urlscan.io logo urlscan.io
SecurityTrails logo

cutty.app Open in urlscan Pro
2606:4700:20::ac43:4621  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/44poEhS
Effective URL: https://cutty.app/nPsV4TDBa9e
Submission: On September 01 via manual from MK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 8 countries across 34 domains to perform 258 HTTP transactions. The main IP is 2606:4700:20::ac43:4621, located in United States and belongs to CLOUDFLARENET, US. The main domain is cutty.app. The Cisco Umbrella rank of the primary domain is 755897.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2023. Valid for: a year.
This is the only time cutty.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
1 28 2606:4700:303... 13335 (CLOUDFLAR...)
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.91.159.88 7979 (SERVERS-COM)
25 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 139.45.197.238 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
14 2a00:1450:400... 15169 (GOOGLE)
5 139.45.197.242 9002 (RETN-AS)
1 2600:9000:225... 16509 (AMAZON-02)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 18.66.97.88 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 141.95.33.111 16276 (OVH)
1 34.252.126.23 16509 (AMAZON-02)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 178.250.1.11 44788 (ASN-CRITE...)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 74.125.133.154 15169 (GOOGLE)
3 5 34.252.227.148 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2600:1f18:1ac... 14618 (AMAZON-AES)
3 142.250.185.226 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
1 1 44.213.203.90 14618 (AMAZON-AES)
3 2600:9000:239... 16509 (AMAZON-02)
3 216.58.206.34 15169 (GOOGLE)
4 7 185.80.39.216 27381 (CASALE-MEDIA)
5 11 142.250.74.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3 37.252.171.149 29990 (ASN-APPNEX)
1 2 52.51.159.118 16509 (AMAZON-02)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 18.192.109.4 16509 (AMAZON-02)
1 1 178.250.7.11 44788 (ASN-CRITE...)
2 2 37.157.6.232 198622 (ADFORM)
2 2 216.52.2.30 32475 (SINGLEHOP...)
1 2 51.38.120.206 16276 (OVH)
258 47
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
28    2606:4700:3037::ac43:a7fa (United States)

ASN13335 (CLOUDFLARENET, US)
cuty.io
cdn.cuty.io
5    2606:4700:20::ac43:4621 (United States)

ASN13335 (CLOUDFLARENET, US)
cutty.app
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.91.159.88 (Netherlands)

ASN7979 (SERVERS-COM, US)
forbidcrenels.com
25    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
api.demand.supply
5    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
cagothie.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
25    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
14    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
eedsaung.net
1    2600:9000:2250:3800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    34.252.126.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-126-23.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
18    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    2a00:1450:4006:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net
bid.g.doubleclick.net
5    34.252.227.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-227-148.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:6b::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5ednss.c.2mdn.net
11    2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
3    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
ade.googlesyndication.com
7    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
29    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    44.213.203.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-203-90.compute-1.amazonaws.com
pixel.adsafeprotected.com
3    2600:9000:2394:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
googleads4.g.doubleclick.net
7    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
11    142.250.74.194 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    52.51.159.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-159-118.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    18.192.109.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-109-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
Apex Domain
Subdomains		 Transfer
49 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
ade.googlesyndication.com — Cisco Umbrella Rank: 323
230 KB
36 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
bid.g.doubleclick.net — Cisco Umbrella Rank: 798
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
329 KB
32 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1242
r3---sn-4g5ednss.c.2mdn.net — Cisco Umbrella Rank: 509955
s0.2mdn.net — Cisco Umbrella Rank: 311
1 MB
28 cuty.io
cuty.io — Cisco Umbrella Rank: 468875
cdn.cuty.io — Cisco Umbrella Rank: 519767
880 KB
25 demand.supply
live.demand.supply — Cisco Umbrella Rank: 39979
api.demand.supply — Cisco Umbrella Rank: 79400
43 KB
22 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 1639
dt.adsafeprotected.com — Cisco Umbrella Rank: 579
pixel.adsafeprotected.com — Cisco Umbrella Rank: 739
static.adsafeprotected.com — Cisco Umbrella Rank: 607
fw.adsafeprotected.com — Cisco Umbrella Rank: 884
181 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
325 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
219 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
5 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
imasdk.googleapis.com — Cisco Umbrella Rank: 488
135 KB
5 eedsaung.net
eedsaung.net — Cisco Umbrella Rank: 35264
146 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 cutty.app
cutty.app — Cisco Umbrella Rank: 755897
41 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
dis.criteo.com — Cisco Umbrella Rank: 596
8 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
2 KB
3 cagothie.net
cagothie.net — Cisco Umbrella Rank: 696493
29 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
533 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 591
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
27 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 809
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
12 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
146 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
749 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214 Failed
57 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
13 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732
2 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11732
540 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2547
241 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
82 KB
1 forbidcrenels.com
forbidcrenels.com — Cisco Umbrella Rank: 392872
1 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6526
283 B
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
258 34
Domain Requested by
29 s0.2mdn.net cutty.app
s0.2mdn.net
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
27 cdn.cuty.io cutty.app
cdn.cuty.io
25 pagead2.googlesyndication.com cdn.cuty.io
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
24 live.demand.supply cutty.app
live.demand.supply
client
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
cutty.app
imasdk.googleapis.com
14 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
cutty.app
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
11 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
11 dt.adsafeprotected.com 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 csi.gstatic.com imasdk.googleapis.com
7 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 googleads.g.doubleclick.net 1 redirects 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
pagead2.googlesyndication.com
7 fonts.gstatic.com fonts.googleapis.com
5 unified.adsafeprotected.com 3 redirects imasdk.googleapis.com
5 eedsaung.net cagothie.net
eedsaung.net
5 www.google.com cutty.app
tpc.googlesyndication.com
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
5 cutty.app 1 redirects cutty.app
4 fonts.googleapis.com cutty.app
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 googleads4.g.doubleclick.net cutty.app
3 static.adsafeprotected.com 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
3 ade.googlesyndication.com
3 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cagothie.net cutty.app
cagothie.net
2 onetag-sys.com 1 redirects 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
2 ap.lijit.com 2 redirects
2 c1.adform.net 2 redirects
2 fw.adsafeprotected.com 1 redirects cutty.app
2 r3---sn-4g5ednss.c.2mdn.net
2 imasdk.googleapis.com 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
1 dis.criteo.com 1 redirects
1 x.bidswitch.net 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 pixel.adsafeprotected.com 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.googletagservices.com securepubads.g.doubleclick.net
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 api.demand.supply live.demand.supply
1 my.rtmark.net cagothie.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com cutty.app
1 forbidcrenels.com cutty.app
1 cuty.io 1 redirects
1 bit.ly 1 redirects
0 sync-dmp.aura-dsp.com Failed 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
258 56

This site contains links to these domains. Also see Links.

Domain
cuty.io
sulvo.com
Subject Issuer Validity Valid
cutty.app
Cloudflare Inc ECC CA-3		 2023-07-05 -
2024-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cuty.io
GTS CA 1P5		 2023-07-30 -
2023-10-28		 3 months crt.sh
forbidcrenels.com
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cagothie.net
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
eedsaung.net
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-15		 9 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-08-22 -
2023-10-31		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh

This page contains 20 frames:

Primary Page: https://cutty.app/nPsV4TDBa9e
Frame ID: A4C7A08FDC6F2343FC287915ED4E4B62
Requests: 93 HTTP requests in this frame

Frame: https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Frame ID: F958CC588C3E896C6D3481C280C2EEB4
Requests: 2 HTTP requests in this frame

Frame: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 859C38B51591F30733E6EB22B0D8DD7B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutty.app
Frame ID: 73BBD292C60E8E1CA60428F25AB8C3B0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C5FFF6826F81551F19800CFA0ED5F94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C9E791A8706641917272665321A290AC
Requests: 2 HTTP requests in this frame

Frame: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F25DB64EE947288664CC45E9D7D3CCCD
Requests: 42 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOcagiJX7eqRwQ2E7pSrUAedwMX6phzz3bpvbfH6ZrHLHrpoNLSJ1fxwlZiFM-V99ywCbLLIeu9-Aff3jY2nW-IT-EKBOB-bGmI27F4uXaOhYPZ5Z5DvAIGU2P9z1GF6Pj420jNXWX7TdumUidYanlXEzYGD1K-pVlP4L-PRoLOi1HynOHA-7QnzEDtGlwyYVSakEg1UFdq30W4mP6cJFJnqKcmJ_w5fHRY46QE7v_Ys7URt05qK2u72iyBHgpT60YMio2UPic9qcK0iJtwIL6N-wmTcQvHhV9RehRxStYTLnzdNZMeqlVqDSjOyukcjJuNLcPBiYGDWXaEchXbMIpmdaN4ni-EmWp8QUi4DgE1hgtA7S7lBflaPJ8TnXK_dejrmA3sBU&sai=AMfl-YQVQCsbbxG2P_PxLfWP17TxSGkQvUpbJzGJEzNE4Jb7v-wPb3b-8q8shiS1t86XFr6ndCTzNEJ83X5MuGErkso-ohpJP0JzsA5uzO5P1hKWNDBLC85AB1DVO5g9d53cXH1S_r-Y0tj2vGp6TnNn&sig=Cg0ArKJSzP6LP-rqElptEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 35D33C483990A55E1CFB6DF8B3405EE4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwzT3DqYsHUepjSPRMZKnY372lRhYS8FjlrtS-dYNi79m0KpBdc6-iaomtJTngiTH6HyiFrTqCJdSzhPtAMmvyWeJw9A09BEHAoRzEeV5mrxoWQPzp1jiJqtnmQy4zraXZicwyNnB6ppYEv3ee_cupgLDK5vqkr8AFdi-K_Cg4Bh25aMIQAGw2hbKYqtNN72K18zhuhyPj7nU9lG-nlrnUx2W2C5f4eYuYHcIKfoj9fFQVKtjKOpebJGHHZDjsb7-iAzy9sye90Mcjri-rcpqkyKN7Fontt9k9YCom4UEjjrtafb_Nob08_I976rFZ1ERgF5GYfzyIK5EVczEUqp2AWKy-ekE2VBbmblhEFOfpmfXPwrzidfQoFVE9hNV-Ri09_4wCQw&sai=AMfl-YQBQsK-HNOZZGZNjaY_zWK40pHN0Gf1qRzvtwL4qJv2oShLtCX8CWhwZeMAPf9Qc1w-tmkvI7b6egj6egIRIcwbmZ1a5s18N-PLYhyEmT45BOq1chgC_vMTll4imOt_NqyvHilNDsCLXrgJ6AEj&sig=Cg0ArKJSzPkw2Te4I3S_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D0128FADCB84CC1843FC1293CE24FAC9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNUlyfEpzDPbwD8IAj9XrVMHBW05WWZ_o_YoPf2mrewKj2rApvc156CRNCfQmG7oiZcElG7MIJsBGAl6JMfCejG2-0R2L3Qo8Q09GMtd-gg_W6-P0zqj9zq8Tlg0GnA2oncoeBTp1A3Lojk8WdQ6Sw8ZHSH_Z6OZzaFN6ozPUlCejcebkaNrCLSX32q8WCGflaUr_sj3IUwJWLbPN9Xfp5UH4HCmc3BoxjkKDNHUOeaun9KtGfucRXRFopEVvvsfVNIP1OSWaCvKiPBR_HoFpJYjvYs4kn9bigJr9StBBRwiC79uzEUotzmKsqrV670WkyPFzueBRZC_Os2cMtoew9dcCIJRkNpdQNuW3vo_3NyVC668A-eyMcxiDllhZVYHxbyOEwBL4&sai=AMfl-YRfHZC9zQkSXBjL_aPWwf0WOJs2mkT0jLBwJyapREEMQS2-RxE-9uK3dGRgnABwJ1ep4H07z0wPOr9ovFM&sig=Cg0ArKJSzG98pUFtuUXWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1422AF54B73EB7BF79DF1B9F211BC221
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPlPXbu67wCtqEdrEMnYkROa9pohEeNn96wL9uDq1hab5tMMZ9qOCg652mHH0H6I8L2DacRPfprXXdqpMSpZF5DxR4aXimH0DkH4eIgGdP1ZipDMheuU6YmfN6X5Uwh8zFjtfjodpyVXUqW7BhXggNPWesuFmPBZjUw3KtQKX7_yKTdPdi9cdWILJKK2yQ0UhmUaZ5CEvHUJddn_wFd6qggjeXRJXM3gDovyGjEuW7lZxtHGjtXBG5GpccicwD3Ujmw1YYU64SJVfQ3rSzijF_gRjMtM3DhB1eYYGlIKdC7K5S31nZ5076O0FNWLtIkiEFpHppgyItbfWGHuuJ8e5agHPadwra7S643SfOSYJdtRYcr-28Kg-AtAwmysVqcUgsQBFN1A&sai=AMfl-YTuP7aZPUQXxq_K2Vu7RVFSsXnGi3m1uDblOxsWNR7Hj4INXQQb-WDOhZj9OwAJbmuvt10wIa7PItEjDvlD3rEK9LRX-wLk4iTfCQAR2agX9HPNKUPRCBJNz8iWouM&sig=Cg0ArKJSzIpEgGdwZIylEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D4481DDE66BD8B766DBB06FB4BC1FB8C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 8B8E244622ACA7DCE31B6FF39F462674
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B2B8DB846961D64627A5EF3374123531
Requests: 3 HTTP requests in this frame

Frame: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2B669EC9A4C881E1DB0AFF3DE13BAF38
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYqMKj6gEwAQ&v=APEucNWSu6IJVuTk7ao59__UVTjtkOSQIZaFOBpuWUyFd6ujDGZdKGdzFEwd-8ZrY385PWE3-WP5Jzo1UHTOTZ2R2BRODT5ws3VfHO0N3ILes7tKm_IzXAOP3VKcR-dZF_h7rQHR38N-YDJtiKKGwLgjn1uSnr9-bfViPiI-KjG52gYAipqE-Nnsx7IikT_JwEiHlJeG8gloAqXVMXyuRCr4LJv_d1J9Yw
Frame ID: 14E2AFEE6A4B2064FF0BE0ADDACFCB1A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: AA3640939F67FF829A418A218E412DD9
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 70AD79E785E962A93FA4A79AF244CECA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AF0508FFA6D2FB5B145EE4C3DBA04DED
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
Frame ID: D29A103C9B34C9598FFE2AD438D53D51
Requests: 27 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8E50EAEC8391ED176B111BAE77CD83C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shorten Links And Earn Money | Cuty

Page URL History Show full URLs

  1. https://bit.ly/44poEhS HTTP 301
    https://cuty.io/nPsV4TDBa9e HTTP 302
    https://cutty.app/nPsV4TDBa9e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

258
Requests

90 %
HTTPS

53 %
IPv6

34
Domains

56
Subdomains

47
IPs

8
Countries

4166 kB
Transfer

7921 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/44poEhS HTTP 301
    https://cuty.io/nPsV4TDBa9e HTTP 302
    https://cutty.app/nPsV4TDBa9e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://cutty.app/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Request Chain 77
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutty.app&sn=ChromeSyncframe&so=0&topUrl=cutty.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=rBbwzHxkQm1zVDV3ZDBkczVwdTZwMmhRcVNvOVNZU25TY2Jid1dUM1VlbHh5RXFRMFNmRm5UeTRNanN6SGx2SjFWOHdvWHgwSFUrcUtJMGJVcUhBNnEvSGM5Rm1GN3BtME5nMmNJd2t2WHJmMkhGYzcrSHYweWhLOEtkbkFWUWErejZjeG5Vdlg5K2ZKOS92SGhuYXBBb0RRWjYxeE5OeXQ0QzBkM3BzaGtoQ2F3RisxWkgyaEJNaGFTZHFtRllncHB1Ri9kbk5CUUZ4L2ZpREt0ZU80TjYzQVJyRWx2V0d1elg5MkRxaGpwc295SzRQL2UrbHBPWGRoZGtpM2ViTmxBS0hrMm1wcVA2NVNCK1hQOFg0RWFkY2hRUT09fA&cppv=2
Request Chain 135
  • https://gcdn.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/CBAD2853BB42B380A9289CEB92186444A197627.30887B57D0E8E4E8548454CAF2D1FB06A2FAE7CC/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5ednss.c.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01EDDE2851F92F12024B8CCE0224B261220D8428.82E1DF7AC43C93454E6DFF3A21E83240C04C732C/key/cms1/cms_redirect/yes/mh/CQ/mip/2a01:4a0:2b::9/mm/42/mn/sn-4g5ednss/ms/onc/mt/1693574453/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 149
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vOTU1OGJlNzQyODBhOWM3NzgxYjAxMGQxZjczNGY1NzYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQ4MzkwNiIsImN1c3RvbTgiOiI3MTQyMTMzNiIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjNiOWE4OWM2LWQyOGMtNDM5NS1iZTY5LTdhMjZmM2E3MGEyMyJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDE5NTgwMzE1NCIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2OTM1NzU5NDc1OTU4MTYyNTgiLCJhZER1cmF0aW9uIjoxNDEwMDY1NDA4LCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1483906&pubEntityId=71421336 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 154
  • https://pixel.adsafeprotected.com/rfw/st/1483906/71421339/skeleton.gif?xmtp=v&xmapp=0&xsId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&bidurl=https://cutty.app/nPsV4TDBa9e&ias_campId=1012753603&ias_pubId=pub-3831894559014614&ias_placementId=20195803154&ias_chanId=1&ias_dealId=549644393847793680&ias_impId=v4~~ABAjH0gI2MhtYxvx8LYgaiK9okmn&ias_dspId=3&ias_creativeId=191839045&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUGxvmZYxHQzKf86zEy5qYAT5eSpF2LyHN5GkYZgA-jGtjkZOGFsAs3pwKJT9CLFjsrkRBeHqtKBWewS2Ytr7fjI0EQu2my2xkdXQ6-jhkPzo528AqPzFPyBnJ89NpbG7J7BqPsJec9jHxy6hUeP91nDct7sYsfZG3WN7aQKTEgt8QHQhyED0mev-jomQfroyLhMV3UAS4rUWu&sai=AMfl-YQry_fDzad4qQpfJm8yYmQCgzlWadrzsa4zE4E-XgS4y7x3yyliB6rEj5vA8CZCFg7lN4gDmkLJBA6FarZnS3Nt3dP0iRTq4I9G1zdhpiNBJllLDDAlOp4GPO1pwJmVamMO6gS9NoQgVB-lB8muwk6AhQ&sig=Cg0ArKJSzGk4Qa6ku5daEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=71421339&redirectedRetries=0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUGxvmZYxHQzKf86zEy5qYAT5eSpF2LyHN5GkYZgA-jGtjkZOGFsAs3pwKJT9CLFjsrkRBeHqtKBWewS2Ytr7fjI0EQu2my2xkdXQ6-jhkPzo528AqPzFPyBnJ89NpbG7J7BqPsJec9jHxy6hUeP91nDct7sYsfZG3WN7aQKTEgt8QHQhyED0mev-jomQfroyLhMV3UAS4rUWu&sai=AMfl-YQry_fDzad4qQpfJm8yYmQCgzlWadrzsa4zE4E-XgS4y7x3yyliB6rEj5vA8CZCFg7lN4gDmkLJBA6FarZnS3Nt3dP0iRTq4I9G1zdhpiNBJllLDDAlOp4GPO1pwJmVamMO6gS9NoQgVB-lB8muwk6AhQ&sig=Cg0ArKJSzGk4Qa6ku5daEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=71421339&redirectedRetries=0
Request Chain 156
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYoc6j6gEgATAB&v=APEucNUvZFcY_xxD57-jEl5asSeuOov_4kLkfDyUhaBS_8HnE_4IqG3pa5o0pumktY8oEGle-PJoFe9iD1KVgioZfUhcXR54Dg HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPHrDBfvPfxzk6Ofykt2zQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
Request Chain 189
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPHrDMTgeaZLMLL3manE3AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE2ruTwpUD9VnWk1RD-qtA8&google_cver=1
Request Chain 191
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQwMjA5MTEyMjYyNDE3MzE1Nw%3D%3D
Request Chain 206
  • https://um.simpli.fi/gp_match?google_gid=CAESELuWscZm-r7e4-DcZe4C-HU&google_cver=1&google_push=AXcoOmQDtiMoHeq925TEcT0_rUoot3S5ANeVoRwsrpYd1e44GPhpQTOiX2KcZsYUx9WQxppIvtgIe9bmjGGy-vgwZDTvyUsCHrHjKUj9-6QRBfN2RF27gEDDXkxw0_eAfZMhywD1Oz7irfLA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5CCBC6124D442A4A3023A9D9344E674&google_push=AXcoOmQDtiMoHeq925TEcT0_rUoot3S5ANeVoRwsrpYd1e44GPhpQTOiX2KcZsYUx9WQxppIvtgIe9bmjGGy-vgwZDTvyUsCHrHjKUj9-6QRBfN2RF27gEDDXkxw0_eAfZMhywD1Oz7irfLA
Request Chain 208
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS0PQFHOuerU-UzF2vAIioCDi0y_1hTAy5gqOv_xzD7Uw95zfBrtz62PwFN9eADxdXFu31NKqHvytJ7AjuI2TS5ooPb6v5v4tK8_CatFxRrJR7FsT2TaRXx-a67yQZg8Sv2UCclzDlM&google_gid=CAESEAQS5q8hKoD8G5S6O9ge6Qc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-TUsNb5bvfTJaYIrF65ozGtU3o6iwRv_aHu7o8A&google_push=AXcoOmS0PQFHOuerU-UzF2vAIioCDi0y_1hTAy5gqOv_xzD7Uw95zfBrtz62PwFN9eADxdXFu31NKqHvytJ7AjuI2TS5ooPb6v5v4tK8_CatFxRrJR7FsT2TaRXx-a67yQZg8Sv2UCclzDlM
Request Chain 209
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENH7_3OCZdXQaGuJpoESwtY&google_cver=1&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVoPEporIJEteb4KebAIvYRUZZB7QKGj-pSV-NO0BEAfrTeKDk0kYgBA1LANpJ3Tf7Zz4Fm0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENH7_3OCZdXQaGuJpoESwtY&google_cver=1&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVoPEporIJEteb4KebAIvYRUZZB7QKGj-pSV-NO0BEAfrTeKDk0kYgBA1LANpJ3Tf7Zz4Fm0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE5NTY1ODk1OTI3NTk4ODM3MA&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVoPEporIJEteb4KebAIvYRUZZB7QKGj-pSV-NO0BEAfrTeKDk0kYgBA1LANpJ3Tf7Zz4Fm0
Request Chain 210
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIIpXLCPrTjo5aduoEMqhgI&google_cver=1&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-yzJaFolDGKUAuQBSte6lIowPSXiTZ4W5UKBhoYnzbruO6CWOdgnjsdl HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIIpXLCPrTjo5aduoEMqhgI&google_cver=1&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-yzJaFolDGKUAuQBSte6lIowPSXiTZ4W5UKBhoYnzbruO6CWOdgnjsdl&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-yzJaFolDGKUAuQBSte6lIowPSXiTZ4W5UKBhoYnzbruO6CWOdgnjsdl&google_hm=HP6ZuGZHrRe7YYGrSGm2yUPn
Request Chain 211
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJOmzV3qf4MT3HecoijNVa0&google_cver=1&google_push=AXcoOmSJikgh5NZdRQ2ClAcATiId5JLlRvZXYgESi6DC8cUf-U67KUdB9FR9JvgXxcspb2muXZCooW3ycnRIcf6wHwoXI2RZ6nB4luc-pdyRliJU61MVDJ2FgKAqfn4M4ecftek-Bg_h6XkbyA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJikgh5NZdRQ2ClAcATiId5JLlRvZXYgESi6DC8cUf-U67KUdB9FR9JvgXxcspb2muXZCooW3ycnRIcf6wHwoXI2RZ6nB4luc-pdyRliJU61MVDJ2FgKAqfn4M4ecftek-Bg_h6XkbyA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 215
  • https://fw.adsafeprotected.com/rfw/st/1483906/71421243/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012753603&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20166357794&bidurl=https://cutty.app/nPsV4TDBa9e&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hmXGtBttOPf0wzmIjxxLb9&adContainerId=brand_safety_DOvxZLnPBbnDx_AP4sqy2AI&cbFunctionName=goog_wrapCb_DOvxZLnPBbnDx_AP4sqy2AI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcutty.app&adsafe_type=y&adsafe_url=https%3A%2F%2Fcutty.app%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:51922069-a06a-d711-a112-9e34dc59771f,c:mYsIV4,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-g9gth,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:21,oid:db7223ad-48cd-11ee-803a-f6e89b403d12,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_DOvxZLnPBbnDx_AP4sqy2AI&cbFunctionName=goog_wrapCb_DOvxZLnPBbnDx_AP4sqy2AI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Request Chain 259
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovLzk1NThiZTc0MjgwYTljNzc4MWIwMTBkMWY3MzRmNTc2LnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjE0ODM5MDYiLCJjdXN0b204IjoiNzE0MjEzMzYiLCJtb25pdG9yaW5nIjoiZmFsc2UiLCJyZWdpb24iOiJpZSIsInhzaWQiOiIzYjlhODljNi1kMjhjLTQzOTUtYmU2OS03YTI2ZjNhNzBhMjMifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAxOTU4MDMxNTQiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjkzNTc1OTQ3NTk1NTIzMzQ0IiwiYWREdXJhdGlvbiI6MTQxMDA2NTQwOCwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1483906&pubEntityId=71421336 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 262
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUyIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovLzk1NThiZTc0MjgwYTljNzc4MWIwMTBkMWY3MzRmNTc2LnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjE0ODM5MDYiLCJjdXN0b204IjoiNzE0MjEzMzYiLCJtb25pdG9yaW5nIjoiZmFsc2UiLCJyZWdpb24iOiJpZSIsInhzaWQiOiIzYjlhODljNi1kMjhjLTQzOTUtYmU2OS03YTI2ZjNhNzBhMjMifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjAxOTU4MDMxNTQiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjkzNTc1OTQ3NTk1OTY5NjI1IiwiYWREdXJhdGlvbiI6MTQxMDA2NTQwOCwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1483906&pubEntityId=71421336 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

