	Name: KTPCACOOKIE Value: YES
.doubleclick.net/	1970-01-20 09:08:06	Name: test_cookie Value: CheckForPermission
.cutty.app/	1970-01-20 18:29:41	Name: __gads Value: ID=d166a59795ae7ec7:T=1674485606:S=ALNI_MY7bZTOc7IqOlciQKespsfKz4P7Zw
.cutty.app/	1970-01-20 18:29:41	Name: __gpi Value: UID=00000ba86081e5a4:T=1674485606:RT=1674485606:S=ALNI_MZ4njGPmL9o2HPspkWXUbkqN5vRQw
.pubmatic.com/	1970-01-20 17:53:41	Name: KADUSERCOOKIE Value: AD361EDF-2849-4539-A58C-5D8FDB3E0075
.everesttech.net/	1970-01-20 17:53:41	Name: everest_g_v2 Value: g_surferid~Y86fZwABl82Z3QAh
.yahoo.com/	1970-01-20 17:54:03	Name: A3 Value: d=AQABBGefzmMCEG-xSynTDjvxCxQFOS6-dLQFEgEBAQHwz2PYYwAAAAAA_eMAAA&S=AQAAArpMHQFquLNpzG1Ii5B39JM
.lijit.com/	1970-01-20 17:53:41	Name: ljt_reader Value: GCO9rGZHkC8Km2-9T8m64RbK
.travelaudience.com/	1970-01-20 18:38:20	Name: _tracker Value: %7B%22UUID%22%3A%2238751A2C-922D-4A75-85CC-F244B73D5C32%22%7D
.adform.net/	1970-01-20 09:52:44	Name: C Value: 1
.w55c.net/	1970-01-20 18:38:20	Name: wfivefivec Value: cBRXYTM91PjYcn5
.adform.net/	1970-01-20 10:34:29	Name: uid Value: 6980287767240409156
.w55c.net/	1970-01-20 09:51:17	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-20 09:08:09	Name: DSID Value: NO_DATA
.awin1.com/	1970-01-20 09:12:24	Name: awpv11354 Value: 412871\|1674485607\|b1ea7680-9b2d-11ed-a66f-223554f889ce
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 09:15:17	Name: HTLP_timestamp Value: 1674485608
www.conrad.de/	1970-01-20 09:15:17	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 09:08:07	Name: __cf_bm Value: MdT.GJVOFePRpmPecT3_qxI_bOh074kVTsChACWGLGA-1674485608-0-AVSkCuLCyfuehMLjXldWXBwj3VK6T+ksQXZ50tUmFVgBaI98PUelcsPvrfiPeBNTQm2zN64sykSbxg9Z3JO/FAg=
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uq255wy5xgabxua414edl01j
pb.media01.eu/	1970-01-20 18:44:05	Name: DTU Value: 92516DAE6848EA2A253A44C27317AF7A
.c.appier.net/	1970-01-20 17:53:41	Name: _auid Value: CWJOh1krCGatLVw8aJ_OYw
.c.appier.net/	1970-01-20 09:51:17	Name: _gu Value: CAESECJuB8n-xQJTLPU-qUO3KIs
.o2online.de/	1970-01-20 09:18:10	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjc0NDg1NjA4dmxlYTFkZTIwMjMwMTIzMTU1MzI4ODA3OTQwOTM3MDNYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 09:18:10	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 09:18:10	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023012315532880794093703X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjc0NDg1NjA4dmxlYTFkZTIwMjMwMTIzMTU1MzI4ODA3OTQwOTM3MDNYMTE3NzAzVjEyMjYxMzI3MDJNU

