cutty.app Open in urlscan Pro
2606:4700:20::ac43:4621 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cuty.io/NDFkAmiS3q0
Effective URL:
https://cutty.app/NDFkAmiS3q0
Submission: On September 08 via manual (September 8th 2023, 7:20:55 am UTC) from US — Scanned from DE

Summary HTTP 200 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 34 domains to perform 200 HTTP transactions. The main IP is 2606:4700:20::ac43:4621, located in United States and belongs to CLOUDFLARENET, US. The main domain is cutty.app. The Cisco Umbrella rank of the primary domain is 660660.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2023. Valid for: a year.

This is the only time cutty.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2606:4700:303... 2606:4700:3036::ac43:8be5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700:20:... 2606:4700:20::ac43:4621	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	23.109.82.155 23.109.82.155	7979 (SERVERS-COM) (SERVERS-COM)
23	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:7000:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	54.217.80.122 54.217.80.122	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3 9	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.253.61.43 34.253.61.43	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:e201:bdb5:e43c:2ec	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	124.146.215.47 124.146.215.47	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:223... 2600:9000:223f:800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f18:1ac... 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803	14618 (AMAZON-AES) (AMAZON-AES)
200	43

28 2606:4700:3036::ac43:8be5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cuty.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cuty.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4621 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutty.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.155 (Netherlands)

ASN7979 (SERVERS-COM, US)

forbidcrenels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

cagothie.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

eedsaung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.80.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-80-122.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.39.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.61.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-61-43.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:e201:bdb5:e43c:2ec (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.47 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	283 KB
28	cuty.io 1 redirects cuty.io — Cisco Umbrella Rank: 461250 cdn.cuty.io — Cisco Umbrella Rank: 524114	880 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 393	253 KB
23	demand.supply live.demand.supply — Cisco Umbrella Rank: 42151	42 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 399	328 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	79 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1012 static.adsafeprotected.com — Cisco Umbrella Rank: 683 dt.adsafeprotected.com — Cisco Umbrella Rank: 607	113 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	318 KB
5	cutty.app 1 redirects cutty.app — Cisco Umbrella Rank: 660660	42 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629	3 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 455 mug.criteo.com — Cisco Umbrella Rank: 2500 dis.criteo.com — Cisco Umbrella Rank: 633	8 KB
4	eedsaung.net eedsaung.net — Cisco Umbrella Rank: 31057	145 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 828 id5-sync.com — Cisco Umbrella Rank: 432	27 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 958 bcp.crwdcntrl.net — Cisco Umbrella Rank: 940	12 KB
2	cagothie.net cagothie.net — Cisco Umbrella Rank: 81686	28 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	33 KB
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8021	233 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1207	1009 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1635	1 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 796	245 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490	712 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	265 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	57 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1492	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 351	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 653	14 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891	3 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10532	541 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1977	250 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	84 KB
1	forbidcrenels.com forbidcrenels.com — Cisco Umbrella Rank: 362514	1 KB
200	34

	Domain	Requested by
27	cdn.cuty.io	cutty.app cdn.cuty.io
23	live.demand.supply	cutty.app live.demand.supply client
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com cutty.app cdn.ampproject.org cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
21	pagead2.googlesyndication.com	cdn.cuty.io securepubads.g.doubleclick.net tpc.googlesyndication.com cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
14	s0.2mdn.net	cutty.app s0.2mdn.net
10	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net
9	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	cutty.app	1 redirects cutty.app
4	dt.adsafeprotected.com	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
4	static.adsafeprotected.com	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com srcdoc
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	eedsaung.net	cagothie.net eedsaung.net
4	fonts.googleapis.com	cutty.app securepubads.g.doubleclick.net
3	googleads4.g.doubleclick.net	cutty.app
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	cutty.app tpc.googlesyndication.com cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects cutty.app
2	googleads.g.doubleclick.net	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cagothie.net	cutty.app
1	cdnjs.cloudflare.com	s0.2mdn.net
1	rtb2-useast.e-volution.ai	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
1	tg.socdm.com	1 redirects
1	cs.media.net	1 redirects
1	rtb.openx.net	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
1	dis.criteo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
1	www.googletagservices.com	cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	my.rtmark.net	cagothie.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	cutty.app
1	forbidcrenels.com	cutty.app
1	cuty.io	1 redirects
200	47

This site contains links to these domains. Also see Links.

Domain
cuty.io
sulvo.com

Subject Issuer	Validity	Valid
cutty.app Cloudflare Inc ECC CA-3	`2023-07-05` - `2024-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cuty.io GTS CA 1P5	`2023-07-30` - `2023-10-28`	3 months	crt.sh
forbidcrenels.com R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cagothie.net R3	`2023-06-29` - `2023-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
eedsaung.net R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://cutty.app/NDFkAmiS3q0
Frame ID: 6FE2381B6E0FD28241F9179991DB6B48
Requests: 86 HTTP requests in this frame

Frame: https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
Frame ID: 40D8B7C926EE957C5879CB3A71CE91F4
Requests: 2 HTTP requests in this frame

Frame: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34374D1350FA671196DC96EEF624C01E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutty.app
Frame ID: 14DDA3E7C585F8427C6B799BF3622EBA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6F03137ACA6D0814E74EA5F91DB6CFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A1DB4F1BF0286B20715A361559451A1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: DF7262F837C32902C1E29911D1B1240B
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 1E0E0B6B104AB7C3F39BE48ED19D7E72
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 5F37C860E00A11867D35065BBAB5A3BE
Requests: 16 HTTP requests in this frame

Frame: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D2D68A02E7D45D24501443F696BA66B
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY6dKi7gEwAQ&v=APEucNUjYNIktBH6JaiQRWacJOPJ5-gL3sWSHg2pUByWDwu5whpzupN-gc-zxnXmLuD24dPqoRSwWAIF_-R3O273AgpShc7pt_molNDduTKV-i9qG_lE4mrr8CMOtyT4laceSPXDSoDIAyf9B4UqoVI8qAcsRk4aiy4EMbg497dvUxEDBEjBFtSgjNJwTna3F28JXA-sbLAS-LBjHH6Vn0cbe3hZ4N_n0Q
Frame ID: BE3882DA13DAAA2D44EB4DA1C69C51B6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E149B973FA61A64A7BD376E09A105F57
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5F7A7B980CBEEDC2FFDA35A25EE7C26
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13408741722857238719/index.html?ev=01_250
Frame ID: 1007DE80FD8F4B438A45CA37AE05DC1E
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1956F267ACABB1E1E090B2286B7148E7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: 18E1F4675B33BDBDFD7EE9B49432FBD9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shorten Links And Earn Money | Cuty