258 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nPsV4TDBa9e
cutty.app/
Redirect Chain
  • https://bit.ly/44poEhS
  • https://cuty.io/nPsV4TDBa9e
  • https://cutty.app/nPsV4TDBa9e
105 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006959287f9f6931969fa42b7711a464f100b0dba17cc79d9368818399d86072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
7ffdf49ddc519b8c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 13:45:45 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1Fy7773xYHHxHU9PA0S4crh8JwQ%2F%2Fc7cZynww%2BtIS5RMAZWprWdDELFxwETFWTMPYcVL9UfRDNTCHDAbBn24m%2B3LPoLFTkSlzrVfIVrvKKnDGZsS1mtrcZBOS%2Fa8LeHKrNLTfFotQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ffdf49d1c4e2bda-FRA
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 13:45:45 GMT
expires
-1
location
https://cutty.app/nPsV4TDBa9e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PLfNpnWK1JzHMW87WMI0vZW3jvX0tsEP7eT3oAeHKkfB1vFzfnEkY0FG32Oi3RpCMG9SSexgR2Wjm5kb7bDGEgEdrO8mQFQvkZARxL96MJz0ZjBHzPaUxpa6sDDoxo15PxOHOJp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 12:18:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 13:45:46 GMT
public.css
cdn.cuty.io/css/ 		51 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15175065
cf-polished
origSize=52548
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Dec 2022 14:22:02 GMT
server
cloudflare
etag
W/"63ac510a-cd44"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWmmYVT4bP%2FNq%2Fif%2BCCaRPWp6PZi%2BzFrBQ5yB9NmSdHSmgLSLKoklhvDcZd44mwhATzV08u4sQcuUEEdPlRiROx7ueCmUC9uY3r1M9t9DeXYWgLOZDQYFsdzv0RnB82%2BwzlmVVhyoUGDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7ffdf49e9ed52bda-FRA
expires
Mon, 01 Jan 2024 10:59:13 GMT
logo.svg
cdn.cuty.io/images/shared/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/logo.svg
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20772655
etag
W/"63b16742-175a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3UqsP%2FhNthZmqOSvQhyeU8YmEJDBO%2Bzl3oZpO0NYxcsqt1wFPE6vX3mxkA%2BtJtG473YMzghiHMR4lhNBE35yUEUfGEuAwpRU60ezsVqLQzEtWzulqyAPKirpQTz51DnUGTa3eXp5fdSsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7ffdf49e9edb2bda-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 01 Jan 2024 10:59:14 GMT
locale-en.png
cdn.cuty.io/images/shared/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/locale-en.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16988134
alt-svc
h3=":443"; ma=86400
content-length
24647
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-6047"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jw%2F41Qv5YBTEixNd2WiYexFmTa9ggYmmmOF7MIqRvLiFJCF5aC5bqPQlkpU%2B7MokM7j1O0nbjrcqWgUHNW7Uen3X3HcSBr5MgSgoYqEdqLAVt5a95%2BWsxs%2Bb1ImdwkJdQrMqV2CYfzilDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49e9edc2bda-FRA
expires
Fri, 09 Feb 2024 17:38:14 GMT
arrow-down.svg
cdn.cuty.io/images/shared/ 		220 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/arrow-down.svg
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20772655
etag
W/"63b16742-dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m5wBU9fElHH7gOAydNpQQ%2Fq99tCDGS2kaygL2EmME1KRaD001ug8qOp1XtlOhbxe%2BNpoo7J78DeLaMXFGPlULcrgipgCf6m0NhDb54gGK%2BaQOSOja3MfbmRkNatv3521JB2IP55GhXfMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7ffdf49e9ee02bda-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 01 Jan 2024 10:59:14 GMT
locale-es.png
cdn.cuty.io/images/shared/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/locale-es.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16374780
alt-svc
h3=":443"; ma=86400
content-length
12579
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-3123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AR%2FZTpGy6K3AgWNlnQIk6L2LPFRCesui9S7myjy0dma3go%2BShbjosj5KConliUSWm9ScPt75logfH%2BrFMdACZ5AHKnrwvhIQOzlatL6f8UEU6CKfSV53AIej0HBv%2FaB5lhzLGQJH7XBrkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49e9ed72bda-FRA
expires
Fri, 16 Feb 2024 21:24:25 GMT
locale-ar.png
cdn.cuty.io/images/shared/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/locale-ar.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16534780
alt-svc
h3=":443"; ma=86400
content-length
51070
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-c77e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Czb1wdzAsBf67NiwghOF0H%2FzKu6SRaOW%2BUJs9L5wsFS723FakVlq0qIeSgWAwLGmUZtB%2F9mS5K8OLPg3zlDAt0FhdRlDsGDKwQYbOmkYUFo8ml82rkehTHiD1L8NZzxs3Ogh1R3vOSVabg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49e9edd2bda-FRA
expires
Wed, 21 Feb 2024 05:15:24 GMT
locale-fr.png
cdn.cuty.io/images/shared/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/locale-fr.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16997869
alt-svc
h3=":443"; ma=86400
content-length
16411
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-401b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlSZIf%2B5mjcUdgmOBTvqGzC4e7oC3TmB1L%2FRlC8Jr2PNZsA85i85U2WjCBfWQFEYKtMRv%2FMKVXwzEi5uXFWTxJuI9T2y7rMWHuvBytccajN5chSxjmu9FGwz7fgsOabjupCcdUhUjx90SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf102bda-FRA
expires
Sun, 04 Feb 2024 00:06:21 GMT
burger.svg
cdn.cuty.io/images/shared/ 		207 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/burger.svg
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20772655
etag
W/"63b16742-cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BWwOSQzIEK1WPvUJzByAaT%2BhEBIjvVad5U0n9rOJL0%2BHz5kTgw5Uf19obCqhPkC9F%2BwH69MPo4tTCkpTb9aOd9%2Fq%2FlXOj24%2FVkM8jqisJZfe4W6gviZx%2Ba5%2Fvx4ZmtbnIqcaQvdn6XSIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7ffdf49ecf122bda-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 01 Jan 2024 10:59:14 GMT
x.svg
cdn.cuty.io/images/shared/ 		209 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/x.svg
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20772654
etag
W/"63b16742-d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3s2TfNyW3aOG0EieTqEk5TXpiEutKnHSDNJJlY76bt1BPpnIRWBi9aesfe3Un07yBnnDUJfC7tt4iW4n4S56vWRrj%2FHBOxuBUPf0lQva7NLaaMdTSdjzQ5byshmyOd7kvUApEn1Mz0VbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7ffdf49ecf132bda-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 01 Jan 2024 10:59:14 GMT
facebook-icon.png
cdn.cuty.io/images/shared/ 		409 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/facebook-icon.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16370493
alt-svc
h3=":443"; ma=86400
content-length
409
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-199"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrvYsaNIzbc0mu9m6s%2BK%2B4vke6mhIpvI2gR3K7U9lrCveAbQmDY3mfhjqidBYw6p4Cx%2Fnn8djJ%2BpO57tTeAzPls3ug4PvPZpPBRLlmE4S%2FBTvl0%2BaE3%2FryAcwen34iJGvGcjmIQKORuC4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf142bda-FRA
expires
Sat, 03 Feb 2024 23:06:31 GMT
twitter-icon.png
cdn.cuty.io/images/shared/ 		809 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/twitter-icon.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16625490
alt-svc
h3=":443"; ma=86400
content-length
809
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-329"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PT0opiyp5lSL7PuxkffM0Rzz3w2i3YphwxbeGdSFTtjZI2fDQ%2Fqo5qgCquhk9ITtj1z7s4QETgKBfmFOciQG8VMuY5dTctVaRN6rcZyDAJr%2FYwT%2FzAU1K7RQl5mKnfKnkKi%2B86prU9GKbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf152bda-FRA
expires
Wed, 21 Feb 2024 01:52:28 GMT
linkedin-icon.png
cdn.cuty.io/images/shared/ 		222 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/shared/linkedin-icon.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16997869
alt-svc
h3=":443"; ma=86400
content-length
227769
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-379b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeiIvpX5R%2BfWPd8%2BVvoO9yHN1zLrq7lyA9GlY5G%2BW1%2FJ9QIppSLZQz%2FYdSzLhrvWD4v8HjgFdXrwTmARoDxunr1vm%2B67MKpbAmEGkPwSVKIHbNOX%2FPOZg0FGsKTC46zruMBirCn54M1klQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf192bda-FRA
expires
Wed, 14 Feb 2024 20:49:33 GMT
60028
forbidcrenels.com/1clkn/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forbidcrenels.com/1clkn/60028
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
142.91.159.88 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 13:45:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Keep-Alive
timeout=20
step-1.svg
cdn.cuty.io/images/public/ 		2 KB
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/step-1.svg
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20772654
etag
W/"63b16742-658"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcYIVItiKZKh9jr7CotLYrumjeX1uDB7fe73lOmu5oXoVFr2gshIIZ%2FIFGvWYsyfkGAIA%2FDVCBz4u2FHSZXGcurU3%2BjikjqNg75E56%2BLp4uZ%2FlJDPjQwCS15FMtmUKwiMJKn1RCR3K9ZCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7ffdf49ecf1a2bda-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 01 Jan 2024 10:59:13 GMT
step-2.svg
cdn.cuty.io/images/public/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/step-2.svg
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15303936
etag
W/"63b16742-607"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHtditoO2CBrTWAuwMBAGT1mhW3aRNE9Jt3BK1szLncDMxmtipei82hIj0uINSDPe%2B%2BfImS1iKefD%2BWr%2Bd0QX%2BdHMlheXibUhTLbncEDBz3%2FLFOHoJ8CZykJTL5QtU6cY9DpnuwnO%2Bd2OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7ffdf49ecf1c2bda-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 01 Jan 2024 10:59:13 GMT
step-3.svg
cdn.cuty.io/images/public/ 		1 KB
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/step-3.svg
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20772654
etag
W/"63b16742-45b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgEVpQKCF6ntd%2BZX2EI5KhKrIOx0cfU9SEs38Ex11YLU%2FIbCR5I2bD13Hu%2FO2bLL%2F0NBVZcOBw%2BuA5lanJMWA3r85kmvxTEtfe4o%2FSJHMk5hqSCMkkaEFIv1kWu5ywzfjni02tLluHcwjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=31536000
cf-ray
7ffdf49ecf1d2bda-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 01 Jan 2024 10:59:13 GMT
money-tree.png
cdn.cuty.io/images/public/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/money-tree.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16625490
alt-svc
h3=":443"; ma=86400
content-length
27646
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-6bfe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHQKfCjjRtMYR9xQMv0NX7MRAvwhRq05yK3oIyrLXfnzw%2B6Ke3ccSf3S0nBx%2Bxr8cLvtyN8Hp0ROQNgL5JqdvIPVA%2FhjcPb%2Ftzaj%2F4sd%2F5%2FY5SGEEs27GIXNJ0C5%2BEP2TOMY5jyTj3KI2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf1f2bda-FRA
expires
Fri, 16 Feb 2024 21:22:58 GMT
bitcoin.png
cdn.cuty.io/images/public/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/bitcoin.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20536384
alt-svc
h3=":443"; ma=86400
content-length
30766
last-modified
Tue, 03 Jan 2023 22:11:44 GMT
server
cloudflare
etag
"63b4a820-782e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70RE8VaciGedsEv7crPjUwbHxRD0HoFrzuxl3svCUw3fvf2Ul4QcIsAtNPI0ux3XQ%2Fynr4HRejArhh1tGaLoP8nfOhpQfLeokw9EkuTvmVF1dBH47W1VFIy12PSGW2NoeULz%2B7wKbcylLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf212bda-FRA
expires
Sat, 06 Jan 2024 21:09:02 GMT
payeer.png
cdn.cuty.io/images/public/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/payeer.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17167111
alt-svc
h3=":443"; ma=86400
content-length
1390
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-56e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kUw6XL%2B9Gwzgoq2E9Oi0V8jwTZgwqPHQEtWHhBcq1Gy2hatTLJFqh5cWSMC6lhsjXFS2G3OYphHqu4SqWox0QEU6IGzp4rIhs8dxhCd8AEtfy%2BS49xl%2Fb4U7%2Fy1yvyuxAeDzIflBb5ZYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf252bda-FRA
expires
Fri, 09 Feb 2024 18:08:41 GMT
paypal.png
cdn.cuty.io/images/public/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/paypal.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16539307
alt-svc
h3=":443"; ma=86400
content-length
24721
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-6091"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvA9UNxZ%2FFkZ4tAPSOuA6cfIl4gAfAlbK3BajvShJIBflmOp5mVc%2FP1LDqLe4%2BAUoVpIb%2ByUXNepMSo89EkdFW84YQAPIvxyiX2AiUXkNpN2P%2FgZZ8BrAKMtDNqDZkbYgfIdff6PePcJHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf282bda-FRA
expires
Wed, 14 Feb 2024 20:37:47 GMT
perfectMoney.png
cdn.cuty.io/images/public/ 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/perfectMoney.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16539307
alt-svc
h3=":443"; ma=86400
content-length
202386
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-31692"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMS8PBCz7PPpjnrNx1655zbKuVY2fkSxQLofqN27oj23gZWszJADdQDLhbhlLeg07WMCLMeep56FxQf%2BO3FsmuajV7UxLrI8c9UJxrwIARGwFaTFoEnWVupq0q7mlht13Obpm4vUZH%2B34g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf292bda-FRA
expires
Thu, 22 Feb 2024 02:57:46 GMT
advcash.png
cdn.cuty.io/images/public/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/advcash.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17163008
alt-svc
h3=":443"; ma=86400
content-length
8141
last-modified
Mon, 16 Jan 2023 19:17:51 GMT
server
cloudflare
etag
"63c5a2df-1fcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1DaN3C8bTSXOUuEUDGuBXubJcxnVSrZ%2Bmhnc8VQmD9Gufqltd5uNzg%2BfrEgnlMVaXAYTqyOAZPFvWuXlQb7QlINQ7pNJ3PVhyreIwtchQVUkxuySp0DLnsMrqNoKh0vhKC5eMB9J502qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf2a2bda-FRA
expires
Sat, 03 Feb 2024 23:06:31 GMT
airtm.png
cdn.cuty.io/images/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/airtm.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20024016
alt-svc
h3=":443"; ma=86400
content-length
1558
last-modified
Tue, 03 Jan 2023 22:11:44 GMT
server
cloudflare
etag
"63b4a820-616"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjgE%2Fs9sjs6uP3AM10fqBxXeVxkRcFvKkYtESuEuA72apeTyFT0YcninTjVID%2FteCDlfMUYiK8yqUpALC2sGYZ5bTwyFltSpvwm1joUv8ep%2BdN3YWzf6Yu9o9SvdJ4licSnON6PH0CuFFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49ecf2b2bda-FRA
expires
Fri, 12 Jan 2024 18:18:59 GMT
up.js
live.demand.supply/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbf3324a14b5a6537a9c2fe97274668e4b8cc38b0bdc5f7d4a0e0d8bd7e24c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H913VYFTJTMGRG2WG00C550S
date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
age
1148
cf-polished
origSize=4393
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"d94ff32e24df6d9db0f0b53fa8cf2c7a-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
7ffdf49ecdea37e6-FRA
link
<https://live.demand.supply/impl.v17.14.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/Y3V0dHkuYXBwLw==>; rel=preload; as=script
timing-allow-origin
*
base.js
cdn.cuty.io/js/layouts/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cuty.io/js/layouts/base.js?id=7b6d921fa2998eec41905b028a5eea9c
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ac15d8d9f7da428c2d7e9b0ef5497717826bd353c567be0ddff6c7928470f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1001249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 20 Aug 2023 23:37:17 GMT
server
cloudflare
etag
W/"64e2a3ad-19fc5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SkzaPVbwOeda9PcFQ1UKT3Lwmiw8UHYn%2Fd3gDnq7ZtBDES22ABjItD%2Fm%2FGrQj6ddAUfUZjNk%2BUefRQNMjoZb6Vm1A5oi3vntmGmNJ4m%2BLB%2FnGVB7srIzgBWe6aqjKXMCWfSbPFyh5%2BHTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffdf49ecf0b2bda-FRA
expires
Mon, 19 Aug 2024 23:37:19 GMT
first.js
cdn.cuty.io/js/public/links/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cuty.io/js/public/links/first.js?id=b5d70824436d5033e5470ea58edeaead
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ccd76f69e6bdac8cbd6ccbce43db08972098d3187902247a757df6cae55d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1001249
cf-polished
origSize=24533
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 20 Aug 2023 23:37:17 GMT
server
cloudflare
etag
W/"64e2a3ad-5fd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhTF2Zqphn0zhKemaE%2BicPKT%2FnFxrdyFi46uf0z8u0nkURPkbGejyL6PJ3shz9FiJAoI%2B4AIp1d6UyL6PaaA753RJtrC6%2BoVOoMSTl96y%2B9O5VQ8LWVie35eANFHr39oiSiMVxvPcCsyrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffdf49ecf2c2bda-FRA
expires
Mon, 19 Aug 2024 23:37:19 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
x-xss-protection
1; mode=block
expires
Fri, 01 Sep 2023 13:45:46 GMT
js
www.googletagmanager.com/gtag/ 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
128667763ed4bd03e6610c75c11a9db7dfdfe860b9db8c44230c499ce8b33c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83683
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Sep 2023 13:45:46 GMT
nav-links.js
cdn.cuty.io/js/public/layouts/_partials/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=f338899f8ebe21b8628b0734dae97eb9
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163412492738a4458887c0784da56fbbb1e273b0eabcd6dcd725cd3848041e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1001249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 20 Aug 2023 23:37:17 GMT
server
cloudflare
etag
W/"64e2a3ad-c1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYf69nFcIlwgyYrwIjGB0LLPM%2F%2FUkYJHmqc9f4UoP3NXDtqBprihvIcOlmuqp6MRmUqRSCqX%2FdVbBBzn8299V4mHFMjk3H1v3pURLXtnVxcr%2BI3mN17m4LHzeEzfPr7UJakc6IlfE1hFew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffdf49ecf2d2bda-FRA
expires
Mon, 19 Aug 2024 23:37:19 GMT
app.js
cdn.cuty.io/js/public/layouts/ 		335 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cuty.io/js/public/layouts/app.js?id=41d39bd846fd307ea7c2c50356ee32dc
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0112c66fd7b76151b98a13bd4136e331c7478a3278f7a19c74fd13a81dfe170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1001249
cf-polished
origSize=343308
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 20 Aug 2023 23:37:17 GMT
server
cloudflare
etag
W/"64e2a3ad-53d0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIFIfNSsoTnuHxa9Yn3lHsWALiXCuPyIFJkYOI9Sam1QouO2%2Ft7E9AkP8V7ovdYt8cXcbpXPVZPLbC2X7wIFOD%2BqqU7FTtfEvHo7HcWBHd6nczitPkK%2BFOPgkzwDLH0kSDto%2F0oVzNbOoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7ffdf49ecf2e2bda-FRA
expires
Mon, 19 Aug 2024 23:37:19 GMT
heading-background.png
cdn.cuty.io/images/public/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cuty.io/images/public/heading-background.png
Requested by
Host: cdn.cuty.io
URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a7fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20772655
cf-polished
origSize=107203, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
96971
cf-bgj
imgq:85,h2pri
last-modified
Sun, 01 Jan 2023 10:58:10 GMT
server
cloudflare
etag
"63b16742-1a2c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HR%2FQ3XI5Dso02Vi1Pv8hh21MA7nocOWdyaPnnBIxFiZZSD47PXQayb7omRoA1bq4fntetfdBoxoodLt%2BbXoryAjqlj3%2FM2RvwMwWC7OjFg1WCje7SXUKwV6Wq7JkHP8ZA1IO5StGzlVoBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7ffdf49edf302bda-FRA
expires
Mon, 01 Jan 2024 10:59:14 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cutty.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 09:58:02 GMT
x-content-type-options
nosniff
age
272864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 09:58:02 GMT
nPsV4TDBa9e
cutty.app/ 		0
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cutty.app/nPsV4TDBa9e
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/nPsV4TDBa9e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8LG4TTDQX6%2BIFhyYIX0UGdg7Q1cMBTIlvCM1jLPCU2c8aROmxMRkOL764op2dcIJvL5V8QFPv0Ngi15Q6IdTBSJaagdmAhjff%2BunZPDCPNr36N%2B4H9ACRpZ0pCxLkNTQXBpy0B5Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
must-revalidate, no-cache, no-store, private
cf-ray
7ffdf49f1e3a9b8c-FRA
expires
-1
/
cagothie.net/5/6246182/ 		97 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cagothie.net/5/6246182/?oo=1&aab=1
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8ad2cd5801a4f257b4fe9e38c8bf0375347dab6a91ab51723f1b37d51b0818b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-length
97
x-trace-id
683159ba2697a641307a80d225c0f6b4
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cutty.app
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
cagothie.net/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cagothie.net/tag.min.js
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fd7cd22f8b04b8859934d3af2b90bb1e8af1ca74750e9492c24c44b4d03bbaf0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
25154
x-trace-id
8397b894b4c974f2503a60634410b8c8
pragma
no-cache
last-modified
Fri, 01 Sep 2023 02:55:55 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		454 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutty.app/
Origin
https://cutty.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Aug 2024 09:33:40 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.cuty.io
URL: https://cdn.cuty.io/js/public/links/first.js?id=b5d70824436d5033e5470ea58edeaead
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50936
x-xss-protection
0
server
cafe
etag
15215848421151376644
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 13:45:46 GMT
main.js
cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame F958
Redirect Chain
  • https://cutty.app/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Server
2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf68ca7844a8290b38a4a03097af7808aeeaa2dbd8c8a1f4fecbc627c81eb81a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99v10fXnzAn5%2Fy7s%2BgSaWUsN9HZRHABjGHfK5I94%2FMRKHxWxxNeohAl%2FaRzsNMP2lObryj1vE62GNEJcHG%2BsL0Sf9NgxPvX50E5hLnqOo2i%2FmFvS8IBO9V51U0tbNHcDXX8UqsJurw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ffdf49fdf899b8c-FRA

Redirect headers

date
Fri, 01 Sep 2023 13:45:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yw9gQ%2BX02wu6FMCogPRnQZRrMNtC7IvCd0862yN3ovAE8eOT2AOQotEbfmlYAifl5qZDRFpqRXGRP8s3XbsYldmyqEeobTkAChsQ2BvYAgxWsQFlYutLrhGVTWb9F%2FXUOLBolAolQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7ffdf49faf569b8c-FRA
collect
region1.google-analytics.com/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=45je38u0&_p=725772690&cid=985298903.1693575946&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693575946&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutty.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: cagothie.net
URL: https://cagothie.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ea2a354493948de289261102dd81bab54d6789ed4d474a2790024515f5138658
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cutty.app
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
7ffdf49ddc519b8c
cutty.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F958 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cutty.app/cdn-cgi/challenge-platform/h/b/jsd/r/7ffdf49ddc519b8c
Requested by
Host: cutty.app
URL: https://cutty.app/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7ffdf4a0a8ae9b8c-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxBMV%2Bpi27uBb%2FmRjTPccaUy48xLJEhbgxQOT8IupQ4Un3y8BAEcYCjkDlLF2qtUzwFs03asH3v2kd08J4GA%2FuLXsK6lTb5h9Oa7HOGOEaRa%2FOgvCr1572yb0k0wBMGHGUM%2Brjhf9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
impl.v17.14.2.js
live.demand.supply/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v17.14.2.js
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H913VKQN69AD5D7PM815AE4H
date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
age
247484
cf-polished
origSize=84250
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"3ce466eb95e0d30ae9ee8f6ff9db4cdf-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7ffdf4a0b83037e6-FRA
Y3V0dHkuYXBwLw==
live.demand.supply/p4/v17-10-0/ 		592 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v17-10-0/Y3V0dHkuYXBwLw==
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57dc266908af527913a6244e7bf5b858eeb9cda0d3d101da4a0d4d306b87196f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7ffdf4a0b83337e6-FRA
alt-svc
h3=":443"; ma=86400
/
cagothie.net/5/6246182/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cagothie.net/5/6246182/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.595.1-auto&userId=d0bd599e71a04da6b1a535a308fc941f
Requested by
Host: cagothie.net
URL: https://cagothie.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b7d025cd571f87d465694f8f1fe68cb89d9f17e75de0536bedd8edb9751585a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
gzip
x-trace-id
86e09e9697d1c9a9def54b04aafc2706
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cutty.app
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=307&cs=c&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
age
222371
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a0dd069201-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a50a39278bad3e086b0726e3a7a3cd6187855d0268a48fb6c20688aad7a241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29093
x-xss-protection
0
server
cafe
etag
962 / 19601 / m202308240101 / config-hash: 9283820109230677264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 13:45:46 GMT
Y3V0dHkuYXBwL25Qc1Y0VERCYTll
live.demand.supply/p4/v17-10-0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v17-10-0/Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f5053f18a79369492e44ab50584a78d6f424dbb46c5c8dd54e15d86227fb1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7ffdf4a0cf232c36-FRA
alt-svc
h3=":443"; ma=86400
ds.2.html
live.demand.supply/ 		413 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H8PSTADSXM1PZK3NZ3E5K842
date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
222206
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
cf-ray
7ffdf4a0dd039201-FRA
alt-svc
h3=":443"; ma=86400
1
eedsaung.net/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/1?z=6246283
Requested by
Host: cagothie.net
URL: https://cagothie.net/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
563bb3e781b696f96ee531b4bd1d7623a196f5f3fb051326dd8960e3803d5d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-trace-id
fc505da3f7a60fd94bf6db1317a61686
pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
gzip
x-sc
baJA2zeTos8PMnLtnGz8_4jyhMA6jL0I-euTwLUC_SfkYdbZqxxy4p90yIZSpJlz76itrwvjNzSe86RFsVAUdx7D-o0=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
1
eedsaung.net/ 		966 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/1?z=6246283&oo=1&oaid=d0bd599e71a04da6b1a535a308fc941f
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/1?z=6246283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2e6157f51724e71905159d2c0bac2adb5cebfb219ab9775af60adbde692d64fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-trace-id
3f4432052a976c2b9911b74916aa8719
pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://cutty.app
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
966
expires
Mon, 26 Jul 1997 05:00:00 GMT
cutty.app_fluid_lb+sq_firstpagelastbannerad1
live.demand.supply/cp/ 		30 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29fcf3f45aeafee94a31ea2156baaf0e73c20a6c5118cdf33619e0fe8fdd8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7ffdf4a18d8a9201-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
cutty.app_fluid_sq_firstpagemiddlebannerad1
live.demand.supply/cp/ 		30 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/cutty.app_fluid_sq_firstpagemiddlebannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac2558f96f7acb52a0807d7f6642761c59b43b55782c24251333b9cc7f1605c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7ffdf4a18d8b9201-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
cutty.app_fluid_lb+sq_firstpagefirstbannerad2
live.demand.supply/cp/ 		30 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagefirstbannerad2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29fcf3f45aeafee94a31ea2156baaf0e73c20a6c5118cdf33619e0fe8fdd8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7ffdf4a18d8c9201-FRA
alt-svc
h3=":443"; ma=86400
content-length
30
e.js
live.demand.supply/x/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H69H9Y5CPKHCAM02S9SPEGXM
date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
age
1587411
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"6b8291c0243e15f13cce21eb63771ab4-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a18d8f9201-FRA
17de61080ae6c4070bb3e0689b73465f
eedsaung.net/27/ 		403 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/27/17de61080ae6c4070bb3e0689b73465f
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/1?z=6246283
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0a5b76c2c4870d1a9c047ccf65a824ccc977b49eab02cd0f405bb937ea3d1ff7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-trace-id
d0c1affff5bc00dba1b78ddb3bf8d4e2
date
Fri, 01 Sep 2023 13:45:46 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
last-modified
Fri, 25 Aug 2023 06:36:53 GMT
server
nginx
content-encoding
gzip
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Fri, 24 Sep 2083 06:36:53 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 06:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
26918
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 31 Aug 2024 06:17:08 GMT
9
eedsaung.net/ 		7 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/9?z=6246283&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=d0bd599e71a04da6b1a535a308fc941f
Requested by
Host: eedsaung.net
URL: https://eedsaung.net/27/17de61080ae6c4070bb3e0689b73465f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer
https://cutty.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
7f97b59b8db6d43aab42e73b41d431eb
pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cutty.app
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
7
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
eedsaung.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eedsaung.net/9?z=6246283&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=d0bd599e71a04da6b1a535a308fc941f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://cutty.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cutty.app
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Fri, 01 Sep 2023 13:45:46 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&pdc=0.18487093448638917&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
age
222371
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a27e789201-FRA
cutty.app_fluid_lb+sq_firstpagefirstbannerad2
api.demand.supply/v17-10-0/a/ 		375 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v17-10-0/a/cutty.app_fluid_lb+sq_firstpagefirstbannerad2?&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a710668848bc65c8b38bb5bc80e1e6c0d66def4eafc90fc375642f62338e78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
6654
etag
W/"177-O/x8nYlTk1blmWki4pHtJ5mj+Oc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
7ffdf4a2be8dbbaf-FRA
alt-svc
h3=":443"; ma=86400
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Date
Fri, 01 Sep 2023 05:08:18 GMT
Via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
31049
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
d0zzw4aEd37Cz6cOYdF3l6WDvDhjB8FfxaYtM-0tv-dIOoH_kBUz7g==
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Sep 2023 13:45:46 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:55:11 GMT
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 22 Aug 2023 15:52:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
78636
x-amz-server-side-encryption
AES256
etag
W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
4a-czAtUx7ydIHWC5qxuNDvq6r1WWVOy9SvL18k--fgBh-tBMbmzHQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
4CPGG2PB19G6Y493
age
1710
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ffdf4a33c7cbbb6-FRA
x-amz-id-2
pzeoRmaYqzxVPX/QWSecMhRQj0dlPfga3bg0/mAfT+rpR9SjPu4gc7A0cWd8tueqvYbdgP4fTuVEesK+7zuJ8g==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18342
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6I8lHZJoIWN4PuwLY7PZhV649%2Fjon6%2BoNSnXm39KEM4rQWfCHk8bkB6fP1D0Jjdg%2But4KUbx7pIE4sNxy2RdJEoQmx4a0e9UDdegcoCDdFMogQPG61hAvWsbrCT7bgjDRc4%2BCapyKoWbNMyEIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ffdf4a33b469073-FRA
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
a3fa489e68b8afe18eeef908b08ee88f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=965605248765256&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C452c23d9-f8eb-4dbb-a3b3-37ced8f94d9d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693575946721&lmt=1693568746&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcY3sP4h6UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRjew_iHpTFIAFICCGQSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7D-IelMUgAUgIIZA..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.18%26bid-p%3Dgoogle%26bsc%3D75&adks=3944088621&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07f65e34b5e456518f518d8ac77713b68e25abf7195fb7737514387d8dc73cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12364
x-xss-protection
0
google-lineitem-id
5564063177
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 859C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutty.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 13:45:46 GMT
expires
Sat, 31 Aug 2024 13:45:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&pdc=0.18487093448638917&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
age
222371
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a32f0d9201-FRA
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=cutty.app_fluid_sq_firstpagemiddlebannerad1&pdc=0.22131943702697754&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:46 GMT
cf-cache-status
HIT
age
222371
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a32f109201-FRA
cutty.app_auto_728x90_sticky_display_bottom
live.demand.supply/cp/ 		29 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/cutty.app_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8aa999bfea523469a916fd4610e06aec165ce65a86dab97e02b013d827b9bfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
7ffdf4a32f139201-FRA
alt-svc
h3=":443"; ma=86400
content-length
29
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=3763837208860385&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cbaf135fa-8002-4844-8cb4-6fdeec129911&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693575946755&lmt=1693568746&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcY3sP4h6UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRjew_iHpTFIAFICCGQSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7D-IelMUgAUgIIZA..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.12%26bid-p%3Dgoogle%26bsc%3D75&adks=2253808439&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e95bff443ff3eecc70641ae379c5251e68c2c6179d38cb3113730d302e24745e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27070
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=2621427983209560&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C4d3ee50e-9453-4613-a5ec-6919ef0a5e59&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693575946764&lmt=1693568746&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcY3sP4h6UxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRjew_iHpTFIAFICCGQSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGN7D-IelMUgAUgIIZA..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D75&adks=1423356822&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bec731f5264f3a23f23743b6c63d814f88b5f8bca0c55d273b8bcfa43cb2c48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12287
x-xss-protection
0
google-lineitem-id
5563949749
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://cutty.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://cutty.app
date
Fri, 01 Sep 2023 13:45:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		60 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.126.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
556fc43f7d7c953e758680f4eea457bafda951931ce23575ed3a9ef029d8a9fc