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-418529419%3A1674485605940644&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfDmfmTzrgt0ia3y3F2sKnwrOxeEMflJDRTPw5HUlD0_neo5NfgukNg-x-6nJb8nmzYGjlvFQ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1190213220%3A1674485605929540&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHd2seJmQESx7zflF73BNgidFNnHjYsNSPeBm4mGBIyW7MPLS1qRjnzrGMpTxL0LyDY4ML_8Dw Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/022301041800000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://cutty.app/Q18titUI40 Message: The resource https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwLw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63c2e798706ea7cdf27a6507fd08d8f5.safeframe.googlesyndication.com
a.c.appier.net
accounts.google.com
ad.doubleclick.net
ad4m.at
ads.avads.net
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webgains.io
ap.lijit.com
api.demand.supply
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cdn.cuty.io
cdn.id5-sync.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cutty.app
cuty.io
d1b9b1cxai2c03.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id5-sync.com
ihopuchcomp.xyz
im.bluevoox.com
image6.pubmatic.com
live.demand.supply
nannieslamaic.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pb.media01.eu
pm.w55c.net
pogothere.xyz
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb2-useast.e-volution.ai
securepubads.g.doubleclick.net
slaqandsan.xyz
static-de.ad4mat.net
sync-tm.everesttech.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
securepubads.g.doubleclick.net
www.googletagservices.com
104.87.133.65
108.138.7.92
142.250.180.230
142.250.201.194
142.91.159.191
145.239.193.130
151.101.130.49
162.19.138.119
172.104.45.159
172.64.132.29
172.67.137.92
174.137.133.49
185.64.190.78
2001:4860:4802:32::36
2600:1901:0:76b9::
2600:9000:2491:2000:12:409c:d0c0:21
2606:4700:10::6816:3556
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:db1
2606:4700:3031::6815:4bd0
2606:4700::6810:8516
2606:4700::6810:8616
2606:4700::6812:7e05
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:806::2008
2a00:1450:400d:807::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2001
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200d
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:d29:3602:e638:e78b:4e7a:3c4d
3.10.236.156
35.176.33.61
35.190.0.66
35.205.207.25
37.157.6.254
46.4.62.19
51.38.120.206
52.193.58.193
52.29.201.72
52.45.175.185
65.9.66.110
72.251.249.9
84.200.5.215
88.198.250.30
99.86.4.94
0183e8db99fe855eea58a501b18becc10ab642ebe9360fc082946039536762dc
0505b7443eeaf23a35b397b9ed40f3d610bc31df7cbc8506551a492652bb4678
059fbd3e3fd10036ccca55b5d8ca87fc56519c981f8920765f8258272a78dcda
07129112525182e697e7b05a5f481f66086c478050c0017ce53d4cb6b2329187
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f0ed2ce334fcc6f1b0afcf1bd4f3506d20da2949012da76ae205cd6773a56fd
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
10304c108616a4cd69a1a7e08ab1c00638b58a863d0413e6ddcf033c1d2a1057
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1eb6a860427095d495e066d7a3911ef977a5266b874f76d762fbca1b9b6739ae
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2ec6225a4e15fce914847fb3a4ac496b393c23cf38f0a614293b0e7311b7c33b
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3853ccce7978b60a38e8e5a2f7b5fd56cec00ad9f7fefa61f14a6e2e1458361a
391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f
3991b0b38f1d624a4f6123550a39241ec12142a27e4f9dc802fae8ae1673d1e0
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
455437a6e76255307f43fd003d3d00e1491a4d4185fd15ee70fd393f8c88e29d
45a03ddeac46f9ebc3f24a15581bd42c80926fcbabb42c59bfad5c169bdbfde1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b9e598f076283a5fa43b7c6216db61dd61c4bbf860a70c04893e018f27e3bda
4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074
4e249aef61e2d675b41a8d764b5b9c9a8ee9ebc5e512386625516f6d2c8a4977
506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9
5127d0cf61e7acdcabc059edf915cb35c5c3f666e2484ff7b2b6a9bb231adf49
53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c
5430e0c6ab72e7a9f124dc89b76e32c00f70e4ac38c3f4c311056fbebaf85ada
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
5ae4898fa3331bab36302a5948c65edd4a00577dde64b81232b7d97cf2296d37
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60a5d31a25c7241ceb8453c796b9285827f2a6344eebbe26a2a28dfae4c71b1d
6170c176158b385f669ef60f0f8ff573663f2f5356d3bd3721e4fbbd9d2f3af0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d
6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e
691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7
692e1ed1d887bba4d2dfb9fada67913a5e4739fe4de7e3129655516ed20ef823