Page URL History Show full URLs

https://cuty.io/NDFkAmiS3q0 HTTP 302
https://cutty.app/NDFkAmiS3q0 Page URL

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

200
Requests

94 %
HTTPS

57 %
IPv6

34
Domains

47
Subdomains

43
IPs

8
Countries

2758 kB
Transfer

6321 kB
Size

31
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://cuty.io/

Search URL Search Domain Scan URL

URL: https://cuty.io/payout-rates
Title: Payment Rates

Search URL Search Domain Scan URL

URL: https://cuty.io/register
Title: Earn Money

Search URL Search Domain Scan URL

URL: https://cuty.io/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cuty.io/terms
Title: Terms Of Use

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://cutty.app/NDFkAmiS3q0&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cuty.io/NDFkAmiS3q0 HTTP 302
https://cutty.app/NDFkAmiS3q0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cutty.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js

Request Chain 82

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutty.app&sn=ChromeSyncframe&so=0&topUrl=cutty.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=mMdZmnxXcXB4RTdoTXdSeDVXeWVTVS9Oa2txSWRtd085eFVNSm5qMC9JUjg2anRGQzdGakVDdWJkekp4Q21mWnB3R3NGOFRGZ1BLNnhFY2VFSDdPeUd0NDJ5Z09UOTFBTkpGVUlvWVRidDhBMEs0eXI1RXR5RHFVaG1QbXZmWk56QnFBTndFenJZRDBVTWZXcEFYTysxcEVRakhZSjhZaG5DcGtLYUhxZGQ4YURiZnhFcXBLOUlQMElLQkxWdFdDbEo3R3M3cUdDdCsrZ2U0Z1ZOREZkUXlCWE9FRHUza1FNeG9jc3VVb1BoSDNyOGt2TWJNcGZoWkJJTzdkTzF4bWJET2hNaXRLM1JUZG1VcXNWeHRBQWxhU3FwZz09fA&cppv=2

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1

Request Chain 153

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPrLUckmldBPuNNmXOTNeAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGjvbnPdIKfb20UYzIAX24g&google_cver=1

Request Chain 155

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzE2MjM3NTU0NTg4OTQzMg%3D%3D

Request Chain 171

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO88Ru7jKu3V_sTFc-koW6w&google_cver=1&google_push=AXcoOmQyjSBb9A7z49YyvqBKYD59ytUBPL-B3SKdWSJu_51XH2gEeAlP0eOlYKWpzN2i0xViP7y2dlK8eZNPHHyf5QMEDoDdOLc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyjSBb9A7z49YyvqBKYD59ytUBPL-B3SKdWSJu_51XH2gEeAlP0eOlYKWpzN2i0xViP7y2dlK8eZNPHHyf5QMEDoDdOLc&google_hm=eS1QclhvdFZCRTJwRXpIaUdEN3lBeDZZd2lQRWNtU0FaaH5B

Request Chain 172

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTCPQhTbSu9WLLpdzDuu5e0DULOetLXYxvnO3Ydnv_Tb4rR1kpPxA1V7R1sJObWbIi5fpeU6sya4pQUIJzTE4EQk6eUjxo&google_gid=CAESEEzmt7vHfOe91YPlE37uSyQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lOwewhQhh5Rmcp6Y9mAEOQJUEw2kG31NdIkInQ&google_push=AXcoOmTCPQhTbSu9WLLpdzDuu5e0DULOetLXYxvnO3Ydnv_Tb4rR1kpPxA1V7R1sJObWbIi5fpeU6sya4pQUIJzTE4EQk6eUjxo

Request Chain 174

https://cs.media.net/cksync?type=g&google_gid=CAESEJDLLATPOsMkzUx01y1o9Sw&google_cver=1&google_push=AXcoOmTStxZMQUVQTwCd6-rHW93Zd25M2FNMyQCJcik4WKKx-dpp-3onsdkCq_vwPSH9kVshYJIRS5eDup7lLQtnCBfyUuMYug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&mn_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTStxZMQUVQTwCd6-rHW93Zd25M2FNMyQCJcik4WKKx-dpp-3onsdkCq_vwPSH9kVshYJIRS5eDup7lLQtnCBfyUuMYug&gdpr=&gdpr_consent=

Request Chain 175

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAThilY6keJ2AOFgL23_zqg&google_cver=1&google_push=AXcoOmRkft69NZilaEJKWACQFXcI4wU3MqS1owSQiwf2yLyOKAha8DZ8OSdyuLWPfBc0PprcB1GKcuwespJqNxuurK_q0moGlrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRkft69NZilaEJKWACQFXcI4wU3MqS1owSQiwf2yLyOKAha8DZ8OSdyuLWPfBc0PprcB1GKcuwespJqNxuurK_q0moGlrQ&google_hm=WlByTFVzQ284WGtBQUdVWlNLNEFBQUFB

Request Chain 192

https://fw.adsafeprotected.com/rfw/st/1496047/72037979/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013235800&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20318015734&bidurl=https://cutty.app/NDFkAmiS3q0&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hOJ2hrcGigDr8XkDDQ7lSD&adContainerId=brand_safety_Ucv6ZMiwJK_px_APi4SzoAk&cbFunctionName=goog_wrapCb_Ucv6ZMiwJK_px_APi4SzoAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fcutty.app&adsafe_type=y&adsafe_url=https%3A%2F%2Fcutty.app%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:22fc738e-9e7a-579f-f68d-d6ba93735a7e,c:nBPu4E,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-569775bf89-bstml,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tPfqQxe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1496047-72037979%7C191%7C192%7C1931%7C194,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:21,oid:3c9407ef-4e18-11ee-94d1-ce865441ea9f,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

200 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request NDFkAmiS3q0 Show response
cutty.app/
Redirect Chain

https://cuty.io/NDFkAmiS3q0
https://cutty.app/NDFkAmiS3q0

109 KB
37 KB

119ms
90ms

Document
text/html

2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c159e8042a06efe8917b5c68ba42929197eceb53d1023f329bdb5cdefd858f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 80356e509a071c60-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 07:20:47 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcsitC0hZvsw39dlVRKHpB4Ti1usobtreNRznlnBSRemzmZ%2F0ZKrPRhcYbR0Hha2C6CF%2FU%2FI02ftShqWZTQYWyO1LMET40aAFYOQopN0yLF21CqgCH1GkWo2BpsZ%2BRkQrzGmAZEYKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 80356e501dae9247-FRA
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 07:20:47 GMT
expires: -1
location: https://cutty.app/NDFkAmiS3q0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TugHReiiJQjShbBZQvPuefMHBvqgSydIMGYOxZ7uW8pXpjoc03rM333XWSDeM%2FY2RHnH2hvEHn5Ncokoxro6gP31dPhjI10XvziDenGTafWCBaChr%2BKMe7BmE2BX0JzQA2VB%2Fenf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 06:09:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 07:20:47 GMT