Request headers

Referer
https://cutty.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cutty.app
cache-control
no-cache
x-server
10.45.23.212
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame 73BB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutty.app
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://cutty.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 13:45:46 GMT
server
Kestrel
server-processing-duration-in-ticks
304831
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 73BB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutty.app&sn=ChromeSyncframe&so=0&topUrl=cutty.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=rBbwzHxkQm1zVDV3ZDBkczVwdTZwMmhRcVNvOVNZU25TY2Jid1dUM1VlbHh5RXFRMFNmRm5UeTRNanN6SGx2SjFWOHdvWHgwSFUrcUtJMGJVcUhBNnEvSGM5Rm1GN3BtME5nMmNJd2t2WHJmMkhGYzcrSHYweWhLOEtkbk...
425 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rBbwzHxkQm1zVDV3ZDBkczVwdTZwMmhRcVNvOVNZU25TY2Jid1dUM1VlbHh5RXFRMFNmRm5UeTRNanN6SGx2SjFWOHdvWHgwSFUrcUtJMGJVcUhBNnEvSGM5Rm1GN3BtME5nMmNJd2t2WHJmMkhGYzcrSHYweWhLOEtkbkFWUWErejZjeG5Vdlg5K2ZKOS92SGhuYXBBb0RRWjYxeE5OeXQ0QzBkM3BzaGtoQ2F3RisxWkgyaEJNaGFTZHFtRllncHB1Ri9kbk5CUUZ4L2ZpREt0ZU80TjYzQVJyRWx2V0d1elg5MkRxaGpwc295SzRQL2UrbHBPWGRoZGtpM2ViTmxBS0hrMm1wcVA2NVNCK1hQOFg0RWFkY2hRUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3f923b0810647d90a4fe03ab1ee6ed8e1db5ab1c5295ace2aee5c116c390ad32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1834048
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=rBbwzHxkQm1zVDV3ZDBkczVwdTZwMmhRcVNvOVNZU25TY2Jid1dUM1VlbHh5RXFRMFNmRm5UeTRNanN6SGx2SjFWOHdvWHgwSFUrcUtJMGJVcUhBNnEvSGM5Rm1GN3BtME5nMmNJd2t2WHJmMkhGYzcrSHYweWhLOEtkbkFWUWErejZjeG5Vdlg5K2ZKOS92SGhuYXBBb0RRWjYxeE5OeXQ0QzBkM3BzaGtoQ2F3RisxWkgyaEJNaGFTZHFtRllncHB1Ri9kbk5CUUZ4L2ZpREt0ZU80TjYzQVJyRWx2V0d1elg5MkRxaGpwc295SzRQL2UrbHBPWGRoZGtpM2ViTmxBS0hrMm1wcVA2NVNCK1hQOFg0RWFkY2hRUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
235540
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81ce2c3965a19eaa540e6d5dd4e0ab45687cbe641691570c0c09df0502681489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11895
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 13:45:47 GMT
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&pdc=0.3385305404663086&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
222372
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a4d8df9201-FRA
sdb.css
live.demand.supply/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H95R0W3H9SMVPKTQMTQBKKQX
date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
36920
etag
W/"ca59855b4714df36e4972d3d4157366d-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
7ffdf4a4dd5d2c36-FRA
alt-svc
h3=":443"; ma=86400
e.js
live.demand.supply/x/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=bb&r=cutty.app_auto_728x90_sticky_display_bottom&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H69H9Y5CPKHCAM02S9SPEGXM
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
1587412
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"6b8291c0243e15f13cce21eb63771ab4-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a4e8e69201-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=2991824638905055&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C149d7a2a-7ae3-45aa-953f-24e672858d8a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693575947024&lmt=1693568747&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcYlcT4h6UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRilxPiHpTFIAFICCGoSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNHE-IelMUgAUgIIag..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.14%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D75&adks=3488207116&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16dbcc57734031f7f75e90a5d8a38cc992ba01e86a9cf7497a68346c8dbb4138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12199
x-xss-protection
0
google-lineitem-id
5562802023
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C5F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutty.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1536
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 13:20:11 GMT
expires
Sat, 31 Aug 2024 13:20:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C9E7 		829 B
941 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
833647d165ff5a4ff099cdafcd775ab2ac81e8900066e6b2b453cdcb5bb6bd96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3mzigIryn4DChPbMjL205w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cutty.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-3mzigIryn4DChPbMjL205w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 13:45:47 GMT
expires
Fri, 01 Sep 2023 13:45:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
pagead2.googlesyndication.com/bg/ Frame 5C5F 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sDErsqHGZKHkf3fdTSK9cGXygIIzfAKaeJHbg3h_I88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 06:16:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
26982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14930
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Aug 2024 06:16:05 GMT
container.html
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F25D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutty.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 13:45:46 GMT
expires
Sat, 31 Aug 2024 13:45:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.12&b=2&r=cutty.app_fluid_sq_firstpagemiddlebannerad1&sy=75307086-66dd-4b54-b964-579bbce51660&ts=75&cd=2&pud=307&pus=c&pue=724&pid=124&pis=c&pie=878&ppd=288&pps=a&ppe=1042&pcl=589&ttc=1150&tti=1501&ttif=0&lca=1042&lcak=ppe&lct=1042&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=43f41700-f8dd-4521-82f1-b12d0b92c091&e=lm&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
222372
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a559779201-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame 35D3 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 35D3 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=2936312871949405&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cd2a5005f-627e-40a8-a0c9-92075b36f18f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dc73fe683de4fa072%3AT%3D1693575946%3ART%3D1693575946%3AS%3DALNI_MZRMbL4SEgjlj9Ox__-bXgfCRU2aw&gpic=UID%3D00000c94e83ef576%3AT%3D1693575946%3ART%3D1693575946%3AS%3DALNI_MZUY_bq-IDX70KgQd3EVqBUZZgDDA&abxe=1&dt=1693575947146&lmt=1693568747&adxs=411&adys=802&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcYlcT4h6UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRilxPiHpTFIAFICCGoSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNHE-IelMUgAUgIIag..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.08%26bid-p%3Dgoogle%26bsc%3D75&adks=3971619949&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7155ec09919bd13f4771ffa854055c943efc202394a20e4e4d9fc91230bacf5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12139
x-xss-protection
0
google-lineitem-id
5563951099
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332681208
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame F25D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:13 GMT
css
fonts.googleapis.com/ Frame F25D 		8 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 12:25:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 13:45:47 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame F25D 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 05:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 05:45:19 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame F25D 		368 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130842
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 10:38:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 13:36:54 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F25D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C9E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=3016631238931351&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame D012 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D012 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=2825520225920692&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C2001a78f-7b35-4998-8840-5b838e4b0595&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D88e2e1ea5ec0c380%3AT%3D1693575946%3ART%3D1693575946%3AS%3DALNI_Mb-pJcfZk_3EapYZWLd11m5143G7Q&gpic=UID%3D00000c94e8121502%3AT%3D1693575946%3ART%3D1693575946%3AS%3DALNI_MYl92mSnZOtJWtJgAnE_v0-5QlrRw&abxe=1&dt=1693575947190&lmt=1693568747&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcYlcT4h6UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRilxPiHpTFIAFICCGoSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNHE-IelMUgAUgIIag..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D75&adks=2561067441&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
260377417a07e6b901a64850dfb32ded9b6575217c7b26ccfe224d02babf1279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13288
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F25D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lm0ne487&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F25D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 13:37:19 GMT
x-content-type-options
nosniff
age
518908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 13:37:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F25D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
34735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:06:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F25D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cex_kCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAcgDmwSqBOcBT9Ano6c_xXQAIAx-uQ_aFQAFLcEIXA2rWnlu1M5msDFgz1BIfYi9Z2baJwpLtAx97jKUnfhNPdvdNTVBeqWp0pZWk2SADjn8Y1zrixWGD1Cy4efE4PG9nvtktaPAlaYOS54sU1GCHhLPhYD7jy3HCPVjKi-rTU4p8_eQebILYc9aMnv2cz6pEb3tovh-d0l1Hk4OK2WPUzT2uyAt0DujlTpleR1TcLua0nX5cFoWo8pXRgHE4k3KaZsvDfr2alG3Ak1-rf5y4SlLOdLcRYRAF_WMfXWJc4Iu_mDeFOYcmJpSTliLoFiVwAT2g86dqATgBAOIBZKAjp5LkAYBoAZOgAfrnsFnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJHUsgNAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1693575947249&ai=Cex_kCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAcgDmwSqBOcBT9Ano6c_xXQAIAx-uQ_aFQAFLcEIXA2rWnlu1M5msDFgz1BIfYi9Z2baJwpLtAx97jKUnfhNPdvdNTVBeqWp0pZWk2SADjn8Y1zrixWGD1Cy4efE4PG9nvtktaPAlaYOS54sU1GCHhLPhYD7jy3HCPVjKi-rTU4p8_eQebILYc9aMnv2cz6pEb3tovh-d0l1Hk4OK2WPUzT2uyAt0DujlTpleR1TcLua0nX5cFoWo8pXRgHE4k3KaZsvDfr2alG3Ak1-rf5y4SlLOdLcRYRAF_WMfXWJc4Iu_mDeFOYcmJpSTliLoFiVwAT2g86dqATgBAOIBZKAjp5LkAYBoAZOgAfrnsFnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJHUsgNAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwU
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F25D 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lm0ne48h&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.e0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame F25D 		27 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AXi99RabRxO0f52Iza4YXdHXHvwYmgErKKYUPQGAiXT2hS9RheGa6Tvo45OXqMQ_xO9gRcPgIFKX5c_65jmC2lgXMLlw&dbm_d=AKAmf-Df5aigfEIl8XHrW9-YsHZsdcPxoGx0QBzsVUkMkgO7TjX76LBMi8kZL8kJHL5ULYjZCYB2d6DN_NRXqL-BfcTTCCh9vFeS-FfBbBzMBx2T_N-wMWQ2D6JrRwMra75nsed_rspyzZjjFWMR2ogxzoZb80vj6zjPXBowWkoUEQRTEetmr34aXj6A2fymU2o0WGjjGrn-4PDe6vH9gFt2-5AdQ2SWvv7RRlbSaLeuaBx7EH3q3MsMQsEfZmHjNA7kmjs5LQzUGosxcTH8bZp1cio7XJDIvKj3tyDpjJ5125LGbwXgiTIn3lH-anpFHZmzNmAxeo6rwUv7Q2P4QfdZ80P9y_ASNsv98ADOxpY4Udzgt_prSdhpmxJZDm2KKGME5P_9zPDvVsy3sWoIiEHw6VQl2hmLlW6RmZRUr3BNMyaL6D8HIgAHMk6y_ezNOsmmubXmR4rRX7xSIq2iHra_IMEzlP48OjvdP4CFEavEnA3gub6cFXj6uzE5nzHDbqu_RXfBBqEjTW3Ucpp4cvks0kA9CgNQIf5IOcDB9SOw6asQP6Z0w9CVXfGCmoT0zX6dohwUTRBSRkxbDHBFvdY8ePxx05ImhiwmjdjjjQmyYKa5SBEz4v0jFlHJlI5Xycx4RbO0KySQiPqc4g4NVbxzxzCoU_p75stvSVmCUqmwnNw1HCeVUjZ3ANo_wlmavq8fgL84VGL5nIQJRTZOCqReOVjKH03YGh7kr3VD6DzVSLgIZ_J4qp2YttIKwsN7GxysT6o4PLUmBC5nFAX7ZltsVN-xJ1v3_nfJ3G1ZIKpUveaXX5WF9EWOlXn-hLG2lztlifBMXnIGHZ_NwGX7Kbw-ZszMGgZL3-fFDcquFuXeHSN1dOu8lnOHfU2vDUUnMlX7xYvt64kte9vMw-DHhjpZbXDr2t_Stg_fBFukWdyPrboNw1EfL02yNeV5v6LO251YsBOPENiHA6e91GCwVlEkq2UqPorVHAl_s7AtnxOOFGalMnSZClplv5F64va9Iw88PBm-_ZhZt0kO2-SE2WsvufZgNQ9wIhaFQRULISQS0KwCNMo0ixZ33VBgijDanW0H7h-bvH067PkQoJqx3DG0IX4L7rqlq9chH3u6U64ZpCtSq6weoV6fGI1_7vkx3Lvq8gZ7lRuweufOlCjFE-n9Bm3aVWbSVnIxFMBZXp4yiB2fMZeaZwGxSjL-NArILRFBm4F0VyqALxyqoO6YlU4ToEEZJBJCG122a3pGwpNsUJnW9SS6AgvUUPm86jGgaDEDgwnO6EnKGAg0pCNSoVhudqE_mRfnJcF0VgvPVmrz6wMmTLfCtAxF2rHDimms6Y7Kc53TkCPYM4ehDkTi40rHP3f1aKgPQG0hyK9n77rqWOGNjMw-d9Z5RGUmeQcEgmCXMCrWauZgFh8IFobQFnV7xCVdjnuTlhc2O_9J2sR3swyZptdNTVrRIx-qpcXerDhGpqv5aX2YucOK9o7itasFEFP9RwKSBNVV0Mo6F8deSEwOeF-PK5Twa8u_aIpXaRZAMY6bybd90EtARUiDop6K3R9KD2cTw-zyGvNV27JfW4o5n49YVEAvXuiL0jE5wk5EtGn-Ka3DxuD_ZbRMoUEsSUu627ywOVXvsft6bhFxGi6YRYpDdEzMhMlWbKJUI84J7rNgmE8-3Y5ZuzLo4XFDvkjv5y5x_F2FTd-X8pJFHq21m9q6-67rX1i_MKgq-AGWtE7Sy6i8ZL2TUGboqLfY17Ux0dLxoDPKKHlqO_7SQYvWf4p5RD63HNt50BK9PMOYlr5hGrappUAbQe-guwJ_Tb5RcpAh6saeqj4PFAkA-GklUqs8sV2YQIZREcXWTumkbvowHnTleQDCYq9d84AiaI72Wrbp7lZnLDT3i5aTg6in1CvZoCuuGRFs3BZkMtrgkNyJLQTHPzkcyl6hJ5taZIKooSP6_3mIs57R5sK0Md-bIgJV9OpKsKnVeNfx0Ls1Y0MuHqjMS9T7c1gs7ZBIuq6h-mGve5DeZryf8OkphvNYmcLhJMqsGkv6kxXlw6BGWlE-RY-cfUguPLYpx23ci9FU9NiqfLYQQn82R3WYbHDkR9GcPs-xABYhYmVwSD-ZZkC0Y9ObnvuLWpQl9SdH0qDJ-o_nYcp6pbUa4e_j0WRQSYLj62o2YazzxWIf2eDpwzVl51oXH4A0KRN76lyKEMk5GkRIT3hbLk-24p2isPvJT5q4mU3y13C3hiynZJaLYLWM_jgKmZH5nmFm7JFr7goNn_tFQ_vhdwttniwRTR0_JxcidmQEbD6k40CUTi3MB1Z3me0galG0OlX17WN0IddlEH3-Cid-y9jxliVla1bHp-ZfA3cMNv05Z-cJ3OXw_FVQ59_HuI71trU9bj5FuBILIATJQD-66YElK10SYeg182tjnr_vuQxy9sSTAN93WDVlo7CRAKy6q_NvqGmsNnAP0N527SamvXX3PR2bOzpuxw9xhFZvp1wnetfrkv_5-ghfIsL-3fxsA2NOVRkTkIOv0exPwcfo3Li4EvofKaVd5vlmntYTwtSaS2ZOppd1I6MzGbj_aCxt72rU0NuLgfrJ2-0wfNz5NhsNfHz6y6SE73WcwgRZLcB-xBnQHR4l2vuF8tHOkiz-WXf4b8S6aiz4ahSa1u3HwpgEBZtymasPuQjOnH_6UpaY8T3ZYOH-sSgODTTGfeO1J3qq6pWM20_JD3dKWrKE9daneE9tZqh50-wLD7AExxZtALDZJ3kLJF6YYG2ueenW_sZ3n0E8MkLem44QxGNkqrgsa2ZN8fnI3or989cuABAfK3DkU_723BpcddH20xOWkiq6PVoWnuwuiMI-5kLaoKtdaR4jjLncAi8PQjGdFdp15iCKjfV8LS08tiCDZ3a4utBaSTF-ugW-4Ge0Ik8nahxdSccUClAlp_S2OlQFb5XMRK-u02kLxVyeKuu4plO1juDnE-9TtLbpbOpBfzoDRwPc-8GLKaK07o9z5-4_GR8UEThtS-58QZEp2uJ5wkhHLmE-qG7FV9wiRkKAIDjJ_tQo3OVieZjqp9OfMibLXhp0RJEl3y9XWIVMHbmqDBPaZyHjNxrX0NLYA3faiZQaWnjEWFw-Nhu6vL7ALr_xCMoSDPQk5jL_Mtd_sxMDlq6G7pSoLSuBwHuW8FRSDb6P9aeyWMKxDeHU2fWVzoZ9jbVKVCNwUcbAaZM7-jT996mggmMFSnJvjzfyXfZX16XUV9r-oXPoIvXQ66KnE4zEkp74H-_2RaZ_DOOUsbRnNGCpWc1zQo9R_I4we0AVsvtL1pOIVx68u584HRfroOo6F3BgRC_KDQa_pNfxkwMFELKaeTuCBIuBDRSQw2cTS3bFlQXUUtQ9ef6Av07iGgTouvKo5OO_YBum58SWYPAi46fKoTfWrgqRc9jFl1zlEb9MkA8-faIKVBYlom079bU2FIbOMp4BOp2BkXYd0Jg9Fu6Ty43uhifnRS8B7DFigmO02pDwStZjTeNc_XpWy4x4Niw0wddbEJM6hd77IN4TNiPk-Mw2KH813ctJqquaGXN4sJaeQ-PMLJCAWP84sb8&cid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f154.1e100.net
Software
cafe /
Resource Hash
a161b37592653c4f84e2e54f49dd869a9f6ee980255234200c6ce48d503377cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17276
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame F25D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc4ac73156ce7e597bd7103ec814678f7522b85c26b37684f2daa3b7bf2080c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 5C5F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RInYrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct-feCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAaoE5AFP0Cejpz_FdAAgDH65D9oVAAUtwQhcDataeW7UzmawMWDPUEh9iL1nZtonCku0DH3uMpSd-E092901NUF6panSllaTZIAOOfxjXOuLFYYPULLh58Tg8b2e-2S1o8CVpg5LnixTUYIeEs-FgPuPLccI9WMqL6tNTinz95B5sgthz1oye_ZzPqkRve2i-H53SXUeTg4rZY9TNPa7IC3QO6OVOmV5HQtxKVRB74Ti_YVUvOWxfFhtP2fm8sT7sRq0K5IIyXeE5scqxwDVBiJpqli5fxsP2CSvqQLmxXj7kK6aVv3lEAzABPaDzp2oBOAEA4gFkoCOnkuSBQsIIhADGANIzMr4AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH657BZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcMEPunEhihzqPqASAE0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RPoFwU&sigh=JRq-FQLtlgA&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ&vt=10&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Sep 2023 13:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame F25D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct-feCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAaoE5AFP0Cejpz_FdAAgDH65D9oVAAUtwQhcDataeW7UzmawMWDPUEh9iL1nZtonCku0DH3uMpSd-E092901NUF6panSllaTZIAOOfxjXOuLFYYPULLh58Tg8b2e-2S1o8CVpg5LnixTUYIeEs-FgPuPLccI9WMqL6tNTinz95B5sgthz1oye_ZzPqkRve2i-H53SXUeTg4rZY9TNPa7IC3QO6OVOmV5HQtxKVRB74Ti_YVUvOWxfFhtP2fm8sT7sRq0K5IIyXeE5scqxwDVBiJpqli5fxsP2CSvqQLmxXj7kK6aVv3lEAzABPaDzp2oBOAEA4gFkoCOnkuSBQsIIhADGANIzMr4AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH657BZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcMEPunEhihzqPqASAE0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RPoFwU&sigh=JRq-FQLtlgA&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ&vt=10&cbvp=2&vis=1
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible
event-source
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame F25D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lm0ne48y&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
71421336
unified.adsafeprotected.com/v2/1483906/ Frame F25D 		23 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1483906/71421336?mon=71421339&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xappb=&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvUGxvmZYxHQzKf86zEy5qYAT5eSpF2LyHN5GkYZgA-jGtjkZOGFsAs3pwKJT9CLFjsrkRBeHqtKBWewS2Ytr7fjI0EQu2my2xkdXQ6-jhkPzo528AqPzFPyBnJ89NpbG7J7BqPsJec9jHxy6hUeP91nDct7sYsfZG3WN7aQKTEgt8QHQhyED0mev-jomQfroyLhMV3UAS4rUWu%26sai%3DAMfl-YQry_fDzad4qQpfJm8yYmQCgzlWadrzsa4zE4E-XgS4y7x3yyliB6rEj5vA8CZCFg7lN4gDmkLJBA6FarZnS3Nt3dP0iRTq4I9G1zdhpiNBJllLDDAlOp4GPO1pwJmVamMO6gS9NoQgVB-lB8muwk6AhQ%26sig%3DCg0ArKJSzGk4Qa6ku5daEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=3&ias_campId=1012753603&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20195803154&bidurl=https://cutty.app/nPsV4TDBa9e&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0gI2MhtYxvx8LYgaiK9okmn&originalVast=https://ad.doubleclick.net/ddm/pfadx/N6024.328593VIVAKI.COM/B29885851.367107553%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D1012753603%3Bdsp_publisherid_0_%3Dpub-3831894559014614%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D20195803154%3Bdsp_bidurl_0_%3Dhttps://cutty.app/nPsV4TDBa9e%3Bdsp_dealid_0_%3D549644393847793680%3Bdsp_impid_0_%3Dv4~~ABAjH0gI2MhtYxvx8LYgaiK9okmn%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://cutty.app/nPsV4TDBa9e%3Fves%3DdGltZXN0YW1wOiAxNjkzNTc1OTQ3MzcxCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc0p2YVUzeFFDSTRGRzBjTWZMazNBc3p3NkU2eUJqd0tMQllidmFiQkNjb2lsRHg1bXhXM01fZXJhOEd3YklWc3oyYVBNYm9jNGtwc1FyNTJlRDNldmRmYlljc0hHd0VKUEJTenhhUF83aGQ2TjRNU3kta1pVVnIwMFlNaV9nWTYtLUpLdEtTUlowQWdET0FDeVdZLWJ0ZGtlVTVKTHZPaUpJOExWLUJRWE5NeGNRbzRVSUVRNk1RaUJUeG1uOVdlQWpwMWlmUTRCMzhQTDBKODB6aHZjb3hyRU41c2FzRnNKM2JBOTRkMjhTVWljRGJNYS10bkpDcnU0cmNISVRnRGpFWGw0ZHVTYWt0VWZ0bVlkNXFKT2tFR192NmN5dE00YUFYQm1QWVgxVUE3WTYya2Z5N1I5Y1BKU2hvUkJwTFNLMUQ2TFFyUlVqMS1iQ2hrM0x2MnZPcEJQUnlWLXc2ZFdUT0p2Y2tjbUdxaTllem92RHQyallLTWgzQXRlTHVnZUY1cW90cHp6QzNqY0pYa0NFZEQyOElONTlGRnpINnVfLTE2VXBIWlNBbWV6SUpLLWE4MURPa0tfak5sVlV4ZE00QndiVFNESFNMNkNfSmZvRVgyd0lOYTJMa09ZLXpObDJEc05GbFBXeFJkdjEwX2R3S2xqTDY1MHVvNnVJX1A2YUo1VXZvQ3hNRUVVWkVnY1MzalNldUlsNUEtVWFIeE42em1NUmI5ejBqR2UwMmFBMzFtdEt1R0VReXhtVHNOYk1SYXNuN0RTVTRJdDdxbmNra3lqMlpRNnJQdXNWeHBJT3NEMEI0R3dYRElnbFpyaDBNdWZURzMwOG1LUE8ySWJjWE0tU0tBek9abkZrQ1pCMDhPTF9QYWI2NXNuWE00ZE9URjVaOTRlQ3UzQWpWWXQ5cktJQ1pyeWNlNVdIV0gweHlEcWVxRHlvWldvbGMxQUJNTmR5ODR1VDBiZ0w2Qlh0czhHSTByRC11VGZDNHdyb1FTeXpkb25JMUhiTVBlcE9MN2VRdGpKZzlJc1VEVjhxNkhJclB4UkRSNW93dV9EN20wbG03NXdKSjNyZWtWVHN5VVZBRUJOQUhERE1GblltRGp4OGZKRHdZWTFuZEV6Zk9LbGVuZ1doODE1SlhsSWxBZmlMeGRwUHhYTGhBTmxwZkhIcHBDT01ERU01VzhyWmJXUExVMFNFdzc4dmJ2dWQtZ3dBNGJqSEhyR1pmWHBzcFFONmNBZWY5U3RvTXVYYXB5Y1hFZjFOZUdLWngxUl9SeE4xOTRNQS1WZ3JCMG85RUNzZEgzOVU5ZGZqRE5qLXR6VzlHTUdnUVFlUlR1MlZfWnhyUHRiRnpydXRUdS0yejBlMHVxSnJWRTM1ZGdSSG1RMUtVY1JIcGlmbXhZem50QWhkaUc3T1JCbHM0VUh1U1hWOUlCM1VCUDFoNm1tMXZSZEVIcXgyZE52MmxTMnZwZVVfTFg3TXZ1NFh4TmszdFkzWFM4dXBTMGZLc1BPYjdIRkZvY25fMTVPZEpJMXNKTERqbnFDcnZudDcyZ2VfNVcxYnkxNlk4T1pUeV95bEhhaklieVdrMTVPdGNSNm03NWhuR3oxV0luTUtnSWZJLUdka1oxWlFnZDczTVlIZE8tMEJxeWFBY1RFUUFITEs5UktXdlpXaTdSS0plWkxtNVZnamM3b3dMOVlER3NuRVFUekR1QWZjOVN2R1NqaGtqbm5YeW8yMTd3NnQ3TkFtVVhrZyZzYWk9QU1mbC1ZVG1wdi1VSzU0UmxOU2VMQ3lodzl6X1g4NExUZmJhZTNZYlQ5VkM5MmdTX0VzNzhtSkV3VVdvS3V3cnRtYW93RVBZU1lKcms5WldzWkd5cTRpd05MandBUTU4ZDRDUXBFWXhYYXdIaHhMTTVXcXFVVjZxWldHRlZKeXUwekFaaHVWeGFoaXpBSEdxY3VWOE9aLXNNeXpyZDRnQzBkcFdOY0VVdE1zZGpsMG5DZ0djS1VVSXBrUVNobWQ0ZG5vSFBIcVB2MW4xY3dXd29fSHp2bGliYy1KVnlVNlJuaFN1SzNCdVJGVGpwZXMtVzRmb0ZfTGQ4ME1QQ3ZveXU3S1NoRUJOTEZCVk9Wb0c4cUZHeVB5V0JTTE5DYzh3c2tSODBjM0NPRXl1VWlrLVRQVHRRYVNSY1RPc0NyRGcxdk4tOUNISDVmWFdVSlNLRE9ZXzNMSmwyTnkyWWFidE5VTHNXQzBmc1oyaFNIQTdGWkpPS1ppSHZoYl9WR3ZISmtpNVhjNWhwRWxTT1hvV2RyWUlHVFNLdEtORyZzaWc9Q2cwQXJLSlN6QnpJSXlKeGsyTVFFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LnZpc2EuZ3IvdmlzYWZvcmF0aGVucy5odG1sJTNGZGNsaWQlM0QlMjVlZGNsaWQhIgo%26dc_cid%3D191839045%26dc_adid%3D558135028
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.227.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-227-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
28972da65eff0921023e1f848536b58089db254297d100f35d53deaf9428d557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 13:45:47 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
cjoum2poe66qkjqb6ob0
Content-Length
6524
view
securepubads.g.doubleclick.net/pcs/ Frame 1422 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1422 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=2276013023324011&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C9dac83f1-e85e-4045-b0af-8939d8cf8b9f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D59bfdee02d1af869%3AT%3D1693575947%3ART%3D1693575947%3AS%3DALNI_MYEjF-bi5KWdY3gTjYzHRt5NHudLA&gpic=UID%3D00000c94e7ca27bb%3AT%3D1693575947%3ART%3D1693575947%3AS%3DALNI_MYeGHKYytwUEtXmHqvNqyqZBUSWmg&abxe=1&dt=1693575947419&lmt=1693568747&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcYlcT4h6UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRilxPiHpTFIAFICCGoSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNHE-IelMUgAUgIIag..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D75&adks=314726601&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad2eb0187f598705c6dc0f71f6e941bf59ed00e47d7d645a27257f68b33ea661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11575
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D448 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D448 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016631238931351&correlator=1662882223786460&eid=44777897%2C31068366%2C31077227&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C47e29a2e-9b84-49e9-9c5c-d9fc8cc96660&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D59bfdee02d1af869%3AT%3D1693575947%3ART%3D1693575947%3AS%3DALNI_MYEjF-bi5KWdY3gTjYzHRt5NHudLA&gpic=UID%3D00000c94e7ca27bb%3AT%3D1693575947%3ART%3D1693575947%3AS%3DALNI_MYeGHKYytwUEtXmHqvNqyqZBUSWmg&abxe=1&dt=1693575947519&lmt=1693568747&adxs=411&adys=802&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FnPsV4TDBa9e&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=985298903.1693575946&ga_sid=1693575947&ga_hid=725772690&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3sP4h6UxSABSAghkEhkKCnB1YmNpZC5vcmcYlcT4h6UxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGN7D-IelMUgAUgIIZBIXCghydGJob3VzZRilxPiHpTFIAFICCGoSGQoKdWlkYXBpLmNvbRjew_iHpTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNHE-IelMUgAUgIIag..&dlt=1693575945990&idt=536&prev_scp=ti%3D43f41700-f8dd-4521-82f1-b12d0b92c091%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D75&adks=1482459209&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1d84abbb19ad4aeaaeb027a53457b6ede619c3027871a7f0e413df0148b50b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutty.app
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 8B8E 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8B8E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8B8E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8B8E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8B8E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
css
fonts.googleapis.com/ Frame 8B8E 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 12:28:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 13:45:47 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B8E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:26:59 GMT
x-content-type-options
nosniff
server
cafe
age
58728
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 01 Sep 2023 21:26:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B8E 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:40:34 GMT
x-content-type-options
nosniff
server
cafe
age
57913
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Sep 2023 21:40:34 GMT
l
www.google.com/ads/measurement/ Frame 8B8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSj8Mt_XrAyk9Y7kHir4lh5FrhYkc8stMXU8iRoneCYXZamRXIdEeDC8ykRgCdoevMCJdETemDf5KdNa48LKa5357bjFw
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&pn=2&sn=3&pc=0.18487093448638917&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
222372
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a87cc89201-FRA
e.js
live.demand.supply/e/ 		0
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&sy=75307086-66dd-4b54-b964-579bbce51660&ts=75&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=43f41700-f8dd-4521-82f1-b12d0b92c091&e=lm&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
222372
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4a87ccc9201-FRA
14763004658117789537
tpc.googlesyndication.com/simgad/14153638716429401866/ Frame 8B8E 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14153638716429401866/14763004658117789537?w=600&h=314
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af787a709cd41d49a965d747da0eb7fa2b0258d1c6083234ee897ff40d25a7ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:33:18 GMT
x-content-type-options
nosniff
age
22349
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:24:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 31 Aug 2024 07:33:18 GMT
7210066301592168313
tpc.googlesyndication.com/simgad/ Frame 8B8E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7210066301592168313?w=100&h=100
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4e13b675150973ba2454260044d6d1482f83150e3d38ac483e19a888464fcfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:14:26 GMT
x-content-type-options
nosniff
age
203481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1190
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 21:16:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Aug 2024 05:14:26 GMT
truncated
/ Frame 8B8E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51c9aba2df9c8f2ffe4361be1e3fc535cd9d3061f08820bc0f3f4be19e218fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame F25D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lm0ne4co&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame F25D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
544813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 06:25:34 GMT
file.mp4
r3---sn-4g5ednss.c.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F25D
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-4g5ednss.c.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5ednss.c.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01EDDE2851F92F12024B8CCE0224B261220D8428.82E1DF7AC43C93454E6DFF3A21E83240C04C732C/key/cms1/cms_redirect/yes/mh/CQ/mip/2a01:4a0:2b::9/mm/42/mn/sn-4g5ednss/ms/onc/mt/1693574453/mv/u/mvi/3/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:6b::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 13:45:47 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1290851
Last-Modified
Fri, 22 Jul 2022 14:02:48 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 01 Sep 2023 13:45:47 GMT