6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a
6af51033af37e1c51d34646324a1038be289be6d555ff5be6bce9704f27ee815
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
6e205035f95d2df2de450fc415ca764d947545541d1b3501ba2c76f8094c877e
6f464c14f05e0bd259eb3eae0fb254dc5adf7d498b0b914645fdb024925d867b
6f7dcef18cd587dea91f518153522b08077c7f14739790b611d039f2b02209e1
764a24ce637830ef67e306049f8a1a272ff4583536eec4e80992d9c56f9e06c2
78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706
7a4131862ba801d4677a15bc305ca04e40861a908584a9470ab733d2a1734e37
7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5
7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be
7d27c8ab7e8071771e28d1ee6bc3cf0fb9845b7f38e22a7e1b08cbd6669900a4
7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86cbceb103552cf2e7edb7c614b2564328a8c74811d9b525a445dd8bac73a9b0
885cb07503e088de00e0b1502940db47d59817caf2a3e35e1f92432d48d6f8fe
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
8e1b39d8a0f2295682ad1eb9a869ec7cf33020d372be996b47b661a59bc70486
8e2ee89c7d8b005855815d9322fc256807b79e35dfd1bc02df09d3e383ea4ba5
977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
97b5f97a81f476a8dfbc0f9e0fc6338a4382d3fba6e69b10359aa711ed219b51
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
a120e7d729f4a010c4e7179884002bebd44e5ffb9e14817256169f7f95b3eeee
a22008244d7b85fbb6f174a7cf8c2dc9c495e08810d5982f276bfddedee928ad
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a567414569b7c2cab6db6feadd92237ced0c9393a6d63f0bb507a049cd13a37c
a62d68f3d87ae443180ec75093c24146cd859c00d546a0a95ef98ddf35bceeff
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a9ed6c0cdb54ddeb561369fa2f9748cd0dcba457ba2cd0cb1955cf48387bcf2a
aa5eef3b2cbff39fa9ebe8dbb361f0c2b2797235898e4f7ae7f53ff2291db5f4
aa837750b3c258d6562dbb7c18b674652dcb03d30f55dc7778c39307ed3fec1a
ab2bd5f7b6e18490b4b474cf7fa4b6990e9ce4fc24b8c73cdc094d76d3257e1a
abe7470c624b4610f6e6c1bcbef2fa2718865b5163b8f5a029a6df7354f70ab8
ad3bd452d4feb90eed0329afcbfd5ebff9bb47ab6ec37e569e8478d66e266361
ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d
ae4b527636fe7250d259e24c51ec1beded043f669477ec8e93af2b3a5f1b9e2a
af9b86895225cf0eb508597af6bc5112647e896e96e61c6a45af3b5ab9bc6f61
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
aff358bda87632f1b082c3a9dffcb51f8e0648535bbb80ef61708c6e25908e97
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bed0d34ceb553f63979106b2727e758c35bad031f390b8c8ddd7704e7edbaf3e
bf50ba5cc565e194f7269daf24ab93f8f708c5e16bbab13ca17dd10e5ad12f5e
c26475bb7e7dc26a17273e505078ea1ad0b32f99c574c47c31b0c59d4448498b
c6629584f62feeb6b024b50fae7e99ed6bec9942ce434c8163e2d627f1253dbb
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef
cbdd212495d8c88b3632d2b4530043d244744aed9e997674ed41b2034228e408
cdff2861f10b799c1b8f5564ab4d80ada546fe2425dd5bdd5e0e5303a8828f86
d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a
d4e7f21914210e4d6da2b44cc05a554cdd1e538ee43e1d4dc5d6e6a1f1ee1282
dbd08f2c4c52ca2c903bf94dd72aea0181ada5543ddbdab9c684291254432aca
dc78d0ae04e90f166274e27a8af76d6a676cbf360f682f3993ef4b453ee5d598
e04e816bd78f33ab4d76ec764c224629a500de06c7660902677de1220992f5f9
e04f4ca4d8266668143368d77fe46d1d0eb3670fa65bc8aaadf706740ee1aec6
e08510dec52ca6f9b4826278d920dd0af6dce266c6c4202bfb22799770aa6b45
e0e8584c61bd4b0f4d64413d1fcdc674bd7a1a73917b4979d6e85ea1c9f1edcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5aff37e562a9007e8c6d6dee2bcd3388d9a8c9c0e4ec5f56866c6994906ae99
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ecd5f32fff9e491b04cdb43c89c457d601aa418cfb2918af71fa764786196de6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f2117cd091d79e5709dcb521cce8923564d56f7661a5d5392b59a8a5ef6820ec
f239f3f5ba2fe8def7ffc52c0268cfb1cbd362214823676459daa279370a9cfa
f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e
f5347c4105095bfd7a60d36cebf6326aa7be3c361650fb65db295b6062389ba7
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fc43f08021dabc77fc2c32b7d464e16cebb702b9eee5bffb6e908cbacfdb8563
fc871e89201aa44e7380e81e7f7846c4164e5a5d3374ba722a90e518ad48feae
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

cutty.app Open in urlscan Pro 2606:4700:20::681a:db1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

237 Requests

88 %HTTPS

47 %IPv6

45 Domains

60 Subdomains

40 IPs

11 Countries

4185 kBTransfer

7134 kBSize

41 Cookies

6 Outgoing links

Page URL History

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cutty.app Open in urlscan Pro
2606:4700:20::681a:db1 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

88 %
HTTPS

47 %
IPv6

45
Domains

60
Subdomains

40
IPs

11
Countries

4185 kB
Transfer

7134 kB
Size

41
Cookies

237 HTTP transactions
6 data transactions