GET
H2 200 public.css
cdn.cuty.io/css/ 51 KB
10 KB 27ms
17ms Stylesheet
text/css 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21586841
cf-polished: origSize=52548
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Dec 2022 14:22:02 GMT
server: cloudflare
etag: W/"63ac510a-cd44"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmwK12YA1UvxmSN6T2%2FnVPjor6vXjLZz1VBnpuYkAgbQjvfT0QDI2PnV6ZMg%2BO%2BFn7HxCx5IsSHnAtvhqiUe7wajun8hpJAPCpIuZ%2BpZ%2FMFu0FGgo3aDXpidtuyNc9nSQ4EH7FtMYNZ%2FdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 80356e513eb69247-FRA
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 logo.svg
cdn.cuty.io/images/shared/ 6 KB
3 KB 32ms
30ms Image
image/svg+xml 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/logo.svg
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 20313987
etag: W/"63b16742-175a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ4FyZu7wDCJFu%2BqvK4bxrc3kNZgWPweGWmy9im7YXu2IcioU7K6QTIR6wgbl6beZrc4eTIgpHl9cgeIepEkaTYyqmD53icQJ3vXaEGsp83JCxUy72saYSxDfVFn7LGSG2VF4cL8pUNypA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 80356e514ec89247-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 locale-en.png
cdn.cuty.io/images/shared/ 24 KB
24 KB 21ms
20ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-en.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16956127
alt-svc: h3=":443"; ma=86400
content-length: 24647
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-6047"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXQ2vhtBDoN9crs3k3VuS1uOyEIP4OCaba8vTNyxjHCGrEvqcS43Cbv04Yt2rVTzn0jGcZkfkZBFLHks2emZVm8ITegwOMQCOoKMw9lhkulR2CxBm%2FtwtEIXDNtI4H6jloZrvczNS%2BItMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e515ecf9247-FRA
expires: Thu, 22 Feb 2024 07:01:03 GMT

GET
H2 200 arrow-down.svg
cdn.cuty.io/images/shared/ 220 B
538 B 29ms
27ms Image
image/svg+xml 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/arrow-down.svg
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21586841
etag: W/"63b16742-dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLhf4XgP23olFWyvO0jYKS1HL0C1UGxm%2FquEIzbFlRB8aSQ7Yvhdm6edAGh7P75vUvH3Dyy5W9l%2BzoZgFdpfcJosfEERHRzkFfFWFB8sUUVXkPEF3WHG3sVUUruQYndD1LTQwM3ItFG9Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 80356e515ed09247-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 locale-es.png
cdn.cuty.io/images/shared/ 12 KB
13 KB 29ms
28ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-es.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16948792
alt-svc: h3=":443"; ma=86400
content-length: 12579
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-3123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0qFKUakVMmAYNjVAM9RpXio1%2BHCUu03LSlH91ejd6RhYwbZr46b%2FIcVCdaWUaKI2J79KSRssgzrhEpYw58VqRm4KVrqf41RhYEYFRPp5G55yTiLyDhRbCbdxcwec7LegagtWAyUv7ZNzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e515ed29247-FRA
expires: Fri, 16 Feb 2024 21:24:25 GMT

GET
H2 200 locale-ar.png
cdn.cuty.io/images/shared/ 50 KB
50 KB 22ms
21ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-ar.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16955473
alt-svc: h3=":443"; ma=86400
content-length: 51070
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-c77e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvXiOre7aL1sCTTNg%2BEFC5HRgPMNovEv8d24xZkz%2B4oIMr63tVheXm67ZSm%2F4C2DkDkp64MKE3fhlZW4x1sPbb1dUebtGvsmp9z9YTMXtBlWEOqXvkPw0xd8NK5Jt1ftA%2BX4Fd1oakqHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e515ed39247-FRA
expires: Wed, 14 Feb 2024 21:05:04 GMT

GET
H2 200 locale-fr.png
cdn.cuty.io/images/shared/ 16 KB
16 KB 25ms
22ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-fr.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11499667
alt-svc: h3=":443"; ma=86400
content-length: 16411
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-401b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vld0MRdfdkEaI53R%2FANRnbaLF3g4jN%2FtJSgUaq%2FQ8%2B%2FX23KzRLmYG45%2BBpZnCF0vhJ%2BDqOr2R3iuyPC4Qv3BWqx3Lx4JtQc%2F83pCvz0dlOYYOOKaCf299Qukim1qMhRLonAprJN882Kjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e515ee49247-FRA
expires: Fri, 12 Jan 2024 18:04:16 GMT

GET
H2 200 burger.svg
cdn.cuty.io/images/shared/ 207 B
538 B 23ms
20ms Image
image/svg+xml 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/burger.svg
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21586841
etag: W/"63b16742-cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toP3iI0bsC4bW9Kf6eFxXdvVrcYonksnJuAJLZFmKoKGuIWc96w25%2F%2BoQN3ZktLkcIgpO%2B4BS7aHf3Zcc82%2BlB9jg0nSH4T6eWY6Niwyv2ha43IUtMFx5WrPEDIOZk7iJqTJSMc9M%2F3pkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 80356e515ee59247-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 x.svg
cdn.cuty.io/images/shared/ 209 B
525 B 28ms
25ms Image
image/svg+xml 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/x.svg
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21586840
etag: W/"63b16742-d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BpyYYI%2Fv9YTH3uoga2%2FphRINB9gr4c5tBkuYWcSS%2BjIC1NGR6Vo3gwQS2JUzq080bMOUSJBoSbOnfUFVWauIxsyOCOrA2SW%2By4KD94wr9VykldxZy%2BZCmknMOqAlFgLZM5MTQvcFnExpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 80356e515ee89247-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 facebook-icon.png
cdn.cuty.io/images/shared/ 409 B
785 B 27ms
24ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/facebook-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16945963
alt-svc: h3=":443"; ma=86400
content-length: 409
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-199"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Jn7Xekji6P9%2B8y0JdvSfwgkT1EIGpJCKfwqlZLMSrRpLPrx0tSBnYuRNhDuvpnOR6xuekUdHcQ5o2dBkGH%2FivZlvAq%2Fy7J%2FliUmvVoJayhTZsnpCGify095V412Cq9pLQ3NEmoVps7xpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516eea9247-FRA
expires: Sat, 03 Feb 2024 23:06:31 GMT