Redirect headers

date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
location
https://r3---sn-4g5ednss.c.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01EDDE2851F92F12024B8CCE0224B261220D8428.82E1DF7AC43C93454E6DFF3A21E83240C04C732C/key/cms1/cms_redirect/yes/mh/CQ/mip/2a01:4a0:2b::9/mm/42/mn/sn-4g5ednss/ms/onc/mt/1693574453/mv/u/mvi/3/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F25D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lm0ne4iq&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=833&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.o1~videopreviewvisible.od&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8B8E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cutty.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:35:09 GMT
x-content-type-options
nosniff
age
558638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 02:35:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8B8E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cutty.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
34735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:06:52 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame B2B8 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
73802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 17:15:45 GMT
expires
Fri, 30 Aug 2024 17:15:45 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js
pagead2.googlesyndication.com/bg/ Frame B2B8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zbsophEl4vgXz8qX3EWcY8Q67iIQ7bFnjGnqUyxIR6M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 20:48:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
61058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 20:48:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8B8E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFwkCC-vxZJuXDsCV2fcPo4qegAqRno-Ccun5gKGeEAoQASCVm8ohYK0CoAH_24rIA8gBCeACAKgDAcgDCqoE6gFP0E8q4lNLwYeh2hkKaVxFJJfcYp97pNMszNuWnCDqKWxDgNCwchUKi2WepZ0mfkhhac0rQhY4JmG3NkJP3KTVUtPXQ4QIl11dOxTwWicCdTiFH94ZslIHMkNyL7ffm4AooALgI3IAbbIJMrcClBsi8NjXGtSlr-uoqf43Vkd4oHcI2J5KNYnPfIiEdj2BhJJK-YtoXKcXxYVktiDvEgUrFPiRT1cIPzBytezL630Odc_BEr37AHTOmy6hi8Q2RJyDmpkO5NAoRyM5bQBe9lXXilhuE4joAypqYZ_UF8C_AzmRGfaV45PmdUzABLrjwvKzA-AEAYgFpIOSmiySBQQIBBgBkgUECAUYBKAGLoAHloatogKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDwLtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCdkBaHR0cHM6Ly93d3cuZ3JhbW1hcmx5LmNvbS9hP3V0bV9zb3VyY2U9Z2RuJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1GMyZ1dG1fY29udGVudD1ibWQyMjAwJnV0bV9waGFzZT1vdGhlciZ1dG1fbWVkaXVtPWNwYyZ1dG1fc291cmNlPWdkbiZ1dG1fY2FtcGFpZ249MTE4NjU5ODEzNDgmdXRtX2NvbnRlbnQ9NjI2MTU2NjQwOTUyJnV0bV90ZXJtPWN1dHR5LmFwcCZkZXZpY2U9Y4AKA8gLAbgT5APYEwvQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=KIrMMJ-yZ6I&uach_m=[]&ase=2&cid=CAQSPABpAlJWae2vCYhj0RirK1nUVxGyHs1-hwkdpmLRj_ilyFKjZRemrKefZJPxZzL7rJwXAPdtrayj2h6Q9BgB&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
file.mp4
r3---sn-4g5ednss.c.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F25D 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5ednss.c.2mdn.net/videoplayback/id/c11ae4af2dcde638/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3802946645/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01EDDE2851F92F12024B8CCE0224B261220D8428.82E1DF7AC43C93454E6DFF3A21E83240C04C732C/key/cms1/cms_redirect/yes/mh/CQ/mip/2a01:4a0:2b::9/mm/42/mn/sn-4g5ednss/ms/onc/mt/1693574453/mv/u/mvi/3/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:6b::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
542c84ef60476b6b2243da500bf9fbbb88097d03f5786e4c2ab623d385328a15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

expires
Fri, 01 Sep 2023 13:45:47 GMT
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1290850/1290851
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1290851
last-modified
Fri, 22 Jul 2022 14:02:48 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame F25D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lm0ne4j4&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=833&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1483906%252F71421336%253Fmon%253D71421339%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526blockedAdTracking%253Dhttps%253A%252F%252Fgoogleads4.g.doubleclick.net%252Fpcs%252Fview%25253Fxai%25253DAKAOjsvUGxvmZYxHQzKf86zEy5qYAT5eSpF2LyHN5GkYZgA-jGtjkZOGFsAs3pwKJT9CLFjsrkRBeHqtKBWewS2Ytr7fjI0EQu2my2xkdXQ6-jhkPzo528AqPzFPyBnJ89NpbG7J7BqPsJec9jHxy6hUeP91nDct7sYsfZG3WN7aQKTEgt8QHQhyED0mev-jomQfroyLhMV3UAS4rUWu%252526sai%25253DAMfl-YQry_fDzad4qQpfJm8yYmQCgzlWadrzsa4zE4E-XgS4y7x3yyliB6rEj5vA8CZCFg7lN4gDmkLJBA6FarZnS3Nt3dP0iRTq4I9G1zdhpiNBJllLDDAlOp4GPO1pwJmVamMO6gS9NoQgVB-lB8muwk6AhQ%252526sig%25253DCg0ArKJSzGk4Qa6ku5daEAE%252526uach_m%25253D%25255BUACH%25255D%252526urlfix%25253D1%252526vt%25253D13%252526adurl%25253D%2526redirectedRetries%253D0%2526ias_dspID%253D3%2526ias_campId%253D1012753603%2526ias_pubId%253Dpub-3831894559014614%2526ias_chanId%253D1%2526ias_placementId%253D20195803154%2526bidurl%253Dhttps%253A%252F%252Fcutty.app%252FnPsV4TDBa9e%2526ias_dealId%253D549644393847793680%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0gI2MhtYxvx8LYgaiK9okmn%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN6024.328593VIVAKI.COM%252FB29885851.367107553%25253Bsz%25253D0x0%25253Bdsp_id_0_%25253D3%25253Bdsp_campaignid_0_%25253D1012753603%25253Bdsp_publisherid_0_%25253Dpub-3831894559014614%25253Bdsp_chanid_0_%25253D1%25253Bdsp_placementid_0_%25253D20195803154%25253Bdsp_bidurl_0_%25253Dhttps%253A%252F%252Fcutty.app%252FnPsV4TDBa9e%25253Bdsp_dealid_0_%25253D549644393847793680%25253Bdsp_impid_0_%25253Dv4~~ABAjH0gI2MhtYxvx8LYgaiK9okmn%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fcutty.app%252FnPsV4TDBa9e%25253Fves%25253DdGltZXN0YW1wOiAxNjkzNTc1OTQ3MzcxCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc0p2YVUzeFFDSTRGRzBjTWZMazNBc3p3NkU2eUJqd0tMQllidmFiQkNjb2lsRHg1bXhXM01fZXJhOEd3YklWc3oyYVBNYm9jNGtwc1FyNTJlRDNldmRmYlljc0hHd0VKUEJTenhhUF83aGQ2TjRNU3kta1pVVnIwMFlNaV9nWTYtLUpLdEtTUlowQWdET0FDeVdZLWJ0ZGtlVTVKTHZPaUpJOExWLUJRWE5NeGNRbzRVSUVRNk1RaUJUeG1uOVdlQWpwMWlmUTRCMzhQTDBKODB6aHZjb3hyRU41c2FzRnNKM2JBOTRkMjhTVWljRGJNYS10bkpDcnU0cmNISVRnRGpFWGw0ZHVTYWt0VWZ0bVlkNXFKT2tFR192NmN5dE00YUFYQm1QWVgxVUE3WTYya2Z5N1I5Y1BKU2hvUkJwTFNLMUQ2TFFyUlVqMS1iQ2hrM0x2MnZPcEJQUnlWLXc2ZFdUT0p2Y2tjbUdxaTllem92RHQyallLTWgzQXRlTHVnZUY1cW90cHp6QzNqY0pYa0NFZEQyOElONTlGRnpINnVfLTE2VXBIWlNBbWV6SUpLLWE4MURPa0tfak5sVlV4ZE00QndiVFNESFNMNkNfSmZvRVgyd0lOYTJMa09ZLXpObDJEc05GbFBXeFJkdjEwX2R3S2xqTDY1MHVvNnVJX1A2YUo1VXZvQ3hNRUVVWkVnY1MzalNldUlsNUEtVWFIeE42em1NUmI5ejBqR2UwMmFBMzFtdEt1R0VReXhtVHNOYk1SYXNuN0RTVTRJdDdxbmNra3lqMlpRNnJQdXNWeHBJT3NEMEI0R3dYRElnbFpyaDBNdWZURzMwOG1LUE8ySWJjWE0tU0tBek9abkZrQ1pCMDhPTF9QYWI2NXNuWE00ZE9URjVaOTRlQ3UzQWpWWXQ5cktJQ1pyeWNlNVdIV0gweHlEcWVxRHlvWldvbGMxQUJNTmR5ODR1VDBiZ0w2Qlh0czhHSTByRC11VGZDNHdyb1FTeXpkb25JMUhiTVBlcE9MN2VRdGpKZzlJc1VEVjhxNkhJclB4UkRSNW93dV9EN20wbG03NXdKSjNyZWtWVHN5VVZBRUJOQUhERE1GblltRGp4OGZKRHdZWTFuZEV6Zk9LbGVuZ1doODE1SlhsSWxBZmlMeGRwUHhYTGhBTmxwZkhIcHBDT01ERU01VzhyWmJXUExVMFNFdzc4dmJ2dWQtZ3dBNGJqSEhyR1pmWHBzcFFONmNBZWY5U3RvTXVYYXB5Y1hFZjFOZUdLWngxUl9SeE4xOTRNQS1WZ3JCMG85RUNzZEgzOVU5ZGZqRE5qLXR6VzlHTUdnUVFlUlR1MlZfWnhyUHRiRnpydXRUdS0yejBlMHVxSnJWRTM1ZGdSSG1RMUtVY1JIcGlmbXhZem50QWhkaUc3T1JCbHM0VUh1U1hWOUlCM1VCUDFoNm1tMXZSZEVIcXgyZE52MmxTMnZwZVVfTFg3TXZ1NFh4TmszdFkzWFM4dXBTMGZLc1BPYjdIRkZvY25fMTVPZEpJMXNKTERqbnFDcnZudDcyZ2VfNVcxYnkxNlk4T1pUeV95bEhhaklieVdrMTVPdGNSNm03NWhuR3oxV0luTUtnSWZJLUdka1oxWlFnZDczTVlIZE8tMEJxeWFBY1RFUUFITEs5UktXdlpXaTdSS0plWkxtNVZnamM3b3dMOVlER3NuRVFUekR1QWZjOVN2R1NqaGtqbm5YeW8yMTd3NnQ3TkFtVVhrZyZzYWk9QU1mbC1ZVG1wdi1VSzU0UmxOU2VMQ3lodzl6X1g4NExUZmJhZTNZYlQ5VkM5MmdTX0VzNzhtSkV3VVdvS3V3cnRtYW93RVBZU1lKcms5WldzWkd5cTRpd05MandBUTU4ZDRDUXBFWXhYYXdIaHhMTTVXcXFVVjZxWldHRlZKeXUwekFaaHVWeGFoaXpBSEdxY3VWOE9aLXNNeXpyZDRnQzBkcFdOY0VVdE1zZGpsMG5DZ0djS1VVSXBrUVNobWQ0ZG5vSFBIcVB2MW4xY3dXd29fSHp2bGliYy1KVnlVNlJuaFN1SzNCdVJGVGpwZXMtVzRmb0ZfTGQ4ME1QQ3ZveXU3S1NoRUJOTEZCVk9Wb0c4cUZHeVB5V0JTTE5DYzh3c2tSODBjM0NPRXl1VWlrLVRQVHRRYVNSY1RPc0NyRGcxdk4tOUNISDVmWFdVSlNLRE9ZXzNMSmwyTnkyWWFidE5VTHNXQzBmc1oyaFNIQTdGWkpPS1ppSHZoYl9WR3ZISmtpNVhjNWhwRWxTT1hvV2RyWUlHVFNLdEtORyZzaWc9Q2cwQXJLSlN6QnpJSXlKeGsyTVFFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LnZpc2EuZ3IvdmlzYWZvcmF0aGVucy5odG1sJTNGZGNsaWQlM0QlMjVlZGNsaWQhIgo%252526dc_cid%25253D191839045%252526dc_adid%25253D558135028&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B66 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutty.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 13:45:46 GMT
expires
Sat, 31 Aug 2024 13:45:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.3385305404663086&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
222372
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4aa5e779201-FRA
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_auto_728x90_sticky_display_bottom&sy=75307086-66dd-4b54-b964-579bbce51660&ts=75&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=43f41700-f8dd-4521-82f1-b12d0b92c091&e=lm&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
222372
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4aa5e7d9201-FRA
dt
dt.adsafeprotected.com/ Frame F25D
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Fri, 01 Sep 2023 13:45:47 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMI2JH4hcaJgQMVKiEGAB0kSgekEAAYACDF9rxbOhkIwejfZxD2g86dqAQYw8n14gMgsJjGkqURQhMIm5bWhcaJgQMV0mfTCh1Z-wsO;dc_rmcid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnm...
ade.googlesyndication.com/ddm/activity/ Frame F25D 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2JH4hcaJgQMVKiEGAB0kSgekEAAYACDF9rxbOhkIwejfZxD2g86dqAQYw8n14gMgsJjGkqURQhMIm5bWhcaJgQMV0mfTCh1Z-wsO;dc_rmcid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D38%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693575947897;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F25D 		42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cex_kCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAcgDmwSqBOcBT9Ano6c_xXQAIAx-uQ_aFQAFLcEIXA2rWnlu1M5msDFgz1BIfYi9Z2baJwpLtAx97jKUnfhNPdvdNTVBeqWp0pZWk2SADjn8Y1zrixWGD1Cy4efE4PG9nvtktaPAlaYOS54sU1GCHhLPhYD7jy3HCPVjKi-rTU4p8_eQebILYc9aMnv2cz6pEb3tovh-d0l1Hk4OK2WPUzT2uyAt0DujlTpleR1TcLua0nX5cFoWo8pXRgHE4k3KaZsvDfr2alG3Ak1-rf5y4SlLOdLcRYRAF_WMfXWJc4Iu_mDeFOYcmJpSTliLoFiVwAT2g86dqATgBAOIBZKAjp5LkAYBoAZOgAfrnsFnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJHUsgNAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwU&sigh=9rK7AmeuGBQ&label=part2viewed&ad_mt=38&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D38%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693575947897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame F25D 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:28:59 GMT
x-content-type-options
nosniff
age
40608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 02:28:59 GMT
pixel.png
unified.adsafeprotected.com/ Frame F25D 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vOTU1OGJlNzQyODBhOWM3NzgxYjAxMGQxZjczNGY1NzYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTQ4MzkwNiIsImN1c3RvbTgiOiI3MTQyMTMzNiIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6IjNiOWE4OWM2LWQyOGMtNDM5NS1iZTY5LTdhMjZmM2E3MGEyMyJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDE5NTgwMzE1NCIsImhlYWRlcjExIjoiRENNIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNyZWF0aXZlSWQiOiIxOTE4MzkwNDUiLCJjYiI6IjE2OTM1NzU5NDc1OTcyOTIzMTMiLCJhZER1cmF0aW9uIjotMSwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1483906&pubEntityId=71421336&ss_iris_id={{iris_id}}&iris_id=[IRIS_ID]
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.227.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-227-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 13:45:47 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
static.adsafeprotected.com/ Frame F25D
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1483906/71421339/skeleton.gif?xmtp=v&xmapp=0&xsId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&bidurl=https://cutty.app/nPsV4TDBa9e&ias_campId=1012753603&ias_pubId=...
  • https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUGxvmZYxHQzKf86zE...
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUGxvmZYxHQzKf86zEy5qYAT5eSpF2LyHN5GkYZgA-jGtjkZOGFsAs3pwKJT9CLFjsrkRBeHqtKBWewS2Ytr7fjI0EQu2my2xkdXQ6-jhkPzo528AqPzFPyBnJ89NpbG7J7BqPsJec9jHxy6hUeP91nDct7sYsfZG3WN7aQKTEgt8QHQhyED0mev-jomQfroyLhMV3UAS4rUWu&sai=AMfl-YQry_fDzad4qQpfJm8yYmQCgzlWadrzsa4zE4E-XgS4y7x3yyliB6rEj5vA8CZCFg7lN4gDmkLJBA6FarZnS3Nt3dP0iRTq4I9G1zdhpiNBJllLDDAlOp4GPO1pwJmVamMO6gS9NoQgVB-lB8muwk6AhQ&sig=Cg0ArKJSzGk4Qa6ku5daEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=71421339&redirectedRetries=0
Protocol
H2
Server
2600:9000:2394:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 04:37:05 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
19904924
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
p_dyjLeFqyWshwyu0Obtm2X5J2oo8A4qUX0K96P9EJRpJfREyPjDew==

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
nginx
x-server-name
app05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUGxvmZYxHQzKf86zEy5qYAT5eSpF2LyHN5GkYZgA-jGtjkZOGFsAs3pwKJT9CLFjsrkRBeHqtKBWewS2Ytr7fjI0EQu2my2xkdXQ6-jhkPzo528AqPzFPyBnJ89NpbG7J7BqPsJec9jHxy6hUeP91nDct7sYsfZG3WN7aQKTEgt8QHQhyED0mev-jomQfroyLhMV3UAS4rUWu&sai=AMfl-YQry_fDzad4qQpfJm8yYmQCgzlWadrzsa4zE4E-XgS4y7x3yyliB6rEj5vA8CZCFg7lN4gDmkLJBA6FarZnS3Nt3dP0iRTq4I9G1zdhpiNBJllLDDAlOp4GPO1pwJmVamMO6gS9NoQgVB-lB8muwk6AhQ&sig=Cg0ArKJSzGk4Qa6ku5daEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=&ias_xappb=&mon=71421339&redirectedRetries=0
cache-control
no-cache
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame F25D 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz5h3IUu4a1avCevNqBxsgNzuZ0GN1yH8T6FSB2w-cTxscuxkvRjDClRdq9whV74_TRaL8igxvEh763Kz6ufrPJpQwsHzQgJi9uW10Iw1lNemVJi7VNftbRl17YKXQCE9yh_HGxxmGWJC4SV6QTJqzIsR-PSZRIcLVHejRyWT9iSgeaWer9Pxxv8s-TeqjPzTXWrhB22aaNelmAPNEjvRDYkJ1hd2IJVsIEOyYwAzZmIFY5xjFXWyK04xE5PyFMC6lLM0fdsCCKAR_vCjjAeCFRX-NetxW-S4MoUY6T74sww9gNuWns6HEA2TfRpK0h_1YUIIv0c-Q9xKJaV_dglHCbatJmX5Z_VI6qVa_VwtOgwoKcKG8kLw3m2n-W0uZVWTumh1x4V5i3zVY50jay6mtHukFvd1mJIQr0odsd0h89lq4T1Ij9DTJjLOKJM1B6H1VHdMh2fPLDPZa2Citf3iHfDIaZTmaHjqLOXByp1BTag_gPJvQIcd8rAi_tqykUnpwF2F4ETjamCYWTepMl-8B5ApwHZTcI5Xe1-8T9D3D7pEe5bpYXVa6ipOnrbwivT9diFb4AWPo16FQzm8uhTnDMr92h1QeQGzsyzCuvICKgac67PGm-tnzlvRmSHJeRlFqn-m6GchtsbkTvIu6KrHaecuoKvELuSfSqhx3SIljcw7Td9nnHBdubXPgYg45hf5EN9zwbd8YZ49qAJ7TA_CbkpxgPcuujBgdatdVm5YQIdHJeW18dZAtYckeZykDB3UkviYT7PMGQEcget1b47MSxkbyhrIqKo4Uz_4SNvBSAwyHmG56iZ0sYrVJ1BFx1t6Tp5dEki6GghYXzNtPuyYRjn41EE-KajufUnBhuikEaYFs41DCZ1jKSXOlhHvCxp-sVt1Afg_fhiF8OlwAfbiXEdkv30K7WO15gk8zllUW89S1CTOShILF9rPBU9gw2p_LnvZBcx2TetedZ47i7hzMYHigsRplXP7P-9fjvMNkCr0phhQvFmF6FzMwTpqu0VhZew_7bkOVBjvVZaPspJy_fKiBmQZmjVFgmLOplkAdxP2igTA9zUJkwp3zL9Lsj0Ei1X7B9bFD7khP4qfdCZgB1HtdCnL-c2aMrBghoLvLzSscHm1XbwEsDceoRQYhfSvQXIiJa0tykZ-hWMclsEB2OjwW-KPauqeIGRAAhVVuhKYI3nVUlsRlAHtFvegdNv-YSwEVUD7d4_I&sai=AMfl-YRBWFlSGVm9PH0ahB01YLHAzRsQld1bvl4kL9ctBiP1bwCXlGCSO_grCek5XWCahadNDKqZMMF-q7p5m8hXxSlz4F7KKsy0BRbjmWvJZIEcsdyu3CAMTJH-vRs2ny6GD-2i6n2bb2dAoH1awtW5IuwuW3c3UQEkv6MUjtkNwPVJJO4BxjbLXuNAVs-QhasTBms0X2PDkeVxxBF2yZ54nHPLQfUWnnovUqA_s4riQVlB44WihZaxZqQv2N8xK4WMSmLpONpj1vLBiMTDQRPsB1CVKAn4SZylwsbHgQQh8QBrq8Hmv2jx-DpxCjTX&sig=Cg0ArKJSzK3GvSpq_0h8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame F25D
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYoc6j6gEgATAB&v=APEucNUvZFcY_xxD57-jEl5asSeuOov_4kLkfDyUhaBS_8HnE_4IqG3pa5o0pumktY8oEGle-PJoFe9iD1KVgioZfUhcXR54Dg
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPHrDBfvPfxzk6Ofykt2zQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 13:45:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F25D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F25D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRSNL5huZZo0Szjek22C-UszeWO6uWTtksxScUTIZnQ7xsWgRoqp_EFD98gZi0j16FBYzVnW-fqlxBMiJb1Rxehu-j52BR09HCiLL_SpUvkyDI8WLt05xaHuQV7Ti0QMA&sai=AMfl-YQqDu5i-XTYNBcD5-5JqZrBDa5-9I6LyW-NoOKYngGVVMAxfO0spoaFdN7Hk0w_bP6gB6xfeCf5esspv-_rxgoFJZaUogACbdZtVbtUOw212dTJ5fxCyxiFPBrzg-QBLaJ4UtJ3UBHc3caK5A&sig=Cg0ArKJSzIJeE106NbATEAE&cid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D38%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1693575947897&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F25D 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cex_kCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAcgDmwSqBOcBT9Ano6c_xXQAIAx-uQ_aFQAFLcEIXA2rWnlu1M5msDFgz1BIfYi9Z2baJwpLtAx97jKUnfhNPdvdNTVBeqWp0pZWk2SADjn8Y1zrixWGD1Cy4efE4PG9nvtktaPAlaYOS54sU1GCHhLPhYD7jy3HCPVjKi-rTU4p8_eQebILYc9aMnv2cz6pEb3tovh-d0l1Hk4OK2WPUzT2uyAt0DujlTpleR1TcLua0nX5cFoWo8pXRgHE4k3KaZsvDfr2alG3Ak1-rf5y4SlLOdLcRYRAF_WMfXWJc4Iu_mDeFOYcmJpSTliLoFiVwAT2g86dqATgBAOIBZKAjp5LkAYBoAZOgAfrnsFnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJHUsgNAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwU&sigh=9rK7AmeuGBQ&label=vast_creativeview&ad_mt=38&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D38%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1693575947897
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F25D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lm0ne4n0&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=833&mt=video%2Fmp4&vs=640x360&dm=10000&event_name=first_play&asset_bytes=195006&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.vo~ff.w1~videopreviewstarted.w3
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=3016631238931351&bg=!paalpunNAAYHwnCgJ8I7ADQBe5WfOI-vQZR9J_osRGpUgNXPgws9vGCgK-Ql7bJQXho4AVnR3mLyDzo-x3B7Va2Xsuf4AgAAAJ5SAAAAB2gBBwoAYhaEA2hmYa3c0bIKvg9lsNSDw5VD2BSopvSf-u6CGxkdxGyKp7N7XC_y8ohxf0eA0BTrBFWTH0dYE57GFQ8J34zLmCIJESp61No5sJuTyCdDPm7ErmaBSGIU11Lltn4FuRFpmQK4Oo_nRGsA5k8x4KzDwXWW1-F63dQcpMh2HmksNAPFwP8QPmtk2yjwUYf5EHzplY7siFYLQgI6ihGgKAPDT4OyYJC8f28AlAh2mDzE2h5VaqPP2v8HutcgvKN1X_pfXU5R1fNInK6dV3MTf1A02Gyb_58yJQY7zyE5SUP_BBpcVjEQvQW43CTlNnyGmpkIt33EpplGTEv2tqhQyjF66G4QoUg2K4ilmmFCK0pfnotbpz50O7W3gFfzhIz7pIVJ9Mp0qXCqx8H4ph-XX3qsUsPplx8BLsLT4_MSAKpbZwGbvXHAbnFjOwFzxIIeTqX9PlZ_35PTyxXezmWSd4SRJlJMLhv3mfp4AMi1k3XkYXVxZDWvhELIhVV3b91nCisnlcRiZMm6tr_vuwN9HN0tQ-TZ4KUoHwQFNP_l6XjBIiePDtodTnst9pIFL-GCx-ZhazIFpYEJQFQueQpAWxwIEb10ZNM_NCn3IEbPqkrWYFJMaBI8I3YCP3n2gPcet2-qi3HGycaFBcrlx1tag37M5Oi_Bewd8KVSekGmJnSFiHXJQ9pIeXydiROGkFzKsm1b-5MGFDgWU17vzvTw_Rq3lKeg2tQqchOOoPg9zqtXKMMLe_D_m2XRoi50__xd7QTQMp0Yeog1ctGN0cCGwuip9JOZtt9WwTc_DPFhvB8yf4pUlFN92l0f751ZiDUjagzPuQRG2is7KHP9yqCvFXr4Vt0TEBnTjxQmWwcQgWlUV-ybJG2bHfMY2XZmZ1B9JEbHNHtOkiW41c62i67aEfEdFFzABOCAr18eODaQsM2VjR8RiZl78DZL3HkvQPcJXRqspqY_NbiJk9fdgIzz7QertYezcTVswlhhztHm5Ey9jRsxZZzKaY0dX34SCipdMvcW3aREQ6XbIsPeHVsVMDNb45etCDdSkBo7N3OE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 14E2 		624 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYqMKj6gEwAQ&v=APEucNWSu6IJVuTk7ao59__UVTjtkOSQIZaFOBpuWUyFd6ujDGZdKGdzFEwd-8ZrY385PWE3-WP5Jzo1UHTOTZ2R2BRODT5ws3VfHO0N3ILes7tKm_IzXAOP3VKcR-dZF_h7rQHR38N-YDJtiKKGwLgjn1uSnr9-bfViPiI-KjG52gYAipqE-Nnsx7IikT_JwEiHlJeG8gloAqXVMXyuRCr4LJv_d1J9Yw
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 13:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2B66 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 01 Sep 2023 13:45:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B66 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ATmDMkqEy1UOjrbQ1tksIKmt26Jqpq8GmI82o7ClIUjnMfux06VLj5zsb3dgEC4fBcxWJgoGHSL-COKhpOrXx6H1vXuNDJEGWviXGe_Q3no8azF3g
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B66 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16618454949763361487&x=1&ct=76
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 2B66 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:07:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
2314
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Sep 2023 13:07:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 2B66 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:54:13 GMT
l
www.google.com/ads/measurement/ Frame 2B66 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4XeoH1l7Z62c5M8tfUH_IDxYPUVgJI6QbXXLgaa6fKWfSLhzd2_vdVBsh6FEptU439AwgzYL6S3IpsAS5mmCnEr-FIA
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B66 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 13:45:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2B8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BDHJbC-vxZJjgFarCmLAPpJSdoAoAAAAAOAHgBAI&bg=!7-yl7KPNAAYHwnCgJ8I7ADQBe5WfOLeaMFZ5k-WOwHUnEJO7CrEgE0SQ_MPo9zB8kqLVoGPX-xkTz_RA341EBP4oUpoKAgAAAK5SAAAAB2gBBwoAC2RveWMy5iesOgU_mQL6DtCGH8NaVMKoNW_9xS1D19iVyzSE0FitLnTgNe6pc2S7qi6wAI3PJtnZB23IK_N1WFY_-ryGR4OCR1Zmh-lSwsMn41WHiXbZ0TKe38JW3q9pPFgCKDSZDE0V0mFkR7xepoJTlDob4MXaTL7cowfQY9veQdN5MNp2n_8xD3astuZ4tiCecJB25Og8IdMLHVi6PQ9Lwvs8ehKIWkhu7i6jH2kG1VgJMyCTXplRPBHMFV2BMIgqBlbwzCoZgzm8_kOIZ8DvIs2T2p9n0QPRqMdO7-dq1HGNbtMIPmvDs29Fins_1F68u_7-xs3kdDLonb1vuDnSkMABIDbpTW1PgymKst0dC1Llju4Hn54zhZP6upLhWb8ihTi3jGqxkPjq07jxRzFPruLP2x_gvqjU2W4ItJWSJlV0okSCFKU6c6l1eN2zggEp8Tbau02KedPlnR42EnqreutnqzWdGbnEbjNjtjogfr7OmqJ0WVX2jYsqkxMAyuiXuGQ2VjDCVujtqzPSZ425YljvycLBvjrB-8rLXhmazB58v7B1OMy7fL3-_j4VPZLcziXLzkUimOB7-sQp7gCHnLo3AaW_6LHiGf1LaOdjNp_MofID9nHlY4kIeiC9mKZbml9DX8CnLmh79DYXDUE3mHHoSJmmutvMvHE0ZFPFomWZx3tqJ1G9dePYsqsBuZ9htA7I2rztAi8Zi9Tcd_3_pmgd0ZS1OTwWO5aNMSbM4popM8qB7_TZEApD3Qfg5tF7rxqKCg1Y4FAQ_5wbB5haVlqOYkSOompeTaiDxjwmqEVZ2Lldj4M7DpuJSamixLRJocrVfmz3x_yKVTD-If21n5Vhij-h-Z97ztw7xP5Ki7az0qgzTRz8k7POFrQrrIhI-Iz4nRblAG-32xlAla9wMPfAd1Ws0HE7bkrVJvgfTat-eVm8CqAepaaN-PwHeoibZDoDNVQ7NfW2zgCUCN1Jp_rSpi-b4z5SzDpPKSmyKje6R8pR0FhjhNNhtxzlhDkPdxR_KSOt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame AA36 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame AA36 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame AA36 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame AA36 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame AA36 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 31 Aug 2023 08:56:04 GMT
age
103783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Aug 2024 08:56:04 GMT
css
fonts.googleapis.com/ Frame AA36 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Sep 2023 13:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 12:03:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Sep 2023 13:45:47 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA36 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:26:59 GMT
x-content-type-options
nosniff
server
cafe
age
58728
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 01 Sep 2023 21:26:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA36 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:40:34 GMT
x-content-type-options
nosniff
server
cafe
age
57913
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Sep 2023 21:40:34 GMT
l
www.google.com/ads/measurement/ Frame AA36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0na5AmsNJNXM-6UhfmKkxga1xTqt7VfksPTY41HU1apOtvoNqeql6TOwYkxPmxKqLrfduHvtEWqRCbfGgYIK_Ulpd5w
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
e.js
live.demand.supply/e/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&pn=1&sn=3&pc=0.18487093448638917&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:47 GMT
cf-cache-status
HIT
age
222372
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4aaef0e9201-FRA
e.js
live.demand.supply/e/ 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&sy=75307086-66dd-4b54-b964-579bbce51660&ts=75&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=43f41700-f8dd-4521-82f1-b12d0b92c091&e=lm&dsReferer=Y3V0dHkuYXBwL25Qc1Y0VERCYTll
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nf-request-id
01H7PX9E9FM2Y3NFZMZ69PH5YK
date
Fri, 01 Sep 2023 13:45:48 GMT
cf-cache-status
HIT
age
222373
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1c18abef7faa339e228260124959585c-ssl"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
7ffdf4aaef109201-FRA
14763004658117789537
tpc.googlesyndication.com/simgad/3867124122777919794/ Frame AA36 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3867124122777919794/14763004658117789537?w=600&h=314
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
197fba1789cfe6e1c457fa9296fe7f5c96838dfca69b725e7e53b3069b97120e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:22:13 GMT
x-content-type-options
nosniff
age
548614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7374
x-xss-protection
0
last-modified
Tue, 04 Jul 2023 14:30:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Aug 2024 05:22:13 GMT
truncated
/ Frame AA36 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AA36 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AA36 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f1f7bc9f3770ec77fc089633e2020960a4427ce924dbec5255adf0cd1eaf0c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AA36 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjEUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46db770dbf6ef751fb2774a62943c97bc007b3508771f3a07f2221bfa5d89bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cutty.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 11:45:11 GMT
x-content-type-options
nosniff
age
266437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8608
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 11:45:11 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AA36 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cutty.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
age
549707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 05:04:01 GMT
rum
dsum-sec.casalemedia.com/ Frame 14E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYqMKj6gEwAQ&v=APEucNWSu6IJVuTk7ao59__UVTjtkOSQIZaFOBpuWUyFd6ujDGZdKGdzFEwd-8ZrY385PWE3-WP5Jzo1UHTOTZ2R2BRODT5ws3VfHO0N3ILes7tKm_IzXAOP3VKcR-dZF_h7rQHR38N-YDJtiKKGwLgjn1uSnr9-bfViPiI-KjG52gYAipqE-Nnsx7IikT_JwEiHlJeG8gloAqXVMXyuRCr4LJv_d1J9Yw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 13:45:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 14E2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPHrDMTgeaZLMLL3manE3AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYqMKj6gEwAQ&v=APEucNWSu6IJVuTk7ao59__UVTjtkOSQIZaFOBpuWUyFd6ujDGZdKGdzFEwd-8ZrY385PWE3-WP5Jzo1UHTOTZ2R2BRODT5ws3VfHO0N3ILes7tKm_IzXAOP3VKcR-dZF_h7rQHR38N-YDJtiKKGwLgjn1uSnr9-bfViPiI-KjG52gYAipqE-Nnsx7IikT_JwEiHlJeG8gloAqXVMXyuRCr4LJv_d1J9Yw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Sep 2023 13:45:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHI7udGNCmMp24bYwDQEDpo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 14E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEE2ruTwpUD9VnWk1RD-qtA8&google_cver=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEE2ruTwpUD9VnWk1RD-qtA8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYqMKj6gEwAQ&v=APEucNWSu6IJVuTk7ao59__UVTjtkOSQIZaFOBpuWUyFd6ujDGZdKGdzFEwd-8ZrY385PWE3-WP5Jzo1UHTOTZ2R2BRODT5ws3VfHO0N3ILes7tKm_IzXAOP3VKcR-dZF_h7rQHR38N-YDJtiKKGwLgjn1uSnr9-bfViPiI-KjG52gYAipqE-Nnsx7IikT_JwEiHlJeG8gloAqXVMXyuRCr4LJv_d1J9Yw
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
an-x-request-uuid
66c07de8-b382-4270-9989-8cd93dd58e45
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.36; 81.95.5.36; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEE2ruTwpUD9VnWk1RD-qtA8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 14E2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQwMjA5MTEyMjYyNDE3MzE1Nw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQwMjA5MTEyMjYyNDE3MzE1Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCYqWIYqMKj6gEwAQ&v=APEucNWSu6IJVuTk7ao59__UVTjtkOSQIZaFOBpuWUyFd6ujDGZdKGdzFEwd-8ZrY385PWE3-WP5Jzo1UHTOTZ2R2BRODT5ws3VfHO0N3ILes7tKm_IzXAOP3VKcR-dZF_h7rQHR38N-YDJtiKKGwLgjn1uSnr9-bfViPiI-KjG52gYAipqE-Nnsx7IikT_JwEiHlJeG8gloAqXVMXyuRCr4LJv_d1J9Yw
Protocol
H2
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
an-x-request-uuid
4d6f1e8a-670d-4cd4-a773-8936f261b776
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQwMjA5MTEyMjYyNDE3MzE1Nw%3D%3D
x-proxy-origin
81.95.5.36; 81.95.5.36; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AA36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C33jPC-vxZPmpIorQzQaLoY-QDsSGj8BxrofinMYRh8Xi4pUOEAEglZvKIWCtAqAB9Pf0zwHIAQmpArslBQjVM7I-4AIAqAMByAMKqgT3AU_QLABAkbuDXbuRS4SF6XapTAlYTZ6d1Wy0gvpELioHSPg31QZOkecBtHZZHmLiG-qwRPK44TNrH0yhvU2hpye6qEdbP9iu9_R9fj6w2MF59GQGzZXvyRcJhpJ9YGdSbV3-nuaW7f81_gtl0Zj0AIz_DruO2Aa4jkrdVEQ52OrdMi5iCcl6rO8fVK9a_Ri_EXyr1KDRy5X4kxzvvL4MNaDVWpmJyAvUN8ctC4bYVK7PGHJY__RBa4axDg7vyc1ExUHhy2wTq9waOlQ9ja0PhJhV3VN5ZincEQP62QglZXpfmV69pUGBk1HPIGdoSEqMltVhZVRypGTABL3Zl5usBOAEAYgFlfTC40uSBQQIBBgBkgUECAUYBKAGLoAH9IeLsAKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDwLtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCe4BaHR0cHM6Ly9rYWxsaXN0LmdyL3Nob3AvYWxsLXByb2R1Y3RzL2FsbC1zdGFyLWx1eHVyeS1nbG93LSVjZSViYiVjZSVhYyVjZSViNCVjZSViOS0lY2UlYmMlY2UlYjElY2YlODUlY2YlODElY2UlYWYlY2YlODMlY2UlYmMlY2UlYjElY2YlODQlY2UlYmYlY2YlODItJWNlJWIzJWNlJWI5JWNlJWIxLSVjZiU4MyVjZiU4ZCVjZiU4MyVjZiU4NiVjZSViOSVjZSViZSVjZSViNy0lY2UlYmElY2UlYjElY2UlYjktJWNlJWJiL4AKA8gLAdgTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=Po38Y5szkp0&uach_m=[]&ase=2&cid=CAQSOwBpAlJWR3KUYe8fGLaja32HNL82kxs-VczC6w9N-Ibjx4huipOXZx9S_05YYwEX0Qk4atmXjJRARaqjGAE&template_id=5000&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B66 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5879880632495&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B66 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5879880632495&version=m202307240101&ct=76&x=1&cor=16618454949763360000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2B66 		106 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHD_beVVdOl2_ihYEAWIG7FFpGt39_wxQ6Rp7wsuHy4b9P1kQwWiYZzhOUtpcDGamofUGyUgejSz-Owcs1mcv7doCVEyDZbgnmsxgSUVFz1lpTy3mqfRoD05qi43k1597vo-Z72lsXxCKXabgffpa0nhQF6OvwBkOnfu1sa3eRIpxUFfM&dbm_d=AKAmf-DUYclyXvdF30vJw9Jg2p8gE3SDXNl5wS1HvDlYlhCc9gvU8MkU8kxEZp0g7QWKDaU01WTQUm6LJYzhp22-GovEbfKfcKXJ7rdaZX8mAGpog5chKp2jbdmkwESC061X_nHzXo2dYJoZv31QZQQs_tleqvFoA8i_VKJtWdPuqV_LxgSOAmwiW0JGt1gFCviS-_LuJ_JSzRWuHWZBzF0BLxOkINMLJ84ufENLXfcBXv4G47YlBrE2P9et_4M9RSW2YSSW8nZGz6fYucmITlp64M4Q_yepxHuMLloExVQlccLllcuFExhu1EpIaiaEUrMOVQxrem-U7_5kowXhWdIScwz_h57aSwRNHfuY5kcYKaSus9v1n_CzoGI8m3W6XlKCyWr9yibJPzuKs0qQcb4pL3rubtg2uq7FGy5V1ss5a9eD0OUbvVeqXw7zQHwgABrNUUoXJj8JHy7T0xkV50ymeOWUb0xV2BYiDxu8hnHDob7BC6j3urdrZH89YM2wre96pd7LaZ0acTkEnKWywOK3oQ7vc47Few8qdH8mQGGk3Q189AI22fto6NmbaVcuC9sWNM8RTGaQupMr3Boqv_iZ3HJ1EUVOn0HyEcpSjglaJ7PdOoYdzG9qtt86QtaRfp2apkZ8Ihdaun4cF0E1rhBUc9260rA7ffACEhhN2txmWU7c-XfzZn4-4mKkiuWFWryYyG_6PikHNBSitJ-ywiROogEmFofUsCxR-BXXrhMqlhCnLClir_ioAr4MIschlclUnPzbwLXyaaucJrmCYGCsSrGjMPjOYDOD4F_kSK8VMIJOjp1beiC10mxFkMFsXX7HoyyYmeeqCPqrC1kL_CRCNz0O3uuJZTAgoWF7xHcUhO64gna_n--uekSg9U_PyL70TR2zMA1XxmwppJ6Q3ITKcX7-LTiVwX1KjjdATxYaebzHBuxosHVURRn-6Ns85C_3b-0jBQM3gVXJuKGJ8sqgSR1XH9omiNBMia9LGboQDJ3zpfPu9PgHfEkXgCm4TzOj3ctXiXM3QAALiIK6G8f4yonYLfPz3BQWFr9ZJ8de1w9ukZk1ZfKZVweKlGFiygPMHWLpChj9R6C9yCURjgOzhFzzfiEXQVP57__W5N-QxTJPb0t0vhIIAIPG45s6kS-WPw7zSxA0c2pEw0lJ59PNJW4xR24t2ddQkbR-l3vf8h0Hrlw0yfPS7xj1gGxisBmMVi36rijYRw7udBXj3-i5WYXBBLQTX9hMg4cP1y3pzbX7bVvOa7JYpFywhAnc_cAulzGIfIqPXfimc8oOQI7VVzzy9f3BXAxKlyRDF8jhZwvi_XDgd-7AIqygJvILSpVhp6cr2Q-4bMZ4b1CxehSpNDVM5G--Gt2r_wYspRURzlshCKjTEexenEB-9FPB8dzOLmHO-c1q8CBiO_Qtbdi-VfqrSEe97ntkoIrChesmmUaDN6-nvWkvalPXM3RxaIvL_kH2r_PTeLFyd1z2TCvqS60S2QtRdOJ7KBdcqPeL8O25kCZJzJsU5VecVAcxRo_-ksL3ngnEoQhqesRVZD8EgzGafrFFN1yASIUz33k9N3Q3cTBpG4tWWNpCxXpZVRFECLQyves4-8ul9tDTDSZms8ZR3J9EuwOZoG2p3Idm3vO6_cNoExoOnTxVbw9UJ2tnJLxSO3gk4vSOGgHzK8dZSE45pnPGRSwnGxtnYQEqfcHVgOA85tMIf2T2FSKMU3doNx6lTOHPQV2wObxSuAkc6Z9FyMclkVVAsIzlkKg2S9mOOhnhQIXVh34Pk20xT1rEksdmxgJFQ7L6tX5NHVmqZwpDnVNNF7QowZAq4U96cWsY6cwzaesceOFvCxztKwMJ32lnwE79KGsZr62NOsk8tnUQ8DDDkTcq4FYRHtLL0Nfh3PpaOaxi0jm56ZQkpa5TKASPf1FIwrhUL233mS-G5KE77N7f3BscmAv19yOMkdWH_b4p9WzyHQJwFA-dQ1sVywkBaeiyCMR5MMcKuauDt6erDRRkfxWE0tIHoL3S2s-Mxeh2mnnVlyKsUrqgVGckdGeF5yzUFu6tfR3XLwOjJ1kCPWeG4OH0pDkLUMyFmKJ1BklFP4_Ig89wNKEDX4NW0QbT1PAC77tq4oxw2nDm-f1nfcFhghltd-aZR6QS4zTExle2WQcgHv3qMXAqtRfc4xmQSBbofg47fgJ2dyXjS7Q-cpyLoEaEm4hL_kI44DyAJRRvuA7Nmmq5QkyAMluNZT-GniQaYC1DAcxhsa1El1CYV0FbN1VZ8-MiZMSuxVegTmZq2Tyx-Q7HsL93NzqiLIC5eBEbNEsAlEc6x2JGMhJ95_uqbeperO6I-xq5gw5pAJupfamgyDarBxyRwyh_DEhQz69j8Q-aoAwI9Ue4MB2Hx3hlNXp5Q-WtwSnCne6zVivPVOjxdAXfPCITJFycdMoR8kHQM82QIZdFdMi1wXEOXL7fTZ2ibkEkEoEtqztof8IYMXV1IMGnIJEPVCu50EFiZgJomUxicT6XU4vMci6PlMcBJyrgdx82Zc6wpOTzqIiuPLy2EfJhj969a0_AAOK1nsu5kdQmSpL_t5dZE0r2On0IRMriKbkJfuXu1W5jXmxuKr8RCCBQug8Ar811JkRWmQFD0F72n1fZk64FjcVFfWw1XIHmrsLMYu8Z_IVYu72EqgAO7JDq1HfzAo1B1KSo2PfeQufHTFolG8dOFyUpTuWIkO0ecjIosUZrYqDrP0gGExKSRHHgA1jL1ImE9oMIbhnkcbwswRzlPCuQhoB_A9EEaux5K9kQwsw3uuSzowH0UuI2BPTe99_TFKplwRJ7KBboRwqOKeAmdryacmwD9dOvZXtEFgOwKmh5-qocR-xR5wPLLJyAfSvakD_fJEiaT4JUc2jv3UyaAagT2zEL6cerGatK9cSr8uYdA9tScPPv1SucvFUYtiPoLj-ZnWwQIr3QAMBPxcc9Vq3HKhFaAmcV6PmIHWk_mPubW2qFkJ3818fvYDBF3huLM5SaV3pd-nWWrv8qhrLdhfQZypCzYtl5cGc96UOAjQghPjnMHbcoxky_Kpr58VzPoFbtuK_z7qVGbtV_5zOppLNDoaBaqS5tMXxhZNc-UK195N1nC7b-KHKVIuGPW21BIaWYMyehxtNY5YX_1_-d9e7a3wB5JH7jbFKRvMD8j3jgeBYUJtnjSLc6J_Xi_bZ3FAPdbP3-uCVgF01hmuKrIVubCC4IS3g3lAp2EMTbvhYBIgZ3f-FB_YanYBkZY5KhYZyX4vVzUc3thR6X6KJQJOr3_wE-50Ea4KoYargYLv4SnkJtm8bwpZyW87XKa1J7hEsTQlZbwXD9amgcEn9KXED7KXGJdRSs2k6SIABt_PLNWbisumaVa_1h-4H3Tz-qQWJC1VfxkT3Tb_WL28eGvfwnr9F0sqlQbh15ydwS1gtqdZ3h2jVMcBzMINB8gKQadMKh2voBHZVO26n9b9w3rDSUllDqTTW-It3914WTNcVfJ6V2L-rz4qM&cid=CAQSOwBpAlJWAvzaDlreFTFZLLsdvvz9zdBOO3ivEHYh1WX8QYCZYEBfWVQKCYijYOnzuKkJueFoZVgKTP2YGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fcutty.app%2F&ds=l&xdt=1&iif=1&cor=16618454949763360000&adk=2086295851&idt=95&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e87634b8235ed7b7bd95b8491b19c84e01a46f3a0caaaaac4231a6cfc4ba8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40805