GET
H2 200 twitter-icon.png
cdn.cuty.io/images/shared/ 809 B
1 KB 24ms
21ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/twitter-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16955758
alt-svc: h3=":443"; ma=86400
content-length: 809
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-329"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HJgMiJL13o4ROdc5ku%2Faj4dMsbz8F2CpMW%2Bs%2F4ibz2QYCzHaEtgPIC0OI23Sm8mrX5ycLNaKVKHEp4QzMfz8E6gGiXqLluO6mXau5ViL%2FS4vZ5pXXuNZuen%2Blk9tAUtAgNcIdKzYWBEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516eec9247-FRA
expires: Fri, 09 Feb 2024 16:07:45 GMT

GET
H2 200 linkedin-icon.png
cdn.cuty.io/images/shared/ 222 KB
223 KB 40ms
37ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/linkedin-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11499667
alt-svc: h3=":443"; ma=86400
content-length: 227769
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-379b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1quQPhcGabRZeLU%2BrtH5fmRvboIaRB4bh6oC4jn9OAcpUuYkl1qMcfqE7gRFT%2BE8oKqXoncMTjxw6Sl92HoFOAeE1fmMjfeeZ30XoF9uD2NwQEAnXm10MnHUDQ6n0loB9DToWMnRR0Al7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516eed9247-FRA
expires: Sat, 24 Feb 2024 01:42:11 GMT

GET
H/1.1 200
OK 60028 Show response
forbidcrenels.com/1clkn/ 6 B
1 KB 85ms
20ms Script
application/javascript 23.109.82.155
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://forbidcrenels.com/1clkn/60028

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.155 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 07:20:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 350ms
302ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e2964ae83dbdb40f7fe78a5d553484a820e4c964e932c5c349a1f7b2737d18b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H913VYFTJTMGRG2WG00C550S
date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 1189
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"d94ff32e24df6d9db0f0b53fa8cf2c7a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 80356e519f315c20-FRA
link: <https://live.demand.supply/impl.v17.14.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/Y3V0dHkuYXBwLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 step-1.svg
cdn.cuty.io/images/public/ 2 KB
946 B 28ms
25ms Image
image/svg+xml 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-1.svg
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11497262
etag: W/"63b16742-658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN1a9Pshjh%2BI79VWZtAqFPpzN2Isnr7k4xgc%2BUaletAc41RNxX7preUxXkliKc9gcv6E78V4VXIMeJMjdmRf8ckMngV0xHw3jqNoAuvgSQYNq6GpPs2pP7t9%2FVKz8jll%2BQUKw6nrL2AyxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 80356e516eee9247-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 step-2.svg
cdn.cuty.io/images/public/ 2 KB
970 B 26ms
23ms Image
image/svg+xml 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-2.svg
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11497262
etag: W/"63b16742-607"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UonTmhNeTYYptHEvS16XMPNUo2oUvpwHelEfKuA1fQGSeew8czkYbI2usa4SeN3ZYF1kRTDKtUAFzvVZK0zpVjm9tDn3mcshKSlZ6valb2KfqOwFtebp6tlVFR4AIJ9XOEMW%2B2dLIJfOMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 80356e516eef9247-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 step-3.svg
cdn.cuty.io/images/public/ 1 KB
828 B 37ms
34ms Image
image/svg+xml 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-3.svg
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21586840
etag: W/"63b16742-45b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Azj0DeoudlLTZotOjh8SR1R498ysrV42puuwxxM61weCODV4zLMKAeVTk72bxxKEtPrATkRgegpjRx4KYHLp3riIzZPxqVbYvvx5R310wizcTHTHYLPAEb9oUK83rdtfAauxXMC2sbVjIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 80356e516ef09247-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 money-tree.png
cdn.cuty.io/images/public/ 27 KB
27 KB 35ms
32ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/money-tree.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16948792
alt-svc: h3=":443"; ma=86400
content-length: 27646
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-6bfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSdnu1EWeFAkkAsY9Kx454YfUB4iTJOHmTEauceRWzkSijfNjeuNn2vQWDBdUnI3ANJGCF%2B%2BKslxPCWl8zCFZ3FxQphHpVpTOA%2BGRPu5F8hLCkvbEeCw8kxTwCUzGO3EdZHsaatEWackOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516efa9247-FRA
expires: Sat, 24 Feb 2024 01:51:59 GMT

GET
H2 200 bitcoin.png
cdn.cuty.io/images/public/ 30 KB
30 KB 34ms
31ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/bitcoin.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19464253
alt-svc: h3=":443"; ma=86400
content-length: 30766
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-782e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYmooxSp5awAI1Z766aztQ9YvjiO7iO7voqtrHuatgNKFm%2BPIAltSfkEA6nt%2Fo%2FKtwFrc%2BzGmJd7aKPyrey03vlsBQyJNQAsxA1WjyGhWpXNl4Sz5OGnOUkACZW7qIGqUuVNA9WfUNU8jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516efb9247-FRA
expires: Thu, 25 Jan 2024 03:33:55 GMT

GET
H2 200 payeer.png
cdn.cuty.io/images/public/ 1 KB
2 KB 36ms
33ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/payeer.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17026203
alt-svc: h3=":443"; ma=86400
content-length: 1390
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-56e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii5ehjIP6Cck%2FXMub64h%2FPEgFOjoMyuKe%2BrlLPFjEIujEAKXW7j6%2FBw%2FoRryx7Yh5F57YuOkCBkAgHcU%2Fp3k7wK3P8aFfSSeDpBs9lWRhphWubsw9mgqC1kUJ4r0e2FZCNpGdLZRtIr4UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516efd9247-FRA
expires: Wed, 21 Feb 2024 02:01:23 GMT

GET
H2 200 paypal.png
cdn.cuty.io/images/public/ 24 KB
25 KB 38ms
35ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/paypal.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20269384
alt-svc: h3=":443"; ma=86400
content-length: 24721
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-6091"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5Q0ID1BeX43tJLLBs%2FY6dQAP1WFvQVXinHmDHEHD%2F6yP%2FAI8kwtpZNNk4u8Z33iWsNZdrVYHYTLbDtO%2FhImOcIJgsHZHZXDu8F0WY0r3LMX%2BwVeR2vrmvQwoy7%2Bg60CuPUoLUlo5S%2FdcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516efe9247-FRA
expires: Fri, 05 Jan 2024 17:57:05 GMT

GET
H2 200 perfectMoney.png
cdn.cuty.io/images/public/ 198 KB
198 KB 42ms
39ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/perfectMoney.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17572784
alt-svc: h3=":443"; ma=86400
content-length: 202386
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-31692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skbYoowWQRYUWS3XuBBJTZ%2BEQMm%2FuAYHkDVtuEi6TWJo4x0A7%2BXUYmUOfd9R8BqemERxOgIMIhz5q6sQIqVW0nXnJKXmUCa64ycRf0sDttz1J091hddLNqpkpr6q0v4i9%2FjVosAA5CYbXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516eff9247-FRA
expires: Wed, 14 Feb 2024 22:09:49 GMT

GET
H2 200 advcash.png
cdn.cuty.io/images/public/ 8 KB
8 KB 33ms
30ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/advcash.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17744283
alt-svc: h3=":443"; ma=86400
content-length: 8141
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-1fcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3xrMRkf9GvVwlp0ySNaml0Ua4eVtMyEwyxUuqUxbj0wm1IY1WdIoI%2BymQpIAPZiNDKTbIHwYUhgzm9AW4%2Ff6FkpoQnBDoFmnSIVMRyoiuxwOilAC0RHH0tFIDgnjFJe7pqCNk0TmbE%2FZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516f009247-FRA
expires: Sat, 03 Feb 2024 23:06:31 GMT

GET
H2 200 airtm.png
cdn.cuty.io/images/public/ 2 KB
2 KB 37ms
34ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/airtm.png
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18193676
alt-svc: h3=":443"; ma=86400
content-length: 1558
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJf6drtJPwwRASOxUCu5%2BK96dY%2BL8qMvTKGd2V6Gz63SNXrEwuy%2F4FE3ingbYa37WqGSm%2BInZ%2FY2MJjjeAxUqaIH%2Ba8v3wILLtCK8REyPhbNMbQ0Z1ISBkBgtyYN%2BUYJA2FvEsCtgvUOQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516f019247-FRA
expires: Fri, 26 Jan 2024 01:11:00 GMT

GET
H2 200 base.js Show response
cdn.cuty.io/js/layouts/ 104 KB
38 KB 31ms
28ms Script
application/javascript 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/layouts/base.js?id=7b6d921fa2998eec41905b028a5eea9c
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ac15d8d9f7da428c2d7e9b0ef5497717826bd353c567be0ddff6c7928470f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1583004
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 20 Aug 2023 23:37:17 GMT
server: cloudflare
etag: W/"64e2a3ad-19fc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKVT1%2BzWm7v3qXOUZW6hvXOe185VxvuMDwik1ablowSga43ZzBLnDoml25Gv5rJ7CqyFJZMoROpUhjvv1K8C%2BKhzPOy5gM0rE1d7mZh%2F8rS2HsKpnK7ZbRtiR0B02u8pQfkf5Hl35L8B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 80356e515ee39247-FRA
expires: Mon, 19 Aug 2024 23:37:19 GMT

GET
H2 200 first.js Show response
cdn.cuty.io/js/public/links/ 24 KB
8 KB 31ms
29ms Script
application/javascript 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/links/first.js?id=b5d70824436d5033e5470ea58edeaead
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ccd76f69e6bdac8cbd6ccbce43db08972098d3187902247a757df6cae55d57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1582981
cf-polished: origSize=24533
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 20 Aug 2023 23:37:17 GMT
server: cloudflare
etag: W/"64e2a3ad-5fd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ5r4BlWbEc3hfjZAurwQrmbjp6No%2B54hWcL3yfUPjfwV9Agb7G%2BiVqkLzeBBwobd3bO5%2FXyFMNl11jgT%2BoeZxfwNqnDYA4kgPvm%2BgxjQQoWfxy%2BUEZZIX12u3h5rwgVfKSfSSY2eqB78g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 80356e516f039247-FRA
expires: Mon, 19 Aug 2024 23:37:19 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 835
x-xss-protection: 1; mode=block
expires: Fri, 08 Sep 2023 07:20:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
84 KB 63ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd6b98fe58461dab80208f369c9a517d66f2b7d3e82b675c72f50b14a8e8e5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85291
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Sep 2023 07:20:47 GMT

GET
H2 200 nav-links.js Show response
cdn.cuty.io/js/public/layouts/_partials/ 3 KB
1 KB 39ms
36ms Script
application/javascript 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=f338899f8ebe21b8628b0734dae97eb9
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163412492738a4458887c0784da56fbbb1e273b0eabcd6dcd725cd3848041e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1583004
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 20 Aug 2023 23:37:17 GMT
server: cloudflare
etag: W/"64e2a3ad-c1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FerXHs7QsZojzPe46T8rlOisS17IhhkqWLq7Sx%2FcCOqCgVIs1lxJLIwAY53%2F7HhIpFlVLwyek1dZeunD1CchLBnsqNd6Fv7Oc77qbUlUGtGEnm04TVc66yG9611TtKrmk3QqnWXMB50etg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 80356e516f059247-FRA
expires: Mon, 19 Aug 2024 23:37:19 GMT

GET
H2 200 app.js Show response
cdn.cuty.io/js/public/layouts/ 335 KB
99 KB 47ms
44ms Script
application/javascript 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/layouts/app.js?id=41d39bd846fd307ea7c2c50356ee32dc
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0112c66fd7b76151b98a13bd4136e331c7478a3278f7a19c74fd13a81dfe170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1583004
cf-polished: origSize=343308
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 20 Aug 2023 23:37:17 GMT
server: cloudflare
etag: W/"64e2a3ad-53d0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wltxFUAouzA%2BOsPo7Wvm14fS1gmg1ovsRdX1W3lEovhpFSoMvaqxfk6yjJ2kKH9i68HO1uSdzZXNsycGPPGUMKZatcsacJ3s1l0jO7CpOQETGsG4KJb3vlK4UNxfUQjHR9eem%2BzXkOWF3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 80356e516f069247-FRA
expires: Mon, 19 Aug 2024 23:37:19 GMT