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1483906/71421243/ Frame 2B66 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1483906/71421243/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012753603&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20166357794&bidurl=https://cutty.app/nPsV4TDBa9e&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hmXGtBttOPf0wzmIjxxLb9
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.159.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-159-118.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9b768156e56bbfd266a5421b6ef761cfa5e1b54561f8b5c7fa309a5032aa8f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2B66 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Origin
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 10:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 10:55:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/ Frame 2B66 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHD_beVVdOl2_ihYEAWIG7FFpGt39_wxQ6Rp7wsuHy4b9P1kQwWiYZzhOUtpcDGamofUGyUgejSz-Owcs1mcv7doCVEyDZbgnmsxgSUVFz1lpTy3mqfRoD05qi43k1597vo-Z72lsXxCKXabgffpa0nhQF6OvwBkOnfu1sa3eRIpxUFfM&dbm_d=AKAmf-DUYclyXvdF30vJw9Jg2p8gE3SDXNl5wS1HvDlYlhCc9gvU8MkU8kxEZp0g7QWKDaU01WTQUm6LJYzhp22-GovEbfKfcKXJ7rdaZX8mAGpog5chKp2jbdmkwESC061X_nHzXo2dYJoZv31QZQQs_tleqvFoA8i_VKJtWdPuqV_LxgSOAmwiW0JGt1gFCviS-_LuJ_JSzRWuHWZBzF0BLxOkINMLJ84ufENLXfcBXv4G47YlBrE2P9et_4M9RSW2YSSW8nZGz6fYucmITlp64M4Q_yepxHuMLloExVQlccLllcuFExhu1EpIaiaEUrMOVQxrem-U7_5kowXhWdIScwz_h57aSwRNHfuY5kcYKaSus9v1n_CzoGI8m3W6XlKCyWr9yibJPzuKs0qQcb4pL3rubtg2uq7FGy5V1ss5a9eD0OUbvVeqXw7zQHwgABrNUUoXJj8JHy7T0xkV50ymeOWUb0xV2BYiDxu8hnHDob7BC6j3urdrZH89YM2wre96pd7LaZ0acTkEnKWywOK3oQ7vc47Few8qdH8mQGGk3Q189AI22fto6NmbaVcuC9sWNM8RTGaQupMr3Boqv_iZ3HJ1EUVOn0HyEcpSjglaJ7PdOoYdzG9qtt86QtaRfp2apkZ8Ihdaun4cF0E1rhBUc9260rA7ffACEhhN2txmWU7c-XfzZn4-4mKkiuWFWryYyG_6PikHNBSitJ-ywiROogEmFofUsCxR-BXXrhMqlhCnLClir_ioAr4MIschlclUnPzbwLXyaaucJrmCYGCsSrGjMPjOYDOD4F_kSK8VMIJOjp1beiC10mxFkMFsXX7HoyyYmeeqCPqrC1kL_CRCNz0O3uuJZTAgoWF7xHcUhO64gna_n--uekSg9U_PyL70TR2zMA1XxmwppJ6Q3ITKcX7-LTiVwX1KjjdATxYaebzHBuxosHVURRn-6Ns85C_3b-0jBQM3gVXJuKGJ8sqgSR1XH9omiNBMia9LGboQDJ3zpfPu9PgHfEkXgCm4TzOj3ctXiXM3QAALiIK6G8f4yonYLfPz3BQWFr9ZJ8de1w9ukZk1ZfKZVweKlGFiygPMHWLpChj9R6C9yCURjgOzhFzzfiEXQVP57__W5N-QxTJPb0t0vhIIAIPG45s6kS-WPw7zSxA0c2pEw0lJ59PNJW4xR24t2ddQkbR-l3vf8h0Hrlw0yfPS7xj1gGxisBmMVi36rijYRw7udBXj3-i5WYXBBLQTX9hMg4cP1y3pzbX7bVvOa7JYpFywhAnc_cAulzGIfIqPXfimc8oOQI7VVzzy9f3BXAxKlyRDF8jhZwvi_XDgd-7AIqygJvILSpVhp6cr2Q-4bMZ4b1CxehSpNDVM5G--Gt2r_wYspRURzlshCKjTEexenEB-9FPB8dzOLmHO-c1q8CBiO_Qtbdi-VfqrSEe97ntkoIrChesmmUaDN6-nvWkvalPXM3RxaIvL_kH2r_PTeLFyd1z2TCvqS60S2QtRdOJ7KBdcqPeL8O25kCZJzJsU5VecVAcxRo_-ksL3ngnEoQhqesRVZD8EgzGafrFFN1yASIUz33k9N3Q3cTBpG4tWWNpCxXpZVRFECLQyves4-8ul9tDTDSZms8ZR3J9EuwOZoG2p3Idm3vO6_cNoExoOnTxVbw9UJ2tnJLxSO3gk4vSOGgHzK8dZSE45pnPGRSwnGxtnYQEqfcHVgOA85tMIf2T2FSKMU3doNx6lTOHPQV2wObxSuAkc6Z9FyMclkVVAsIzlkKg2S9mOOhnhQIXVh34Pk20xT1rEksdmxgJFQ7L6tX5NHVmqZwpDnVNNF7QowZAq4U96cWsY6cwzaesceOFvCxztKwMJ32lnwE79KGsZr62NOsk8tnUQ8DDDkTcq4FYRHtLL0Nfh3PpaOaxi0jm56ZQkpa5TKASPf1FIwrhUL233mS-G5KE77N7f3BscmAv19yOMkdWH_b4p9WzyHQJwFA-dQ1sVywkBaeiyCMR5MMcKuauDt6erDRRkfxWE0tIHoL3S2s-Mxeh2mnnVlyKsUrqgVGckdGeF5yzUFu6tfR3XLwOjJ1kCPWeG4OH0pDkLUMyFmKJ1BklFP4_Ig89wNKEDX4NW0QbT1PAC77tq4oxw2nDm-f1nfcFhghltd-aZR6QS4zTExle2WQcgHv3qMXAqtRfc4xmQSBbofg47fgJ2dyXjS7Q-cpyLoEaEm4hL_kI44DyAJRRvuA7Nmmq5QkyAMluNZT-GniQaYC1DAcxhsa1El1CYV0FbN1VZ8-MiZMSuxVegTmZq2Tyx-Q7HsL93NzqiLIC5eBEbNEsAlEc6x2JGMhJ95_uqbeperO6I-xq5gw5pAJupfamgyDarBxyRwyh_DEhQz69j8Q-aoAwI9Ue4MB2Hx3hlNXp5Q-WtwSnCne6zVivPVOjxdAXfPCITJFycdMoR8kHQM82QIZdFdMi1wXEOXL7fTZ2ibkEkEoEtqztof8IYMXV1IMGnIJEPVCu50EFiZgJomUxicT6XU4vMci6PlMcBJyrgdx82Zc6wpOTzqIiuPLy2EfJhj969a0_AAOK1nsu5kdQmSpL_t5dZE0r2On0IRMriKbkJfuXu1W5jXmxuKr8RCCBQug8Ar811JkRWmQFD0F72n1fZk64FjcVFfWw1XIHmrsLMYu8Z_IVYu72EqgAO7JDq1HfzAo1B1KSo2PfeQufHTFolG8dOFyUpTuWIkO0ecjIosUZrYqDrP0gGExKSRHHgA1jL1ImE9oMIbhnkcbwswRzlPCuQhoB_A9EEaux5K9kQwsw3uuSzowH0UuI2BPTe99_TFKplwRJ7KBboRwqOKeAmdryacmwD9dOvZXtEFgOwKmh5-qocR-xR5wPLLJyAfSvakD_fJEiaT4JUc2jv3UyaAagT2zEL6cerGatK9cSr8uYdA9tScPPv1SucvFUYtiPoLj-ZnWwQIr3QAMBPxcc9Vq3HKhFaAmcV6PmIHWk_mPubW2qFkJ3818fvYDBF3huLM5SaV3pd-nWWrv8qhrLdhfQZypCzYtl5cGc96UOAjQghPjnMHbcoxky_Kpr58VzPoFbtuK_z7qVGbtV_5zOppLNDoaBaqS5tMXxhZNc-UK195N1nC7b-KHKVIuGPW21BIaWYMyehxtNY5YX_1_-d9e7a3wB5JH7jbFKRvMD8j3jgeBYUJtnjSLc6J_Xi_bZ3FAPdbP3-uCVgF01hmuKrIVubCC4IS3g3lAp2EMTbvhYBIgZ3f-FB_YanYBkZY5KhYZyX4vVzUc3thR6X6KJQJOr3_wE-50Ea4KoYargYLv4SnkJtm8bwpZyW87XKa1J7hEsTQlZbwXD9amgcEn9KXED7KXGJdRSs2k6SIABt_PLNWbisumaVa_1h-4H3Tz-qQWJC1VfxkT3Tb_WL28eGvfwnr9F0sqlQbh15ydwS1gtqdZ3h2jVMcBzMINB8gKQadMKh2voBHZVO26n9b9w3rDSUllDqTTW-It3914WTNcVfJ6V2L-rz4qM&cid=CAQSOwBpAlJWAvzaDlreFTFZLLsdvvz9zdBOO3ivEHYh1WX8QYCZYEBfWVQKCYijYOnzuKkJueFoZVgKTP2YGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fcutty.app%2F&ds=l&xdt=1&iif=1&cor=16618454949763360000&adk=2086295851&idt=95&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
85761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 13:56:27 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 2B66 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHD_beVVdOl2_ihYEAWIG7FFpGt39_wxQ6Rp7wsuHy4b9P1kQwWiYZzhOUtpcDGamofUGyUgejSz-Owcs1mcv7doCVEyDZbgnmsxgSUVFz1lpTy3mqfRoD05qi43k1597vo-Z72lsXxCKXabgffpa0nhQF6OvwBkOnfu1sa3eRIpxUFfM&dbm_d=AKAmf-DUYclyXvdF30vJw9Jg2p8gE3SDXNl5wS1HvDlYlhCc9gvU8MkU8kxEZp0g7QWKDaU01WTQUm6LJYzhp22-GovEbfKfcKXJ7rdaZX8mAGpog5chKp2jbdmkwESC061X_nHzXo2dYJoZv31QZQQs_tleqvFoA8i_VKJtWdPuqV_LxgSOAmwiW0JGt1gFCviS-_LuJ_JSzRWuHWZBzF0BLxOkINMLJ84ufENLXfcBXv4G47YlBrE2P9et_4M9RSW2YSSW8nZGz6fYucmITlp64M4Q_yepxHuMLloExVQlccLllcuFExhu1EpIaiaEUrMOVQxrem-U7_5kowXhWdIScwz_h57aSwRNHfuY5kcYKaSus9v1n_CzoGI8m3W6XlKCyWr9yibJPzuKs0qQcb4pL3rubtg2uq7FGy5V1ss5a9eD0OUbvVeqXw7zQHwgABrNUUoXJj8JHy7T0xkV50ymeOWUb0xV2BYiDxu8hnHDob7BC6j3urdrZH89YM2wre96pd7LaZ0acTkEnKWywOK3oQ7vc47Few8qdH8mQGGk3Q189AI22fto6NmbaVcuC9sWNM8RTGaQupMr3Boqv_iZ3HJ1EUVOn0HyEcpSjglaJ7PdOoYdzG9qtt86QtaRfp2apkZ8Ihdaun4cF0E1rhBUc9260rA7ffACEhhN2txmWU7c-XfzZn4-4mKkiuWFWryYyG_6PikHNBSitJ-ywiROogEmFofUsCxR-BXXrhMqlhCnLClir_ioAr4MIschlclUnPzbwLXyaaucJrmCYGCsSrGjMPjOYDOD4F_kSK8VMIJOjp1beiC10mxFkMFsXX7HoyyYmeeqCPqrC1kL_CRCNz0O3uuJZTAgoWF7xHcUhO64gna_n--uekSg9U_PyL70TR2zMA1XxmwppJ6Q3ITKcX7-LTiVwX1KjjdATxYaebzHBuxosHVURRn-6Ns85C_3b-0jBQM3gVXJuKGJ8sqgSR1XH9omiNBMia9LGboQDJ3zpfPu9PgHfEkXgCm4TzOj3ctXiXM3QAALiIK6G8f4yonYLfPz3BQWFr9ZJ8de1w9ukZk1ZfKZVweKlGFiygPMHWLpChj9R6C9yCURjgOzhFzzfiEXQVP57__W5N-QxTJPb0t0vhIIAIPG45s6kS-WPw7zSxA0c2pEw0lJ59PNJW4xR24t2ddQkbR-l3vf8h0Hrlw0yfPS7xj1gGxisBmMVi36rijYRw7udBXj3-i5WYXBBLQTX9hMg4cP1y3pzbX7bVvOa7JYpFywhAnc_cAulzGIfIqPXfimc8oOQI7VVzzy9f3BXAxKlyRDF8jhZwvi_XDgd-7AIqygJvILSpVhp6cr2Q-4bMZ4b1CxehSpNDVM5G--Gt2r_wYspRURzlshCKjTEexenEB-9FPB8dzOLmHO-c1q8CBiO_Qtbdi-VfqrSEe97ntkoIrChesmmUaDN6-nvWkvalPXM3RxaIvL_kH2r_PTeLFyd1z2TCvqS60S2QtRdOJ7KBdcqPeL8O25kCZJzJsU5VecVAcxRo_-ksL3ngnEoQhqesRVZD8EgzGafrFFN1yASIUz33k9N3Q3cTBpG4tWWNpCxXpZVRFECLQyves4-8ul9tDTDSZms8ZR3J9EuwOZoG2p3Idm3vO6_cNoExoOnTxVbw9UJ2tnJLxSO3gk4vSOGgHzK8dZSE45pnPGRSwnGxtnYQEqfcHVgOA85tMIf2T2FSKMU3doNx6lTOHPQV2wObxSuAkc6Z9FyMclkVVAsIzlkKg2S9mOOhnhQIXVh34Pk20xT1rEksdmxgJFQ7L6tX5NHVmqZwpDnVNNF7QowZAq4U96cWsY6cwzaesceOFvCxztKwMJ32lnwE79KGsZr62NOsk8tnUQ8DDDkTcq4FYRHtLL0Nfh3PpaOaxi0jm56ZQkpa5TKASPf1FIwrhUL233mS-G5KE77N7f3BscmAv19yOMkdWH_b4p9WzyHQJwFA-dQ1sVywkBaeiyCMR5MMcKuauDt6erDRRkfxWE0tIHoL3S2s-Mxeh2mnnVlyKsUrqgVGckdGeF5yzUFu6tfR3XLwOjJ1kCPWeG4OH0pDkLUMyFmKJ1BklFP4_Ig89wNKEDX4NW0QbT1PAC77tq4oxw2nDm-f1nfcFhghltd-aZR6QS4zTExle2WQcgHv3qMXAqtRfc4xmQSBbofg47fgJ2dyXjS7Q-cpyLoEaEm4hL_kI44DyAJRRvuA7Nmmq5QkyAMluNZT-GniQaYC1DAcxhsa1El1CYV0FbN1VZ8-MiZMSuxVegTmZq2Tyx-Q7HsL93NzqiLIC5eBEbNEsAlEc6x2JGMhJ95_uqbeperO6I-xq5gw5pAJupfamgyDarBxyRwyh_DEhQz69j8Q-aoAwI9Ue4MB2Hx3hlNXp5Q-WtwSnCne6zVivPVOjxdAXfPCITJFycdMoR8kHQM82QIZdFdMi1wXEOXL7fTZ2ibkEkEoEtqztof8IYMXV1IMGnIJEPVCu50EFiZgJomUxicT6XU4vMci6PlMcBJyrgdx82Zc6wpOTzqIiuPLy2EfJhj969a0_AAOK1nsu5kdQmSpL_t5dZE0r2On0IRMriKbkJfuXu1W5jXmxuKr8RCCBQug8Ar811JkRWmQFD0F72n1fZk64FjcVFfWw1XIHmrsLMYu8Z_IVYu72EqgAO7JDq1HfzAo1B1KSo2PfeQufHTFolG8dOFyUpTuWIkO0ecjIosUZrYqDrP0gGExKSRHHgA1jL1ImE9oMIbhnkcbwswRzlPCuQhoB_A9EEaux5K9kQwsw3uuSzowH0UuI2BPTe99_TFKplwRJ7KBboRwqOKeAmdryacmwD9dOvZXtEFgOwKmh5-qocR-xR5wPLLJyAfSvakD_fJEiaT4JUc2jv3UyaAagT2zEL6cerGatK9cSr8uYdA9tScPPv1SucvFUYtiPoLj-ZnWwQIr3QAMBPxcc9Vq3HKhFaAmcV6PmIHWk_mPubW2qFkJ3818fvYDBF3huLM5SaV3pd-nWWrv8qhrLdhfQZypCzYtl5cGc96UOAjQghPjnMHbcoxky_Kpr58VzPoFbtuK_z7qVGbtV_5zOppLNDoaBaqS5tMXxhZNc-UK195N1nC7b-KHKVIuGPW21BIaWYMyehxtNY5YX_1_-d9e7a3wB5JH7jbFKRvMD8j3jgeBYUJtnjSLc6J_Xi_bZ3FAPdbP3-uCVgF01hmuKrIVubCC4IS3g3lAp2EMTbvhYBIgZ3f-FB_YanYBkZY5KhYZyX4vVzUc3thR6X6KJQJOr3_wE-50Ea4KoYargYLv4SnkJtm8bwpZyW87XKa1J7hEsTQlZbwXD9amgcEn9KXED7KXGJdRSs2k6SIABt_PLNWbisumaVa_1h-4H3Tz-qQWJC1VfxkT3Tb_WL28eGvfwnr9F0sqlQbh15ydwS1gtqdZ3h2jVMcBzMINB8gKQadMKh2voBHZVO26n9b9w3rDSUllDqTTW-It3914WTNcVfJ6V2L-rz4qM&cid=CAQSOwBpAlJWAvzaDlreFTFZLLsdvvz9zdBOO3ivEHYh1WX8QYCZYEBfWVQKCYijYOnzuKkJueFoZVgKTP2YGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fcutty.app%2F&ds=l&xdt=1&iif=1&cor=16618454949763360000&adk=2086295851&idt=95&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 14:01:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
85481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Sep 2023 14:01:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2B66 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
554673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 70AD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Sat, 02 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2B66 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93e9ef03b16f27c5d59d31519ffe0e01977f087b5a4c492a739e179d811a22b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AF05 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
458043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		202 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5b34764495006b6eda98c2d81cc12ddd10c0de6f2d039a8dfe30081fb094573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
26421
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Sep 2023 11:02:53 GMT
expires
Sat, 31 Aug 2024 11:02:53 GMT
last-modified
Tue, 16 May 2023 14:30:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2B66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8KlwQT8Lcw8urZPMggPh86kAdEKLCoK3H375uIMYTn7Vk-x_FA0DVW_0d9ha6FBj2_Ffz2wrQ2j20ngw-aZo3TzZ7PFk0lRpFIGQZBs5-WB7ar1z-Lv-852mKZqjjC-eejrzg_-sKTbS80qCaBEkWmQ6b6QfmRo_bL4xZhMwnYzl32Qz56rOKnMvYuftvkcOqBePVyiZC8gGt5rVB7PZtr-J9DesAK5zWCojNLHHGg23NhJPH_UkRiG7-3u3aMuE8AHqdU9CHXbdjjHIjPhOy9GNOWgwkqUZWFCHuHcXggZqebIyiPn1EgPIVoET_3-WWjlxYR5KjtBJ1O7SlsA_pIvhhK_-lH7iYQaKDXchZjbeFT-fMQ1mj4rI_O4cXRo_7ETRfAQljS14n9Qilj6DGa5todR5-JFu38c74DloLaMYag9lU_MxoBQ4obKSdCUok-X9aBB4Ic_0nlArYxLPH4nYmM0sll6NT2zu_ja8Pu7_6izXWfJtMcAZFAOoC-pXN7GnFelSFVzDsfnNiOtuka7haTKueSS_uLZL0RUbYNE3Q4LPwR3foO6KWk8XHTbW3451xLEsqWjn4lCglej2v0CluDuUrMtAyzeEIs7T_7rTTm9wIm3DHxFF7bVH3nr8QpLQbyOV9Qnf1zWgrO-vf4LkcST26QiNhxC_b289jsKOj3iStUJy0dIczH9VQJ5U5GJz8cq33SMk8JWSzPiRLzg26ZVv5_21zFfllvaFPhufxEhcrcrLTXxPqUQI8cA7bCfyyPwaQywoigx5fcboEWs3XbJCu-vv6U4DSMIr3rZ8pinOYKe5w4o2rDJK1TMZdUmyuogrizusiCA8ePvAgSTjoRhr-2atHnqjofkQqMFZzOX9KqPtdJTqn4lSbHSOg4ZMI2RPhQULD-SzIGWfA1k3BifpsL1nrBQ54d-gugxTl3eKznEAx_SnTev-es8ctxyBGrrzfecmVLBSvRkiNkADiRQnT9xn9EcdtoLPuNFshBRDHuoGdiqqvT1H688pUkUST1cXhEZRW6LN8025GGmf3EGF2mxA8kZ39XN5u0HkROR_tUBjVjM5aYsta3roBL3vfKdXZqpfoNnkwaKORpqEuvc-JMI0ynCiUoitzwAbzBsk_J4PkBfclQYSgaWRfKIMNhQvZq1FU08BXITxV_nNWU6hcUewq1oL5Ij1Wy9DiNr7_yOqt3sQdt7XIMTcQdx0zB1DbqRn2uQyqJzeKAvlQGoqt7xUIjdgdrkFrYW7DWv8DVNqKbBPa0_4YJ7BPmTst0DjABg&sai=AMfl-YT_bGQzudhrW0pWm3yGRCy300JlSyxzFkvBp0d94X1XO9j2mU-W7L-2THJfA__yuaGSF6IqvVtkRpO8ZZddjs6cErDqzoitW3Wm_1O8fH68RJmlqcj0xAb33DroWDRA6Abdyi71KwQiW1CR_mnhQM5-RZVj4_aapsQJNTm4bjLgqzDDEct4JhDpMh3ppvxQvZxJ5Yx40Yn8egLETosStlnNpPDn_Qsncys0h_3AGXGJFlMuCFqoPWKJJZ_G3p3Kwf1ChTSBbES8g4hw0Igv0e7x4qT2&sig=Cg0ArKJSzHGDq1eBYqc5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=95&cbvp=1&cstd=92&cisv=r20230830.59574&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Sep 2023 13:45:48 GMT
pixel
cm.g.doubleclick.net/ Frame 70AD
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELuWscZm-r7e4-DcZe4C-HU&google_cver=1&google_push=AXcoOmQDtiMoHeq925TEcT0_rUoot3S5ANeVoRwsrpYd1e44GPhpQTOiX2KcZsYUx9WQxppIvtgIe9bmjGGy-vgwZDTvyUsCHrHjKU...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5CCBC6124D442A4A3023A9D9344E674&google_push=AXcoOmQDtiMoHeq925TEcT0_rUoot3S5ANeVoRwsrpYd1e44GPhpQTOiX2KcZsYUx9WQxppIvtgIe9bmjGGy-vg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5CCBC6124D442A4A3023A9D9344E674&google_push=AXcoOmQDtiMoHeq925TEcT0_rUoot3S5ANeVoRwsrpYd1e44GPhpQTOiX2KcZsYUx9WQxppIvtgIe9bmjGGy-vgwZDTvyUsCHrHjKUj9-6QRBfN2RF27gEDDXkxw0_eAfZMhywD1Oz7irfLA
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Sep 2023 13:45:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D5CCBC6124D442A4A3023A9D9344E674&google_push=AXcoOmQDtiMoHeq925TEcT0_rUoot3S5ANeVoRwsrpYd1e44GPhpQTOiX2KcZsYUx9WQxppIvtgIe9bmjGGy-vgwZDTvyUsCHrHjKUj9-6QRBfN2RF27gEDDXkxw0_eAfZMhywD1Oz7irfLA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 31 Aug 2023 13:45:48 GMT
sync
x.bidswitch.net/ Frame 70AD 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJkz2WnMrpcCduFR0BXHW4Q&google_cver=1&google_push=AXcoOmRgSfNwwjR9VkS7dagsFI6IZelPFmFJ8SbiXrhfHeNVvetj6l1w1EV_MJT-D-E6v9hmpqAsDwdCeVrt5adgzdSOD32yfuypORIrRr0oQsdQzUmOVuSIA1P8w6CDPDP5v-zO8hAWUr4S
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.109.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-109-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 70AD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS0PQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-TUsNb5bvfTJaYIrF65ozGtU3o6iwRv_aHu7o8A&google_push=AXcoOmS0PQFHOuerU-UzF2vAIioCDi0y_1hTAy5gqOv_xzD7Uw95zfBrtz62PwFN9eADxdXFu31NKqHvytJ7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-TUsNb5bvfTJaYIrF65ozGtU3o6iwRv_aHu7o8A&google_push=AXcoOmS0PQFHOuerU-UzF2vAIioCDi0y_1hTAy5gqOv_xzD7Uw95zfBrtz62PwFN9eADxdXFu31NKqHvytJ7AjuI2TS5ooPb6v5v4tK8_CatFxRrJR7FsT2TaRXx-a67yQZg8Sv2UCclzDlM
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-TUsNb5bvfTJaYIrF65ozGtU3o6iwRv_aHu7o8A&google_push=AXcoOmS0PQFHOuerU-UzF2vAIioCDi0y_1hTAy5gqOv_xzD7Uw95zfBrtz62PwFN9eADxdXFu31NKqHvytJ7AjuI2TS5ooPb6v5v4tK8_CatFxRrJR7FsT2TaRXx-a67yQZg8Sv2UCclzDlM
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1285450
content-length
0
expires
Fri, 01 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 70AD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENH7_3OCZdXQaGuJpoESwtY&google_cver=1&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVoPEpor...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENH7_3OCZdXQaGuJpoESwtY&google_cver=1&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVo...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE5NTY1ODk1OTI3NTk4ODM3MA&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVoPEp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE5NTY1ODk1OTI3NTk4ODM3MA&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVoPEporIJEteb4KebAIvYRUZZB7QKGj-pSV-NO0BEAfrTeKDk0kYgBA1LANpJ3Tf7Zz4Fm0
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzE5NTY1ODk1OTI3NTk4ODM3MA&google_push=AXcoOmRZVVNqezlJmId75bQhVgljCKTIJ51jYjofNHAmSkS2yXr_yaobGm5La4ItLJP0saETaVoPEporIJEteb4KebAIvYRUZZB7QKGj-pSV-NO0BEAfrTeKDk0kYgBA1LANpJ3Tf7Zz4Fm0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 70AD
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIIpXLCPrTjo5aduoEMqhgI&google_cver=1&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIIpXLCPrTjo5aduoEMqhgI&google_cver=1&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-yzJaFolDGKUAuQBSte6lIowPSXiTZ4W5UKBhoYnzbruO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-yzJaFolDGKUAuQBSte6lIowPSXiTZ4W5UKBhoYnzbruO6CWOdgnjsdl&google_hm=HP6ZuGZHrRe7YYGrSGm2yUPn
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 01 Sep 2023 13:45:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQWHZFnhxZhAHTQ_gqgFyTHKZRVg07aHGyIkj7HQIXXefLc3fHMhIP1APIJJGRyyiWS5cLEkPgPXxN9TasF-yzJaFolDGKUAuQBSte6lIowPSXiTZ4W5UKBhoYnzbruO6CWOdgnjsdl&google_hm=HP6ZuGZHrRe7YYGrSGm2yUPn
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
onetag-sys.com/match/ Frame 70AD
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJOmzV3qf4MT3HecoijNVa0&google_cver=1&google_push=AXcoOmSJikgh5NZdRQ2ClAcATiId5JLlRvZXYgESi6DC8cUf-U67KUdB9FR9JvgXxcspb2muXZCooW3ycnR...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJikgh5NZdRQ2ClAcATiId5JLlRvZXYgESi6DC8cUf-U67KUdB9FR9JvgXxcspb2muXZCooW3ycnRIcf6wHwoXI2RZ6nB4luc-pdyRliJU61MVDJ2F...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
sync-dmp.aura-dsp.com/match/ Frame 70AD 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 70AD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6p5ELd2FWKwpAPXWVNQ9_7M-Lq084zcCg1YnbsEpUgm2v5QV0XaUiuDobDsRvBZHRn8Ym_xo
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js
pagead2.googlesyndication.com/bg/ Frame AF05 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/cZSlmfR8SDt076FNoYIuLG5p7zquw_7CpDxGN0dSu4o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7194a599f47c483b74efa14da1822e2c6e69ef3aaec3fec2a43c46374752bb8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:29:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
256567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14792
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:29:41 GMT
4.js
static.adsafeprotected.com/ Frame 2B66
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1483906/71421243/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1012753603&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20166357794&bidurl=ht...
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_DOvxZLnPBbnDx_AP4sqy2AI&cbFunctionName=goog_wrapCb_DOvxZLnPBbnDx_AP4sqy2AI&true_pb=https%3A%2F%2Fstatic.adsa...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_DOvxZLnPBbnDx_AP4sqy2AI&cbFunctionName=goog_wrapCb_DOvxZLnPBbnDx_AP4sqy2AI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2394:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
date
Fri, 01 Sep 2023 07:04:00 GMT
x-amz-cf-pop
AMS1-P2
age
67268
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
gXNazrPWBhcP7rLg2P-1S-CRphehW2DUtv2ydLfBaEn6KAeDu430XQ==