GET
H2 200 heading-background.png
cdn.cuty.io/images/public/ 95 KB
95 KB 34ms
34ms Image
image/png 2606:4700:3036::ac43:8be5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/heading-background.png
Requested by: Host: cdn.cuty.io
URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21586841
cf-polished: origSize=107203, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 96971
cf-bgj: imgq:85,h2pri
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
server: cloudflare
etag: "63b16742-1a2c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xWY2xs0x8EHXNwdjqvx2%2BKiulMHEUbkp9oDgFDyDo0dRbzuleNNPt4EEiEPVE0KZ8ETwDju%2FXdjpM0zpR56ohOSSmD5ENPKhqJLuBaAN66tY%2BWGeu7sdZJarwxJESLDZSTAyte77QpX6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 80356e516f099247-FRA
expires: Mon, 01 Jan 2024 10:59:14 GMT

HEAD
H2 200 NDFkAmiS3q0 Show response
cutty.app/ 0
971 B 59ms
59ms XHR
text/html 2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutty.app/NDFkAmiS3q0

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/NDFkAmiS3q0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LvBwdofEExChN92Kq8FGfHXPuRvsxA6OIpwiMi6nnQjBHgKP9RURxAjHSLXxqPZ%2Be4VseAN1oOnlEa2vmtTBrsoV2eD%2BdK5x3VaqWKLUy4Ir2ya%2F7x2H5fq%2F2Kv%2BbXiBHBbN%2FsELA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: must-revalidate, no-cache, no-store, private
cf-ray: 80356e51cbaf1c60-FRA
expires: -1

GET
H2 200 / Show response
cagothie.net/5/6246182/ 3 KB
2 KB 67ms
26ms XHR
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cagothie.net/5/6246182/?oo=1&aab=1
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8d96b8a02fdb833783f370a304b70914d2f1d349f4bdc9ce86cee72f878634ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: gzip
x-trace-id: b70527e569220987ab3161b6357117e9
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://cutty.app
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://me9qgidaa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
cagothie.net/ 78 KB
25 KB 66ms
25ms Script
text/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cagothie.net/tag.min.js

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

04aa8c8fd08ed9b9b26e66314da286da6bdda7131cb826cbd0855a475acac295

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 25223
x-trace-id: c2d075f32a7e1a004362569a20b3a60f
pragma: no-cache
last-modified: Tue, 05 Sep 2023 20:33:01 GMT
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 454 KB
183 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Sep 2024 07:10:17 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 11:50:45 GMT
x-content-type-options: nosniff
age: 502202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 11:50:45 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 158ms
122ms Fetch
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.cuty.io
URL: https://cdn.cuty.io/js/public/links/first.js?id=b5d70824436d5033e5470ea58edeaead

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50374
x-xss-protection: 0
server: cafe
etag: 9157445587767561464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 07:20:47 GMT

GET
H2

200

main.js Show response
cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/ Frame 40D8
Redirect Chain

https://cutty.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js

7 KB
4 KB

17ms
17ms

Script
application/javascript

2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutty.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Server

2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38fb8a26064b4a22c9e9d59726fbe3d1e93bf1abbc5e97ac7e084e4bb10b1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa0mkoCG%2B68G0ysI3lvh%2FRmicMzzxrtobt6IT%2FzGzcPxvcGj3epTbMY2nU6GHoUqjztSgVkGyW4eu6zuAOVWxkL%2BcPkg0Ugwzby6f1BiQX8hHIl16iibmTmOOQ4x3xbKIhv40lS0EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 80356e52ccc01c60-FRA

Redirect headers

date: Fri, 08 Sep 2023 07:20:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=187rJWY3qJK1uCPnuhfbg%2Bk4JGdfpW2PSO09E%2BEkDeQVmZMkk%2B2KOZuqK6dlMnmOMOuTEK5nEDqAHqoizUgTtkQkkFpp6vO35yNtBHwNicBl0JtFkMWqXPnAvoFDV1nQ6OZ4Kqbazw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js
cache-control: max-age=300, public
cf-ray: 80356e528c841c60-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=45je3960&_p=172745084&cid=216187640.1694157648&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694157647&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cutty.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
eedsaung.net/ 42 KB
16 KB 64ms
26ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/1?z=6246283
Requested by: Host: cagothie.net
URL: https://cagothie.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5964112f9f01e08a75fa6203a6f908946c7a8f74e06ae113076f57d0edb92e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-trace-id: 218ff89e081068d8816a1d892c15d3dd
pragma: no-cache
date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: gzip
x-sc: m1cIIbMxyy25ZD4hD4smRG5fhwy5zZo7COIp9BCUKUL0tE5NH5xlFMYMpqZHvc4mg3s_-cIaRe3qYsqJ8LWxrwwzTRM=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 47ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=d46b127d35854bf8ab164390a7c808b4

Requested by

Host: cagothie.net
URL: https://cagothie.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3b2acceca6aa51e66ab6cc70e328dae26a95edef508d395f43b7c34b6e9960b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cutty.app
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 80356e509a071c60 Show response
cutty.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 40D8 0
472 B 29ms
29ms XHR
text/plain 2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutty.app/cdn-cgi/challenge-platform/h/b/jsd/r/80356e509a071c60
Requested by: Host: cutty.app
URL: https://cutty.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Sep 2023 07:20:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80356e53de071c60-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPeXTbPZePbUGIzex7KC9WGfxvqgEq1jmqSptbysSmjIKdjlnCk9ThfptsTXP1oTylikx95TOc7J%2FdbCPmDZaCM4SWlLWcAKHnI%2F6l6cOTBJurur6IqrZLiouT9mX2yl4au8S%2BYtNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 impl.v17.14.2.js Show response
live.demand.supply/ 82 KB
27 KB 102ms
101ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.14.2.js
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H913VKQN69AD5D7PM815AE4H
date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 829186
cf-polished: origSize=84250
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3ce466eb95e0d30ae9ee8f6ff9db4cdf-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80356e53d9d35c20-FRA

GET
H2 200 Y3V0dHkuYXBwLw== Show response
live.demand.supply/p4/v17-10-0/ 592 B
506 B 1049ms
1049ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/Y3V0dHkuYXBwLw==
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d26eb4a92c1b3a3e2fe0149d1e036e50837bc9d43dc52099bbd541c33bfbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80356e53d9d45c20-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 070415381a10b3075162cd0e38d81666 Show response
eedsaung.net/27/ 403 KB
128 KB 15ms
14ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eedsaung.net/27/070415381a10b3075162cd0e38d81666

Requested by

Host: eedsaung.net
URL: https://eedsaung.net/1?z=6246283

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3820310916466a4b86c1de8114ec8cfe8f8a259c121104587219e7d84f84b84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-trace-id: 3c33c90a3da3b0b72638c4a51ffe6fef
date: Fri, 08 Sep 2023 07:20:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Mon, 04 Sep 2023 08:40:46 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 04 Oct 2083 08:40:46 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
513 B 107ms
96ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=351&cs=c&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e53f86a37d2-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 124ms
75ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d6f4adf929ef93b222e4daa3095ad4cd1df19a84275e0f52157d3a80e4461c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29239
x-xss-protection: 0
server: cafe
etag: 885 / 19608 / m202308310101 / config-hash: 14316147286244117295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 07:20:48 GMT

GET
H3 200 Y3V0dHkuYXBwL05ERmtBbWlTM3Ew Show response
live.demand.supply/p4/v17-10-0/ 4 KB
2 KB 127ms
127ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40f8ea2bfde2d888d942907515a94f29afa37692851c9688e28e8100c572da79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 80356e53eeef4da1-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
587 B 126ms
117ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H8PSTADSXM1PZK3NZ3E5K842
date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 789719
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 80356e53f86c37d2-FRA
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 9
eedsaung.net/ Frame 0
0 41ms
13ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/9?z=6246283&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=d46b127d35854bf8ab164390a7c808b4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cutty.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cutty.app
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Fri, 08 Sep 2023 07:20:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

POST
H2 200 9 Show response
eedsaung.net/ 7 B
615 B 18ms
18ms XHR
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/9?z=6246283&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&sah=1200&drf=&hil=1&ist=0&oaid=d46b127d35854bf8ab164390a7c808b4
Requested by: Host: eedsaung.net
URL: https://eedsaung.net/27/070415381a10b3075162cd0e38d81666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c17bfab75060cf9c46755334079de97b
pragma: no-cache
date: Fri, 08 Sep 2023 07:20:48 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cutty.app
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cutty.app_fluid_lb+sq_firstpagelastbannerad1 Show response
live.demand.supply/cp/ 29 B
373 B 233ms
233ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6face8a048cce62fed7de77820ad5b56cb055b5599861a2400855bb4beed222d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80356e54993737d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

GET
H3 200 cutty.app_fluid_sq_firstpagemiddlebannerad1 Show response
live.demand.supply/cp/ 30 B
374 B 237ms
237ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_sq_firstpagemiddlebannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a87e749899b0a103057e430fcd48baa05bdd2af960a4b50328f664b5f80bff3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80356e54993d37d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 cutty.app_fluid_lb+sq_firstpagefirstbannerad2 Show response
live.demand.supply/cp/ 30 B
374 B 236ms
236ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagefirstbannerad2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23be6850d0096322d9dd70aec9560e03c58553e1781482a7dcd6dfbd8211563e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80356e54993f37d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H8PSA7NTWJ50M5BRVAHSKVAT
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790141
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0fc629973a14e2c5500b4fefff59da9a-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e54994237d2-FRA

GET
H3 200 cutty.app_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
373 B 147ms
147ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 247f7ed4f9cb2f22cdef40b161d075142fe4e3256cb081d9f76c6e135f246ff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 80356e54b96137d2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 403 KB
127 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 12:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68837
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129723
x-xss-protection: 0
server: cafe
etag: 14901160554504536944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Sep 2024 12:13:31 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 119ms
119ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&pdc=0.20457456707954405&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e55aa4b37d2-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 113ms
113ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H95R0W3H9SMVPKTQMTQBKKQX
date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 8594
etag: W/"ca59855b4714df36e4972d3d4157366d-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 80356e55a9154da1-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
482 B 108ms
108ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=cutty.app_auto_728x90_sticky_display_bottom&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H8PSA7NTWJ50M5BRVAHSKVAT
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790141
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0fc629973a14e2c5500b4fefff59da9a-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e55aa5037d2-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 36ms
7ms Script
text/javascript 2600:9000:2250:7000:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Fri, 08 Sep 2023 03:41:04 GMT
Via: 1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 13185
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: _6zbnOaXgLY21CJa-yWUQZfn3PCbwMD6qedxmgXV0saK3HBiZRb63Q==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 45ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Sep 2023 07:20:48 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 32ms
7ms Script
text/javascript 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 16:15:11 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 54338
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: llQ7nIGqOIxJpiiTrjPhz6_7ZtoQuBHwyqvFnYXKXkyR8mm9ykwwnw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 40ms
19ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: ZFVZW4BMWQH0WAFF
age: 1361
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80356e55fa2e18b7-FRA
x-amz-id-2: yXproXFqZowzwcgdBR2Ocn+McBpXQP2TwVpoTZ4g6/S6M1yrcBbUCIGtLuiawgMPnO8Qzt34Vz4=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 35ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3636
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef6BChZxdKglGQI2CHb2%2ByhtxcQRrGfS1QszAk8b7muWfaBWKXMTAI8JQqRFL4a5ZU0cqKavwxo%2BpbM%2BWafgHu%2Fvi4QL8F9dDcvNVB1A%2BHS%2F0W6kKrnIEOXwBp3htyLN0vIeAXtQIFw%2FgB0658w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80356e55f9cb6937-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 47ms
23ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 36cbb1f6ebc2db02412700e5be30627b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 747 B
417 B 771ms
771ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=764532298161765&correlator=1990849918085998&eid=31076399%2C21065725&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C149d7a2a-7ae3-45aa-953f-24e672858d8a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694157648282&lmt=1694150448&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=216187640.1694157648&ga_sid=1694157648&ga_hid=172745084&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl-OonacxSABSAghkEhkKCnB1YmNpZC5vcmcYl-OonacxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJfjqJ2nMUgAUgIIZBIXCghydGJob3VzZRiX46idpzFIAFICCGQSGQoKdWlkYXBpLmNvbRiX46idpzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfjqJ2nMUgAUgIIZA..&dlt=1694157647545&idt=615&prev_scp=ti%3Da85c4dfa-b8db-40c7-9f8f-845553e82fb2%26chrand%3Dy%26pof%3D0%26bid%3D0.13%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D77&adks=2333181210&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b3880805c8a69b1176084b7da79a298add01efb9cdbb2c561c67c999ab5e983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 386
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 57ms
56ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9376f3e30ddd47391a2b6bd1b0f7797e0013351591519fce3d028f0120c37670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11806
x-xss-protection: 0