Redirect headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_DOvxZLnPBbnDx_AP4sqy2AI&cbFunctionName=goog_wrapCb_DOvxZLnPBbnDx_AP4sqy2AI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8E50 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:28:02 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
23962666
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
wq8FTwEaSJzWfjkf2Jt6553CBoWvvXbgcaNxXTbCxxp-SvMSjQ9Ydg==
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsIVy,pingTime:-3,time:51,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:22%7D&br=c
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsIVz,pingTime:-6,time:52,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,rmeas:1,rend:0,renddet:DIV,siq:22%7D&tpiLookup=ao:cutty.app*&br=c
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsIVF,pingTime:-2,time:58,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:413,beZ:414,mfA:416,cmA:417,inA:418,inZ:421,prA:421,prZ:430,si:435,poA:436,poZ:458,cmZ:458,mfZ:458,loA:465,loZ:468,ltA:471,ltZ:471%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:22,sinceFw:34,readyFired:true%7D&br=c
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame D29A 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 06:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 06:58:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2B66 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv8KlwQT8Lcw8urZPMggPh86kAdEKLCoK3H375uIMYTn7Vk-x_FA0DVW_0d9ha6FBj2_Ffz2wrQ2j20ngw-aZo3TzZ7PFk0lRpFIGQZBs5-WB7ar1z-Lv-852mKZqjjC-eejrzg_-sKTbS80qCaBEkWmQ6b6QfmRo_bL4xZhMwnYzl32Qz56rOKnMvYuftvkcOqBePVyiZC8gGt5rVB7PZtr-J9DesAK5zWCojNLHHGg23NhJPH_UkRiG7-3u3aMuE8AHqdU9CHXbdjjHIjPhOy9GNOWgwkqUZWFCHuHcXggZqebIyiPn1EgPIVoET_3-WWjlxYR5KjtBJ1O7SlsA_pIvhhK_-lH7iYQaKDXchZjbeFT-fMQ1mj4rI_O4cXRo_7ETRfAQljS14n9Qilj6DGa5todR5-JFu38c74DloLaMYag9lU_MxoBQ4obKSdCUok-X9aBB4Ic_0nlArYxLPH4nYmM0sll6NT2zu_ja8Pu7_6izXWfJtMcAZFAOoC-pXN7GnFelSFVzDsfnNiOtuka7haTKueSS_uLZL0RUbYNE3Q4LPwR3foO6KWk8XHTbW3451xLEsqWjn4lCglej2v0CluDuUrMtAyzeEIs7T_7rTTm9wIm3DHxFF7bVH3nr8QpLQbyOV9Qnf1zWgrO-vf4LkcST26QiNhxC_b289jsKOj3iStUJy0dIczH9VQJ5U5GJz8cq33SMk8JWSzPiRLzg26ZVv5_21zFfllvaFPhufxEhcrcrLTXxPqUQI8cA7bCfyyPwaQywoigx5fcboEWs3XbJCu-vv6U4DSMIr3rZ8pinOYKe5w4o2rDJK1TMZdUmyuogrizusiCA8ePvAgSTjoRhr-2atHnqjofkQqMFZzOX9KqPtdJTqn4lSbHSOg4ZMI2RPhQULD-SzIGWfA1k3BifpsL1nrBQ54d-gugxTl3eKznEAx_SnTev-es8ctxyBGrrzfecmVLBSvRkiNkADiRQnT9xn9EcdtoLPuNFshBRDHuoGdiqqvT1H688pUkUST1cXhEZRW6LN8025GGmf3EGF2mxA8kZ39XN5u0HkROR_tUBjVjM5aYsta3roBL3vfKdXZqpfoNnkwaKORpqEuvc-JMI0ynCiUoitzwAbzBsk_J4PkBfclQYSgaWRfKIMNhQvZq1FU08BXITxV_nNWU6hcUewq1oL5Ij1Wy9DiNr7_yOqt3sQdt7XIMTcQdx0zB1DbqRn2uQyqJzeKAvlQGoqt7xUIjdgdrkFrYW7DWv8DVNqKbBPa0_4YJ7BPmTst0DjABg&sai=AMfl-YT_bGQzudhrW0pWm3yGRCy300JlSyxzFkvBp0d94X1XO9j2mU-W7L-2THJfA__yuaGSF6IqvVtkRpO8ZZddjs6cErDqzoitW3Wm_1O8fH68RJmlqcj0xAb33DroWDRA6Abdyi71KwQiW1CR_mnhQM5-RZVj4_aapsQJNTm4bjLgqzDDEct4JhDpMh3ppvxQvZxJ5Yx40Yn8egLETosStlnNpPDn_Qsncys0h_3AGXGJFlMuCFqoPWKJJZ_G3p3Kwf1ChTSBbES8g4hw0Igv0e7x4qT2&sig=Cg0ArKJSzHGDq1eBYqc5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=302&vt=11&dtpt=207&dett=3&cstd=92&cisv=r20230830.59574&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: cutty.app
URL: https://cutty.app/nPsV4TDBa9e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Sep 2023 13:45:48 GMT
BANNER_070722_728x90_CTA.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/BANNER_070722_728x90_CTA.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
125e861a8d3b5bebac241b015cfb300af64074e7ca3d1d4995dc30b340985b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:20:47 GMT
x-content-type-options
nosniff
age
224701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2213
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Aug 2024 23:20:47 GMT
BANNER_070722_728x90_txt2.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/BANNER_070722_728x90_txt2.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d94f6c7c9b49a30aa5494c31859d0529c31ec83bbfef45cfe16a3e2a01103ff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 04:06:40 GMT
x-content-type-options
nosniff
age
553148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4919
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 04:06:40 GMT
BANNER_070722_728x90_txt1.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/BANNER_070722_728x90_txt1.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f32e9aa99e63bda9902daa12c8e7e07382cfa33a7a912f2095034f250e3b40fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:41:30 GMT
x-content-type-options
nosniff
age
583458
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3832
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 19:41:30 GMT
BANNER_070722_728x90_VisaForAthens.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/BANNER_070722_728x90_VisaForAthens.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cbd9d31511a2ecf2262fa74ce60b55818130b9a71a8785ad70132cbd7c60d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 11:23:35 GMT
x-content-type-options
nosniff
age
8533
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1380
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Aug 2024 11:23:35 GMT
Asset_2.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		719 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/Asset_2.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c525e8be6368de47ba2bea0cb724717b24f4275c42b3531708f9153b2af2b21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:05:19 GMT
x-content-type-options
nosniff
age
34829
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
719
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Aug 2024 04:05:19 GMT
animate17.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/animate17.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a3715d8c862522754ae061fcfa87ce043498411f4cc740dd85f5469396342f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 08:12:53 GMT
x-content-type-options
nosniff
age
538375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3195
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 08:12:53 GMT
animate16.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/animate16.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e63626e17727ef7da0075e70b090e36be42c103dacde10641c75d1f6fdd7112f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:40:14 GMT
x-content-type-options
nosniff
age
57934
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3092
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Aug 2024 21:40:14 GMT
animate14.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/animate14.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6663ecaee2f26231bde38d378814e2a92d43002145a64ae07c4619fb276f3d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:01:34 GMT
x-content-type-options
nosniff
age
35054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2759
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Aug 2024 04:01:34 GMT
animate13.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/animate13.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12084860e9aeb2b66b3ac84bfd3d4b7bf3cc9a06992a5e501ec03fc03369102b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 04:06:40 GMT
x-content-type-options
nosniff
age
553148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3451
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 04:06:40 GMT
animate12.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/animate12.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f7058d379ecc2edaec6cc0a97b12af52b0aa581f5578e8d05e74bcb5b39b1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:33:40 GMT
x-content-type-options
nosniff
age
547928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3011
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 05:33:40 GMT
animate11.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/animate11.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8d593d6d13ffe1f55e92e5b98c079c2ab237cf504ac0a957260dee706424b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:18:46 GMT
x-content-type-options
nosniff
age
584822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2764
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 19:18:46 GMT
anim10.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim10.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb61e16aedb529f717c9c7c28820f1f0f1cc906e736849efbea5f06206053dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:01:34 GMT
x-content-type-options
nosniff
age
35054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3675
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Aug 2024 04:01:34 GMT
anim9.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim9.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4af046a2fdddf66634f67c0a50b65a1d8ba40567c0fc99a6da26b4cf3201a4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 03:52:02 GMT
x-content-type-options
nosniff
age
122026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2398
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Aug 2024 03:52:02 GMT
BANNER_070722_728x90_Athens_logo.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/BANNER_070722_728x90_Athens_logo.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d28a67a4609759757b1f488bc71f37176b59c08eb1c5bc133a292ebbdbb3342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:35:44 GMT
x-content-type-options
nosniff
age
583804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3210
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 19:35:44 GMT
anim8.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim8.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00aaf8caa25551af2e06587eb75be0197813b08c5bca3177d845064f796b7328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 13:13:54 GMT
x-content-type-options
nosniff
age
520314
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2354
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 13:13:54 GMT
anim7.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim7.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88a4232300f46ddf94188c046be290603b7399664ca50d861f5b7ad849534a03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:14:15 GMT
x-content-type-options
nosniff
age
549093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2321
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 05:14:15 GMT
anim6.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim6.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd9b0c30ee17fcf64584492bb686c786a60bb16b410c07461444eb0bb446213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:19:45 GMT
x-content-type-options
nosniff
age
33963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2513
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 31 Aug 2024 04:19:45 GMT
anim5.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim5.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bbf583a2bff56bacbd0b53bb61707a1d82fcfa0be764e63daaad351d9aa4bff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:04:57 GMT
x-content-type-options
nosniff
age
88851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2146
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Aug 2024 13:04:57 GMT
anim4.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim4.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c7b4530b3ec655482a3210d77b3f9e8b93169b8ba9b9e36fe9c438708f444d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 22:39:27 GMT
x-content-type-options
nosniff
age
572781
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4866
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 22:39:27 GMT
anim3.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim3.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72daee2d6856abec7537ca87f204082f3ceb2fab655fe62f6d7dfd18e8ddf35d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 15:08:11 GMT
x-content-type-options
nosniff
age
513457
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2312
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 15:08:11 GMT
anim2.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim2.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a5a07f1e0c394cc3c24e0d2ef1f8fcae22a11aec716719deb719f7b5143c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:34:53 GMT
x-content-type-options
nosniff
age
547855
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2448
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 05:34:53 GMT
anim1.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/anim1.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d08400d216169aa55a79ca488393777aafc83177eeb6a40581ffb60f684ed31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:09:15 GMT
x-content-type-options
nosniff
age
549393
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3473
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 05:09:15 GMT
BANNER_070722_728x90_Visa_logo.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/BANNER_070722_728x90_Visa_logo.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3db752a29046f73c3b0af0de734f8d3e565b148a98ae6cb216acd1513d59bc62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:19:26 GMT
x-content-type-options
nosniff
age
584782
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1503
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 19:19:26 GMT
Asset_1.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		861 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/Asset_1.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
089123e30139c65ad83414874bcb16e4a9310ceeb944592f30b42330a38f1b04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:15:54 GMT
x-content-type-options
nosniff
age
584994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
861
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 19:15:54 GMT
BANNER_070722_728x90_BG.png
s0.2mdn.net/sadbundle/14457655393029158324/ Frame D29A 		608 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14457655393029158324/BANNER_070722_728x90_BG.png
Requested by
Host: 9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
URL: https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76844daf19e70c2be0aec50c71f439c0b10dd3a26a4836cde661c0cded97dc03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14457655393029158324/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 11:45:19 GMT
x-content-type-options
nosniff
age
266429
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
608
x-xss-protection
0
last-modified
Tue, 16 May 2023 14:30:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Aug 2024 11:45:19 GMT
csi
csi.gstatic.com/ Frame F25D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lm0ne4qu&c=6044331307495&slotId=3022165653747.5&qqid=CJuW1oXGiYEDFdJn0wodWfsLDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=833&mt=video%2Fmp4&vs=640x360&dm=10000&met.4=vfl.ws
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4006:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AF05 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUg1ZDOvxZLnPBbnDx_AP4sqy2AIAAAAAOAHgBAI&bg=!b2ylbCPNAAZnwVY5R8E7ADQBe5WfOKZPy14QK7WlQu24EWeCvRNJVxs80FU99mLQGjOHun6Do1Vh_tfA0yDlbGW7mJF8AgAAAI1SAAAACGgBBwoAUNxmv6gsSAT65QeR8pz2BNrsaaTluAHjH-why9_O8LQoZ2VM09boHMJnY-93pIlyMmcw8sRPTrxJh_ERJFD9WGlWoxAm7qWaOenxwigP1IQFmQMQ3J7hQ8Lv-SvLkKCMv8CkpPxIkMCOAMSGY_lCncGQIZC9a09pEGDQN5kyIHIy8FyZ3UYiGhVV9SlkaKvV05OskmZ2AXuQR-mHKWrFdjGc0HJ9wwVjCNGS_sb_6fAWmGHj0Ryxq_NL-l8ubXqOtXcy6bUC4joHN0Y1KhUBJJ7LwIsdpXfBNMq_KCGzVrWRbYqv3CyZxJh8r-4UeW57KWiD41pVGGHjgoncWmCiNTV1ChosHfhK9Ap_SIkLL91_vzUszJHxiuAVFKTgsQoM6ydfRs5dXTBqkqND97Uri3iYKPrIrT3yvlBJcw4ipO_9m151Zt9wT0xJJCKZwYfUQdxkEoQZ7RUiE2-dIsOhzizjtdqjry5DuHTLhlk-N_8inZJjR5H6lgvZg4TEz1R-ie3RIXmZJ3E3ausEXKvWTkuZgLZk7UDgI8ZpUB-a_tWTB5rSGFv3Hlu16IW1pdn3piLO8w-Tjz0w9PQKsxgUsY2f7mbmEro_DAIb72yJsAUzBICuO7YnQUXHMcb-v3FGw8p3ET3MWVjGw1lT4_Vs6fISZ7vDAXZ54K3WXctFQr53HR_7H6z2urR9VpMXwnviHcAo9Xu8z3eK6zGOzBD1l9g5b3t3f-33R6akx9srq_Xcvggl_wCZeK7valoD5jrsT88qRH-XXIGYiZqjaAU9gGCTd87nmo1cvIKkB1X_GuPDfUQwI0Jc_p-oHAF476tAgJJ_wYrcviulPcBjkOmg5UMl9LuCjDjdWAZnuWTqezy4AW1DOAcd3lI5oEW9LIdIN2wHDKJaBqP7-PIaT1pTbJdUg2QxekIiOEnUgv5f2re1oo5e-cJQLEcmGmMYG0-8LpYMpc5fZ9-zOMwNT5yOsi7tHY6aE3T2Ro-Mgr-vbf3-DrEY-aKnKUQNR25vzRzZuDrhmXmvY0kLwaIY748iZKFkwkSZqhx1zVQakGSgzs0YTztzrgoYWmcBlTT6mp6L5o5xhDDHO_VAtkfkeepBkqb4LtwUs_PEOyf6oRA76gSg0e6abnIeB3vKnf4V03KMi8eGFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsJ21,pingTime:-10,time:452,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693575948752%7C%7C301d06d0de3d9be80520b2bcdfb1dc54%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7Ca803c5572143f11f206f6fe657c10660%7C%7C90773a6d31517bf1280b9c28e711fbec%7C%7C834e52e7ac366d1188107f620c1a0110%7C%7Cee2d9a0a37e595243d6281aba3610ab1%7C%7Cf4f693062c93794a1cd8f3f2ee96256b%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 8B8E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsto1v8dEV5OcKJ8e0-XOomWwhzxn6ogSSA5nLvxRMBTF-jvyBG8-RjHoKFY48cTDqmz1n8dmVJz1o_QLbKkVUrtnpIvVIRUwbt8tTZgh8yTjKbUDyDxdlJX5jwVD3uK4f7DTTJraT1AGtho&sai=AMfl-YRAt2hmvLytUSECs9ilzdVnCDVQ7bKjMpdfueB1pywUui9dbcI8a95VITO6XT3fvCnMtMEDQJLY_WaFGW9ux-jvYBULXmiKEQo0ccSiOCKA1kK7N0rHVhKSVqJZ&sig=Cg0ArKJSzJzDlEZOEhyWEAE&cid=CAQSPABpAlJWae2vCYhj0RirK1nUVxGyHs1-hwkdpmLRj_ilyFKjZRemrKefZJPxZzL7rJwXAPdtrayj2h6Q9BgB&id=ampim&o=415,275&d=770,300&ss=1600,1200&bs=1600,1200&mcvt=1030&mtos=0,0,1030,1030,1030&tos=0,0,1030,0,0&tfs=146&tls=1176&g=100&h=100&tt=1176&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA36 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujXkDeBFpNwLOpzd75mrafwTVd7j82TI_a37L7_T3Lvw3tYy5jb_161-tw9DbbcP8iiBRq1lwOy8ZAfbBCMcvVHS79LRdLHoNeLzPCC-00irbGG1JRMkvrt7P1FyV7FKa5Vqybl-bHYgmQ&sai=AMfl-YRPAdZ9HsW2RKo4UtdNujHopzii2W4OtvfhbO2B-_dwFEjGsQXQY-Mg-m5gs3VeIjE-LoOosR7OUhx1P9ynMyj768TtmeUGyBir7FKHG6qGxGSgMe1XlAtTUQs&sig=Cg0ArKJSzCwDP1X7kTZ3EAE&cid=CAQSOwBpAlJWR3KUYe8fGLaja32HNL82kxs-VczC6w9N-Ibjx4huipOXZx9S_05YYwEX0Qk4atmXjJRARaqjGAE&id=ampim&o=415,986&d=770,300&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=75&tls=1077&g=71.33333086967468&h=71.33333086967468&tt=1077&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cutty.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2B66 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXrWBsnSuSPZ3qtKFesk2Gmt-1SLgNYkLQbNChDRvsgXWX2ruP4ljJSHz9TDP4rFeVpCqA9087nqMs8S-ki_yufsF4VZLk8b_6DbeAktnWZwceMvpGlN5Loy7DnBPE37Y&sai=AMfl-YTdqRahY8xkZkgur288_6N0uZ6vMvYRCt2Z8H6KcIDkOPlgyEo2Rk7IgZUddmAKfEmWnuV5zxqn0EPKUU1EhMm51nmo8cIitMgIyHl0L64ZaP6HupaBWPjIVi4&sig=Cg0ArKJSzLH-D8hJ_OXrEAE&cid=CAQSOwBpAlJWAvzaDlreFTFZLLsdvvz9zdBOO3ivEHYh1WX8QYCZYEBfWVQKCYijYOnzuKkJueFoZVgKTP2YGAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=314726601&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693575947888&rpt=295&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsJbJ,time:1054,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1054,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0%5D,as:%5B1048~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:95,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:22,sis:163%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:49 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B66 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5879880632495&version=m202307240101&ct=76&x=1&cor=16618454949763360000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F25D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRSNL5huZZo0Szjek22C-UszeWO6uWTtksxScUTIZnQ7xsWgRoqp_EFD98gZi0j16FBYzVnW-fqlxBMiJb1Rxehu-j52BR09HCiLL_SpUvkyDI8WLt05xaHuQV7Ti0QMA&sai=AMfl-YQqDu5i-XTYNBcD5-5JqZrBDa5-9I6LyW-NoOKYngGVVMAxfO0spoaFdN7Hk0w_bP6gB6xfeCf5esspv-_rxgoFJZaUogACbdZtVbtUOw212dTJ5fxCyxiFPBrzg-QBLaJ4UtJ3UBHc3caK5A&sig=Cg0ArKJSzIJeE106NbATEAE&cid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ&id=lidarv&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,132,293,639%26tos%3D2061,0,0,0,0%26mtos%3D2061,2061,2061,2061,2061%26amtos%3D0,0,0,0,0%26mcvt%3D2061%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2268%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D207%26dur%3D10005%26vmtime%3D2312%26dtos%3D2061%26dtoss%3D1%26dvs%3D2061%26dfvs%3D2061%26dvpt%3D2268%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2061&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1693575947897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsJrZ,pingTime:1,time:2062,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D,%7Bpiv:100,vs:i,r:,t:1060%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1060,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1054~0,0~100%5D,as:%5B1054~728.90%5D%7D%7D,%7Bsl:i,t:1060,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:92,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:22,sis:163%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:50 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsJrZ,pingTime:1,time:2062,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D,%7Bpiv:100,vs:i,r:,t:1060%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1060,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1054~0,0~100%5D,as:%5B1054~728.90%5D%7D%7D,%7Bsl:i,t:1060,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:92,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:22,sis:163%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:50 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2B66 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1483906&asId=51922069-a06a-d711-a112-9e34dc59771f&tv=%7Bc:mYsJs0,pingTime:1,time:2063,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D,%7Bpiv:100,vs:i,r:,t:1060%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1060,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1054~0,0~100%5D,as:%5B1054~728.90%5D%7D%7D,%7Bsl:i,t:1060,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:92,fm:tOC45nD+11%7C12%7C13%7C14%7C15%7C161%7C162%7C17%7C18%7C19*.1483906-71421243%7C191%7C192%7C193%7C194%7C1a,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:22,sis:163,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:50 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame F25D
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:50 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Fri, 01 Sep 2023 13:45:50 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMI2JH4hcaJgQMVKiEGAB0kSgekEAAYACDF9rxbOhkIwejfZxD2g86dqAQYw8n14gMgsJjGkqURQhMIm5bWhcaJgQMV0mfTCh1Z-wsO;dc_rmcid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnm...
ade.googlesyndication.com/ddm/activity/ Frame F25D 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2JH4hcaJgQMVKiEGAB0kSgekEAAYACDF9rxbOhkIwejfZxD2g86dqAQYw8n14gMgsJjGkqURQhMIm5bWhcaJgQMV0mfTCh1Z-wsO;dc_rmcid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,132,293,639%26tos%3D2357,0,0,0,0%26mtos%3D2357,2357,2357,2357,2357%26amtos%3D0,0,0,0,0%26mcvt%3D2357%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2564%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D7%26pst%3D207%26dur%3D10005%26vmtime%3D2609%26dtos%3D296%26dtoss%3D2%26dvs%3D296%26dfvs%3D296%26dvpt%3D296%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2357,2357,2357,2357,2357%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2357;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1693575947897;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F25D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cex_kCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAcgDmwSqBOcBT9Ano6c_xXQAIAx-uQ_aFQAFLcEIXA2rWnlu1M5msDFgz1BIfYi9Z2baJwpLtAx97jKUnfhNPdvdNTVBeqWp0pZWk2SADjn8Y1zrixWGD1Cy4efE4PG9nvtktaPAlaYOS54sU1GCHhLPhYD7jy3HCPVjKi-rTU4p8_eQebILYc9aMnv2cz6pEb3tovh-d0l1Hk4OK2WPUzT2uyAt0DujlTpleR1TcLua0nX5cFoWo8pXRgHE4k3KaZsvDfr2alG3Ak1-rf5y4SlLOdLcRYRAF_WMfXWJc4Iu_mDeFOYcmJpSTliLoFiVwAT2g86dqATgBAOIBZKAjp5LkAYBoAZOgAfrnsFnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJHUsgNAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwU&sigh=9rK7AmeuGBQ&label=videoplaytime25&ad_mt=2610&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,132,293,639%26tos%3D2357,0,0,0,0%26mtos%3D2357,2357,2357,2357,2357%26amtos%3D0,0,0,0,0%26mcvt%3D2357%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2564%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D7%26pst%3D207%26dur%3D10005%26vmtime%3D2609%26dtos%3D296%26dtoss%3D2%26dvs%3D296%26dfvs%3D296%26dvpt%3D296%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2357,2357,2357,2357,2357%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2357&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1693575947897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame F25D
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUyIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:52 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=3b9a89c6-d28c-4395-be69-7a26f3a70a23&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1410065408%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Fri, 01 Sep 2023 13:45:52 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMI2JH4hcaJgQMVKiEGAB0kSgekEAAYACDF9rxbOhkIwejfZxD2g86dqAQYw8n14gMgsJjGkqURQhMIm5bWhcaJgQMV0mfTCh1Z-wsO;dc_rmcid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnm...
ade.googlesyndication.com/ddm/activity/ Frame F25D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2JH4hcaJgQMVKiEGAB0kSgekEAAYACDF9rxbOhkIwejfZxD2g86dqAQYw8n14gMgsJjGkqURQhMIm5bWhcaJgQMV0mfTCh1Z-wsO;dc_rmcid=CAQSTABpAlJWO1iSMHnflUVanEP5Ojf6sWtumyIQbd_3DO68bbzObr8QcRwrDUMjE-Ue0PiRWMcnmq5Shkqr-1bhI_R-6we-s2StDXSiCCgYAQ;eps=CIDhgBAQARgdMgKqAjoCgEBIvf3BOg;met=1;acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,132,293,639%26tos%3D4743,0,0,0,0%26mtos%3D4743,4743,4743,4743,4743%26amtos%3D0,0,0,0,0%26mcvt%3D4743%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4950%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D11%26pst%3D207%26dur%3D10005%26vmtime%3D5000%26dtos%3D2386%26dtoss%3D3%26dvs%3D2386%26dfvs%3D2386%26dvpt%3D2386%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2386,2386,2386,2386,2386%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4743;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1693575947897;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame F25D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cex_kCuvxZJvpMNLPzQbZ9q9wjsXT43CwmMaSpRGv6qK9wAEQASCVm8ohYK0CyAEFqQK7JQUI1TOyPqgDAcgDmwSqBOcBT9Ano6c_xXQAIAx-uQ_aFQAFLcEIXA2rWnlu1M5msDFgz1BIfYi9Z2baJwpLtAx97jKUnfhNPdvdNTVBeqWp0pZWk2SADjn8Y1zrixWGD1Cy4efE4PG9nvtktaPAlaYOS54sU1GCHhLPhYD7jy3HCPVjKi-rTU4p8_eQebILYc9aMnv2cz6pEb3tovh-d0l1Hk4OK2WPUzT2uyAt0DujlTpleR1TcLua0nX5cFoWo8pXRgHE4k3KaZsvDfr2alG3Ak1-rf5y4SlLOdLcRYRAF_WMfXWJc4Iu_mDeFOYcmJpSTliLoFiVwAT2g86dqATgBAOIBZKAjp5LkAYBoAZOgAfrnsFnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJHUsgNAbAT49m2FMgTw8n14gPQEwDYEwqIFAHYFAHQFQH4FgGAFwHoFwU&sigh=9rK7AmeuGBQ&label=videoplaytime50&ad_mt=5000&acvw=sv%3D954%26v%3D20230802%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,132,293,639%26tos%3D4743,0,0,0,0%26mtos%3D4743,4743,4743,4743,4743%26amtos%3D0,0,0,0,0%26mcvt%3D4743%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4950%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D11%26pst%3D207%26dur%3D10005%26vmtime%3D5000%26dtos%3D2386%26dtoss%3D3%26dvs%3D2386%26dfvs%3D2386%26dvpt%3D2386%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2386,2386,2386,2386,2386%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D509882850%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4743&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1693575947897
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Sep 2023 13:45:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOcagiJX7eqRwQ2E7pSrUAedwMX6phzz3bpvbfH6ZrHLHrpoNLSJ1fxwlZiFM-V99ywCbLLIeu9-Aff3jY2nW-IT-EKBOB-bGmI27F4uXaOhYPZ5Z5DvAIGU2P9z1GF6Pj420jNXWX7TdumUidYanlXEzYGD1K-pVlP4L-PRoLOi1HynOHA-7QnzEDtGlwyYVSakEg1UFdq30W4mP6cJFJnqKcmJ_w5fHRY46QE7v_Ys7URt05qK2u72iyBHgpT60YMio2UPic9qcK0iJtwIL6N-wmTcQvHhV9RehRxStYTLnzdNZMeqlVqDSjOyukcjJuNLcPBiYGDWXaEchXbMIpmdaN4ni-EmWp8QUi4DgE1hgtA7S7lBflaPJ8TnXK_dejrmA3sBU&sai=AMfl-YQVQCsbbxG2P_PxLfWP17TxSGkQvUpbJzGJEzNE4Jb7v-wPb3b-8q8shiS1t86XFr6ndCTzNEJ83X5MuGErkso-ohpJP0JzsA5uzO5P1hKWNDBLC85AB1DVO5g9d53cXH1S_r-Y0tj2vGp6TnNn&sig=Cg0ArKJSzP6LP-rqElptEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwzT3DqYsHUepjSPRMZKnY372lRhYS8FjlrtS-dYNi79m0KpBdc6-iaomtJTngiTH6HyiFrTqCJdSzhPtAMmvyWeJw9A09BEHAoRzEeV5mrxoWQPzp1jiJqtnmQy4zraXZicwyNnB6ppYEv3ee_cupgLDK5vqkr8AFdi-K_Cg4Bh25aMIQAGw2hbKYqtNN72K18zhuhyPj7nU9lG-nlrnUx2W2C5f4eYuYHcIKfoj9fFQVKtjKOpebJGHHZDjsb7-iAzy9sye90Mcjri-rcpqkyKN7Fontt9k9YCom4UEjjrtafb_Nob08_I976rFZ1ERgF5GYfzyIK5EVczEUqp2AWKy-ekE2VBbmblhEFOfpmfXPwrzidfQoFVE9hNV-Ri09_4wCQw&sai=AMfl-YQBQsK-HNOZZGZNjaY_zWK40pHN0Gf1qRzvtwL4qJv2oShLtCX8CWhwZeMAPf9Qc1w-tmkvI7b6egj6egIRIcwbmZ1a5s18N-PLYhyEmT45BOq1chgC_vMTll4imOt_NqyvHilNDsCLXrgJ6AEj&sig=Cg0ArKJSzPkw2Te4I3S_EAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNUlyfEpzDPbwD8IAj9XrVMHBW05WWZ_o_YoPf2mrewKj2rApvc156CRNCfQmG7oiZcElG7MIJsBGAl6JMfCejG2-0R2L3Qo8Q09GMtd-gg_W6-P0zqj9zq8Tlg0GnA2oncoeBTp1A3Lojk8WdQ6Sw8ZHSH_Z6OZzaFN6ozPUlCejcebkaNrCLSX32q8WCGflaUr_sj3IUwJWLbPN9Xfp5UH4HCmc3BoxjkKDNHUOeaun9KtGfucRXRFopEVvvsfVNIP1OSWaCvKiPBR_HoFpJYjvYs4kn9bigJr9StBBRwiC79uzEUotzmKsqrV670WkyPFzueBRZC_Os2cMtoew9dcCIJRkNpdQNuW3vo_3NyVC668A-eyMcxiDllhZVYHxbyOEwBL4&sai=AMfl-YRfHZC9zQkSXBjL_aPWwf0WOJs2mkT0jLBwJyapREEMQS2-RxE-9uK3dGRgnABwJ1ep4H07z0wPOr9ovFM&sig=Cg0ArKJSzG98pUFtuUXWEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPlPXbu67wCtqEdrEMnYkROa9pohEeNn96wL9uDq1hab5tMMZ9qOCg652mHH0H6I8L2DacRPfprXXdqpMSpZF5DxR4aXimH0DkH4eIgGdP1ZipDMheuU6YmfN6X5Uwh8zFjtfjodpyVXUqW7BhXggNPWesuFmPBZjUw3KtQKX7_yKTdPdi9cdWILJKK2yQ0UhmUaZ5CEvHUJddn_wFd6qggjeXRJXM3gDovyGjEuW7lZxtHGjtXBG5GpccicwD3Ujmw1YYU64SJVfQ3rSzijF_gRjMtM3DhB1eYYGlIKdC7K5S31nZ5076O0FNWLtIkiEFpHppgyItbfWGHuuJ8e5agHPadwra7S643SfOSYJdtRYcr-28Kg-AtAwmysVqcUgsQBFN1A&sai=AMfl-YTuP7aZPUQXxq_K2Vu7RVFSsXnGi3m1uDblOxsWNR7Hj4INXQQb-WDOhZj9OwAJbmuvt10wIa7PItEjDvlD3rEK9LRX-wLk4iTfCQAR2agX9HPNKUPRCBJNz8iWouM&sig=Cg0ArKJSzIpEgGdwZIylEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEJ3a65ZmZ8wVpHpKZy3kvlY&google_cver=1&google_push=AXcoOmR9dtJElrtRYrK5iKjB7F8L1yoQACixerI1QP9FgK74AWwXMBBfVkD6Amz7Cq3OroNfU9Yf_H_WKj7cYbhUrQNgIjS9XivAovxPFi8fSm3TgwQ6395lae_QgS8sT9NPKcd7KLK0iv5N

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| _0x3609 function| _0x22ec92 function| _0x2d6c string| k object| _dlezgt3vwd object| uh5yy66lso object| zfgformats function| setImmediate function| clearImmediate function| _lfvvvi function| _omtnp function| route function| a27_0x4375 function| a27_0x3d40 function| flash function| closeToast function| asset function| __ string| lang object| translations object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| gtag object| dataLayer string| shareUrl object| google_tag_manager object| google_tag_data function| a0_0x2e50 function| a0_0x6d35 object| webpackChunk function| a6_0xa73d function| a6_0x5745 function| a7_0x4cbe function| a7_0x416a function| _ function| axios function| onYouTubeIframeAPIReady object| gaGlobal object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup object| syncCallbacks object| recaptcha string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupplyTcI number| demandSupplyPDI number| demandSupplyDFSS number| demandSupplyCRR object| demandSupply object| googletag boolean| zfgonclickfirst object| regeneratorRuntime object| ph object| dspbjs object| demandSupplyFS object| _app boolean| zfgloadednative object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| _retranber number| google_unique_id object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

34 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n81dJJ-a4003b1d0506a2eca0-007
cuty.io/ Name: XSRF-TOKEN
Value: eyJpdiI6InZPQkg2bU9HK1hoc0FaZjFmSWJySHc9PSIsInZhbHVlIjoiWGx6NHAwYzJWb2JvM3BZbUtXbnhZbkhRQWhLVGhLdWNQSmMyOUpQQStqSFpiTTliSmdUM0szSWlCNllPM2VDL3haNjB0TDRSTHhxU2krV1BidzhCNU9iL3dwQ0ZUd3lTQ0R0MUhCeU8zYjBHZlUyd21DOW5QQkZNL0JjcUdUVUUiLCJtYWMiOiJiOGY5ZDdjMjVjZmQ4ZDA1OGYyYWZlZjYwZDM3ZmQ3N2M1NDZkNTNlMDZkNmQ4YjE2YWM0MmJkMjg5NzgyZDViIiwidGFnIjoiIn0%3D
cuty.io/ Name: cuty_session
Value: eyJpdiI6ImZZb1NUa2JNYVhNeEhUeVA3L2p6cnc9PSIsInZhbHVlIjoiWTRIa2IvT0JxQU81VEhBb0NaRHpDMGdaK0pmVTBtK0lNeVVCd0syOEJMcEg5ZzVjVDJ0L0E1RllzSTB4VUNSWXFQa1hRaDE0b2U1b1hiMlcxa2pPcHp0alltZzltcDg2Z1BzM29lUGJndy9KR1RyTnhVeHRrckxxWHZKRUtHM0wiLCJtYWMiOiJiNzU0NmFhMTk0NWMwNGNjMjJjYzVlYWE2MGNmYWVmNTc4NzRmNzI2ZDY2ZjI0NGQ0NGQ3NmQxNWQzMGI1YmUzIiwidGFnIjoiIn0%3D
cutty.app/ Name: XSRF-TOKEN
Value: eyJpdiI6InJiSGhuT0ZVS2dYeFg3V3doRlA3bWc9PSIsInZhbHVlIjoiMnp6em9sRFAxOUtBTHA2T0V0cjBuVzRzci9YeHJTQkhCUlhTa0c2VmphWks4ZHZBOCtlQjdnYnR0c3IwS2I3TXFUcWQ0UG92ZUhGTHZMNW1IZUVMck8zZmVaZVBaNzJkRkRBUDRKMy82Yk82cHkreXNpd1JvUXl6S2hFWGhseFIiLCJtYWMiOiI3OWExZTNmMzI3MzdjYjJlNTkwYTIyNDcxYzg0ZjZlNTc5NjdlMDFjM2M3ZWYxMWM1NDBlYjVjYWZkZDIzMDhmIiwidGFnIjoiIn0%3D
cutty.app/ Name: cuty_session
Value: eyJpdiI6IkVHWjkrKy81dHRQd2l6N0NTbHdZY3c9PSIsInZhbHVlIjoidk1tNTFXMkFqc1pXN01vWE1LOGlHaVhBOXlDSGZ6dEZzMGF6dDFZaEpNZUFFSjdLT2k0Wm51MnlET3lMaENadThZazR4SzFISHA5Qnlpb3E3NkZuUzU3dGduZWRlWHk0S1RBRzVieU9XWGRlNjluS3FURmZKN0xacHBBeGUyRXgiLCJtYWMiOiJmNTkwOTFjNzliNmU5NjhhYWY0NDUxNzRiZjI2NmUwZTY5MjU4ZDFkMzFmODEwY2Y5YmU1YjViZmQwMzJjZTk2IiwidGFnIjoiIn0%3D
cagothie.net/ Name: oaidts
Value: 1693575946
forbidcrenels.com/ Name: GL_UI4
Value: eJw9jd1OhDAYRGH5W3VBJ%2BEBfAQKAdlL40PsJSn0g60L7aZUiG9vY6JXczI5k%2FE875A%2Fw9%2FiEMEXr%2FFajGXbUDu%2BjZzVVVW3Q1OWfGSVKM59XZ7xINfO8n4mG%2BK4LtzYzm4hThMpMnLoBi0oxYuz%2Fpqb0rsKEfWGK5EiWpwxp0h6o%2FeVTB4gVHwhxB9Xo11GC%2F%2FUBgFjjWOpHPsFDnrNg%2BwRyUUq4YbZCQdWZFns4ek%2Bcztqs3RSxD6iyXBB8N9xHLilSZtvJILWm9V3QM%2Bi%2B%2Fd%2Ff4OdFYgFbXJw59peyfwA4tFN%2Fw%3D%3D
forbidcrenels.com/ Name: GL_GI10
Value: eJw1yE0KwjAQBtDMLCL%2BLT7oAbyAAZGKbqPixkvENJSgTsK0CN7ebtw9njGGmxU4VyyOO3dqXev2B1APvlzBUTC7JX0H%2BYIU7KdTwfIepNv4pK8soAj7Z8b6XDRtfYjPR5EElgHzqWrRMCZQtQQei2Xw0DUG9LH4AXI3HmI%3D
.cutty.app/ Name: _ga_GGDCMPL4QP
Value: GS1.1.1693575946.1.0.1693575946.0.0.0
.cutty.app/ Name: _ga
Value: GA1.1.985298903.1693575946
my.rtmark.net/ Name: ID
Value: d0bd599e71a04da6b1a535a308fc941f
live.demand.supply/ Name: demandSupplyTi
Value: 43f41700-f8dd-4521-82f1-b12d0b92c091
.demand.supply/ Name: __cf_bm
Value: G7Ppsn90C3tL1DazkBAp3QqoX9Usn8EZ6m9n7k.ejg8-1693575946-0-AZQuXP8jUiv7n6ZIoKsb7jd0mbAL9WFZyQjDvbi7C7bhGPkEdp2iivqZjEWMR2lbUQoyHZidGQiFQGrkaXOdXks=
cagothie.net/ Name: OAID
Value: d0bd599e71a04da6b1a535a308fc941f
cagothie.net/ Name: syncedCookie
Value: true
.cutty.app/ Name: cf_clearance
Value: RhajUd19FOeUtc1xDJC2mGmWEznUctAxX2SvVnobG2U-1693575946-0-1-30aaa5a4.fa8333ba.67abfa44-0.2.1693575946
eedsaung.net/ Name: scm
Value: 1
eedsaung.net/ Name: oaidts
Value: 1693575946
eedsaung.net/ Name: OAID
Value: d0bd599e71a04da6b1a535a308fc941f
.criteo.com/ Name: uid
Value: aeddf53a-1ab3-4013-8947-2a044cb2f364
.cutty.app/ Name: cto_bundle
Value: Rq7Uq19JeENRZVhxS09NcFpraXpldVF6MWZTaktNTzg3bnc2N3M5YTRnY1I3OFpkTGVRVnhzSHI1MTVqR3BUQjhEM3lVeDJGS2lxbjNXQ3hHQktyWVVLcFI0UDdDendFZFVkJTJGRDBzdzBDdlR6TnJURjlralBTOXRoaiUyQkREdEpvUGcyTkFvRVFhcE9MYUN3MGxubmVqRGE5YiUyRmclM0QlM0Q
.doubleclick.net/ Name: APC
Value: AfxxVi595hLfE0hAjjacO9ylaRu_Sol6DvijDzZPxzyafq6N-nggZw
.cutty.app/ Name: __gads
Value: ID=59bfdee02d1af869:T=1693575947:RT=1693575947:S=ALNI_MYEjF-bi5KWdY3gTjYzHRt5NHudLA
.cutty.app/ Name: __gpi
Value: UID=00000c94e7ca27bb:T=1693575947:RT=1693575947:S=ALNI_MYeGHKYytwUEtXmHqvNqyqZBUSWmg
.doubleclick.net/ Name: IDE
Value: AHWqTUmdVoSooqIICkP2QzzvBcOO4dkeh6U0ssv0wt2QQvM2ejEN5U8Efn5NlZqGL14
.casalemedia.com/ Name: CMID
Value: ZPHrDMTgeaZLMLL3manE3AAA
.casalemedia.com/ Name: CMPS
Value: 3322
.casalemedia.com/ Name: CMPRO
Value: 3322
.adnxs.com/ Name: uuid2
Value: 7402091122624173157
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$I>(kN`!@wnfH8K6pQK`!5=E<*L5?%M3[5QTObLKdG4.^*DlK%b?a%6kz9H6QvseAV#%nugO%v4VB%nm0`)r3OZ
.lijit.com/ Name: ljt_reader
Value: HP6ZuGZHrRe7YYGrSGm2yUPn
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: D5CCBC6124D442A4A3023A9D9344E674
.adform.net/ Name: uid
Value: 7195658959275988370

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9558be74280a9c7781b010d1f734f576.safeframe.googlesyndication.com
ade.googlesyndication.com
ap.lijit.com
api.demand.supply
bcp.crwdcntrl.net
bid.g.doubleclick.net
bit.ly
c1.adform.net
cagothie.net
cdn.ampproject.org
cdn.cuty.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
csi.gstatic.com
cutty.app
cuty.io
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eedsaung.net
fonts.googleapis.com
fonts.gstatic.com
forbidcrenels.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
my.rtmark.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
r3---sn-4g5ednss.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
sync-dmp.aura-dsp.com
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
unified.adsafeprotected.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
securepubads.g.doubleclick.net
sync-dmp.aura-dsp.com
www.googletagservices.com
139.45.195.8
139.45.197.238
139.45.197.242
141.95.33.111
142.250.185.226
142.250.74.194
142.91.159.88
178.250.1.11
178.250.7.11
18.192.109.4
18.66.97.88
185.80.39.216
2001:4860:4802:32::36
216.52.2.30
216.58.206.34
2600:1f18:1aca:4280:c0d8:7d82:2d60:fc5d
2600:9000:2250:3800:a:e047:753:6381
2600:9000:2394:de00:8:48e:53c0:93a1
2606:4700:10::6816:3456
2606:4700:20::ac43:4621
2606:4700:3037::ac43:a7fa
2606:4700::6810:5614
2606:4700::6810:8516
2a00:1450:4001:6b::8
2a00:1450:4001:801::2006
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4006:807::2003
2a02:2638:d::2
2a02:2638:d::d
34.252.126.23
34.252.227.148
34.91.62.186
34.96.70.87
37.157.6.232
37.252.171.149
44.213.203.90
51.38.120.206
52.51.159.118
67.199.248.11
74.125.133.154
006959287f9f6931969fa42b7711a464f100b0dba17cc79d9368818399d86072
00aaf8caa25551af2e06587eb75be0197813b08c5bca3177d845064f796b7328
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
07ac15d8d9f7da428c2d7e9b0ef5497717826bd353c567be0ddff6c7928470f2
07f65e34b5e456518f518d8ac77713b68e25abf7195fb7737514387d8dc73cc6
089123e30139c65ad83414874bcb16e4a9310ceeb944592f30b42330a38f1b04
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0a5b76c2c4870d1a9c047ccf65a824ccc977b49eab02cd0f405bb937ea3d1ff7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
12084860e9aeb2b66b3ac84bfd3d4b7bf3cc9a06992a5e501ec03fc03369102b
125e861a8d3b5bebac241b015cfb300af64074e7ca3d1d4995dc30b340985b75
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128667763ed4bd03e6610c75c11a9db7dfdfe860b9db8c44230c499ce8b33c7e
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
163412492738a4458887c0784da56fbbb1e273b0eabcd6dcd725cd3848041e8a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16a5a07f1e0c394cc3c24e0d2ef1f8fcae22a11aec716719deb719f7b5143c9c
16dbcc57734031f7f75e90a5d8a38cc992ba01e86a9cf7497a68346c8dbb4138
18a3715d8c862522754ae061fcfa87ce043498411f4cc740dd85f5469396342f
197fba1789cfe6e1c457fa9296fe7f5c96838dfca69b725e7e53b3069b97120e
1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224
1bbf583a2bff56bacbd0b53bb61707a1d82fcfa0be764e63daaad351d9aa4bff
1c525e8be6368de47ba2bea0cb724717b24f4275c42b3531708f9153b2af2b21
1d28a67a4609759757b1f488bc71f37176b59c08eb1c5bc133a292ebbdbb3342
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f7058d379ecc2edaec6cc0a97b12af52b0aa581f5578e8d05e74bcb5b39b1c6
260377417a07e6b901a64850dfb32ded9b6575217c7b26ccfe224d02babf1279
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f
28972da65eff0921023e1f848536b58089db254297d100f35d53deaf9428d557
28ccd76f69e6bdac8cbd6ccbce43db08972098d3187902247a757df6cae55d57
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2ac2558f96f7acb52a0807d7f6642761c59b43b55782c24251333b9cc7f1605c
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e6157f51724e71905159d2c0bac2adb5cebfb219ab9775af60adbde692d64fe
30c7b4530b3ec655482a3210d77b3f9e8b93169b8ba9b9e36fe9c438708f444d
30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f
3db752a29046f73c3b0af0de734f8d3e565b148a98ae6cb216acd1513d59bc62
3f923b0810647d90a4fe03ab1ee6ed8e1db5ab1c5295ace2aee5c116c390ad32
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46db770dbf6ef751fb2774a62943c97bc007b3508771f3a07f2221bfa5d89bd3
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c9aba2df9c8f2ffe4361be1e3fc535cd9d3061f08820bc0f3f4be19e218fba
53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c
542c84ef60476b6b2243da500bf9fbbb88097d03f5786e4c2ab623d385328a15
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556fc43f7d7c953e758680f4eea457bafda951931ce23575ed3a9ef029d8a9fc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563bb3e781b696f96ee531b4bd1d7623a196f5f3fb051326dd8960e3803d5d68
57dc266908af527913a6244e7bf5b858eeb9cda0d3d101da4a0d4d306b87196f
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5d1d84abbb19ad4aeaaeb027a53457b6ede619c3027871a7f0e413df0148b50b
5f1f7bc9f3770ec77fc089633e2020960a4427ce924dbec5255adf0cd1eaf0c8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d
6663ecaee2f26231bde38d378814e2a92d43002145a64ae07c4619fb276f3d29
6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e
691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7
7155ec09919bd13f4771ffa854055c943efc202394a20e4e4d9fc91230bacf5f
7194a599f47c483b74efa14da1822e2c6e69ef3aaec3fec2a43c46374752bb8a
72daee2d6856abec7537ca87f204082f3ceb2fab655fe62f6d7dfd18e8ddf35d
76844daf19e70c2be0aec50c71f439c0b10dd3a26a4836cde661c0cded97dc03
7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be
7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5
7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be
7d08400d216169aa55a79ca488393777aafc83177eeb6a40581ffb60f684ed31
7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81ce2c3965a19eaa540e6d5dd4e0ab45687cbe641691570c0c09df0502681489
833647d165ff5a4ff099cdafcd775ab2ac81e8900066e6b2b453cdcb5bb6bd96
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a710668848bc65c8b38bb5bc80e1e6c0d66def4eafc90fc375642f62338e78
88a4232300f46ddf94188c046be290603b7399664ca50d861f5b7ad849534a03
8ad2cd5801a4f257b4fe9e38c8bf0375347dab6a91ab51723f1b37d51b0818b9
8bec731f5264f3a23f23743b6c63d814f88b5f8bca0c55d273b8bcfa43cb2c48
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
93e9ef03b16f27c5d59d31519ffe0e01977f087b5a4c492a739e179d811a22b9
977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b768156e56bbfd266a5421b6ef761cfa5e1b54561f8b5c7fa309a5032aa8f82
9cbd9d31511a2ecf2262fa74ce60b55818130b9a71a8785ad70132cbd7c60d45
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9e87634b8235ed7b7bd95b8491b19c84e01a46f3a0caaaaac4231a6cfc4ba8eb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a161b37592653c4f84e2e54f49dd869a9f6ee980255234200c6ce48d503377cf
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5b34764495006b6eda98c2d81cc12ddd10c0de6f2d039a8dfe30081fb094573
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad2eb0187f598705c6dc0f71f6e941bf59ed00e47d7d645a27257f68b33ea661
ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d
af787a709cd41d49a965d747da0eb7fa2b0258d1c6083234ee897ff40d25a7ba
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0312bb2a1c664a1e47f77dd4d22bd7065f28082337c029a7891db83787f23cf
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b7d025cd571f87d465694f8f1fe68cb89d9f17e75de0536bedd8edb9751585a5
b8d593d6d13ffe1f55e92e5b98c079c2ab237cf504ac0a957260dee706424b19
bb61e16aedb529f717c9c7c28820f1f0f1cc906e736849efbea5f06206053dea
bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae
bbbf3324a14b5a6537a9c2fe97274668e4b8cc38b0bdc5f7d4a0e0d8bd7e24c4
bc4ac73156ce7e597bd7103ec814678f7522b85c26b37684f2daa3b7bf2080c2
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c4e13b675150973ba2454260044d6d1482f83150e3d38ac483e19a888464fcfc
c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cdbb28a61125e2f817cfca97dc459c63c43aee2210edb1678c69ea532c4847a3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf68ca7844a8290b38a4a03097af7808aeeaa2dbd8c8a1f4fecbc627c81eb81a
cfd9b0c30ee17fcf64584492bb686c786a60bb16b410c07461444eb0bb446213
d0112c66fd7b76151b98a13bd4136e331c7478a3278f7a19c74fd13a81dfe170
d29fcf3f45aeafee94a31ea2156baaf0e73c20a6c5118cdf33619e0fe8fdd8be
d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d94f6c7c9b49a30aa5494c31859d0529c31ec83bbfef45cfe16a3e2a01103ff2
d9f5053f18a79369492e44ab50584a78d6f424dbb46c5c8dd54e15d86227fb1d
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
e1a50a39278bad3e086b0726e3a7a3cd6187855d0268a48fb6c20688aad7a241
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63626e17727ef7da0075e70b090e36be42c103dacde10641c75d1f6fdd7112f
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e8aa999bfea523469a916fd4610e06aec165ce65a86dab97e02b013d827b9bfc
e95bff443ff3eecc70641ae379c5251e68c2c6179d38cb3113730d302e24745e
ea2a354493948de289261102dd81bab54d6789ed4d474a2790024515f5138658
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e
f32e9aa99e63bda9902daa12c8e7e07382cfa33a7a912f2095034f250e3b40fd
f4af046a2fdddf66634f67c0a50b65a1d8ba40567c0fc99a6da26b4cf3201a4c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd7cd22f8b04b8859934d3af2b90bb1e8af1ca74750e9492c24c44b4d03bbaf0