GET
H2 200 container.html Show response
cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3437 6 KB
3 KB 89ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:20:48 GMT
expires: Sat, 07 Sep 2024 07:20:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&pdc=0.1933058738708496&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e560ac937d2-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
14 KB 391ms
390ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=764532298161765&correlator=2641613229789494&eid=31076399%2C21065725&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C4d3ee50e-9453-4613-a5ec-6919ef0a5e59&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694157648336&lmt=1694150448&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=216187640.1694157648&ga_sid=1694157648&ga_hid=172745084&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl-OonacxSABSAghkEhkKCnB1YmNpZC5vcmcYl-OonacxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJfjqJ2nMUgAUgIIZBIXCghydGJob3VzZRiX46idpzFIAFICCGQSGQoKdWlkYXBpLmNvbRiX46idpzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfjqJ2nMUgAUgIIZA..&dlt=1694157647545&idt=615&prev_scp=ti%3Da85c4dfa-b8db-40c7-9f8f-845553e82fb2%26chrand%3Dy%26pof%3D0%26bid%3D0.12%26bid-p%3Dgoogle%26bsc%3D77&adks=1423356822&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61591281e257f53702c40fe568e3a4f4d309abe626e9c59c1ed4ac2392f7b36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14384
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 100ms
99ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&pdc=0.17943955063819886&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e562ae937d2-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_sq_firstpagemiddlebannerad1&pdc=0.31701662540435793&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e562aea37d2-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
14 KB 441ms
440ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=764532298161765&correlator=2081636972710899&eid=31076399%2C21065725&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cadee2d8a-3edf-47b6-9259-9ab1f826967c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694157648357&lmt=1694150448&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=216187640.1694157648&ga_sid=1694157648&ga_hid=172745084&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl-OonacxSABSAghkEhkKCnB1YmNpZC5vcmcYl-OonacxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJfjqJ2nMUgAUgIIZBIXCghydGJob3VzZRiX46idpzFIAFICCGQSGQoKdWlkYXBpLmNvbRiX46idpzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfjqJ2nMUgAUgIIZA..&dlt=1694157647545&idt=615&prev_scp=ti%3Da85c4dfa-b8db-40c7-9f8f-845553e82fb2%26chrand%3Dy%26pof%3D0%26bid%3D0.28%26bid-p%3Dgoogle%26bsc%3D77&adks=3242891165&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b157d8c37258481c47d52b01bf39b0b6f989a59a8f7486df38ea6a155616fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14688
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
14 KB 409ms
408ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=764532298161765&correlator=3008285557157940&eid=31076399%2C21065725&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cd2a5005f-627e-40a8-a0c9-92075b36f18f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694157648369&lmt=1694150448&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=216187640.1694157648&ga_sid=1694157648&ga_hid=172745084&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl-OonacxSABSAghkEhkKCnB1YmNpZC5vcmcYl-OonacxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJfjqJ2nMUgAUgIIZBIXCghydGJob3VzZRiX46idpzFIAFICCGQSGQoKdWlkYXBpLmNvbRiX46idpzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGJfjqJ2nMUgAUgIIZA..&dlt=1694157647545&idt=615&prev_scp=ti%3Da85c4dfa-b8db-40c7-9f8f-845553e82fb2%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D77&adks=2505231385&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

870cfeb852a72c157887137a6ac4b86e921f18c65d1f3cbc1c8b4822ad2e10f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14737
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 111ms
37ms XHR
application/json 54.217.80.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.80.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-80-122.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0c2308dbc6a5170b95ff28b0734a9c083f25cf5dcf6cf6cfb526e9f1551b0058

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cutty.app
cache-control: no-cache
x-server: 10.45.3.131
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 07:20:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 14DD 15 KB
6 KB 41ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutty.app

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:20:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 240699
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
318 B 43ms
8ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cutty.app
date: Fri, 08 Sep 2023 07:20:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6F0 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 18:23:55 GMT
expires: Fri, 06 Sep 2024 18:23:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A1D 829 B
943 B 27ms
26ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82d969259539194fdcab87360e7f4567e6214287243beb8ca74cc5ad42040437

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TLP_TH_SPNUR66MusY4djQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-TLP_TH_SPNUR66MusY4djQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:20:48 GMT
expires: Fri, 08 Sep 2023 07:20:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 14DD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutty.app&sn=ChromeSyncframe&so=0&topUrl=cutty.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=mMdZmnxXcXB4RTdoTXdSeDVXeWVTVS9Oa2txSWRtd085eFVNSm5qMC9JUjg2anRGQzdGakVDdWJkekp4Q21mWnB3R3NGOFRGZ1BLNnhFY2VFSDdPeUd0NDJ5Z09UOTFBTkpGVUlvWVRidDhBMEs0eXI1RXR5RHFVaG1QbX...

425 B
651 B

185ms
20ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mMdZmnxXcXB4RTdoTXdSeDVXeWVTVS9Oa2txSWRtd085eFVNSm5qMC9JUjg2anRGQzdGakVDdWJkekp4Q21mWnB3R3NGOFRGZ1BLNnhFY2VFSDdPeUd0NDJ5Z09UOTFBTkpGVUlvWVRidDhBMEs0eXI1RXR5RHFVaG1QbXZmWk56QnFBTndFenJZRDBVTWZXcEFYTysxcEVRakhZSjhZaG5DcGtLYUhxZGQ4YURiZnhFcXBLOUlQMElLQkxWdFdDbEo3R3M3cUdDdCsrZ2U0Z1ZOREZkUXlCWE9FRHUza1FNeG9jc3VVb1BoSDNyOGt2TWJNcGZoWkJJTzdkTzF4bWJET2hNaXRLM1JUZG1VcXNWeHRBQWxhU3FwZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b8fbe418d6186e070a3e5c486bd099b896cd46e3fda53a1907d098a873b4cd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1356323
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=mMdZmnxXcXB4RTdoTXdSeDVXeWVTVS9Oa2txSWRtd085eFVNSm5qMC9JUjg2anRGQzdGakVDdWJkekp4Q21mWnB3R3NGOFRGZ1BLNnhFY2VFSDdPeUd0NDJ5Z09UOTFBTkpGVUlvWVRidDhBMEs0eXI1RXR5RHFVaG1QbXZmWk56QnFBTndFenJZRDBVTWZXcEFYTysxcEVRakhZSjhZaG5DcGtLYUhxZGQ4YURiZnhFcXBLOUlQMElLQkxWdFdDbEo3R3M3cUdDdCsrZ2U0Z1ZOREZkUXlCWE9FRHUza1FNeG9jc3VVb1BoSDNyOGt2TWJNcGZoWkJJTzdkTzF4bWJET2hNaXRLM1JUZG1VcXNWeHRBQWxhU3FwZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 313307
content-length: 0
expires: 0

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame B6F0 37 KB
14 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A1D 0
0 46ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=764532298161765&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B6F0 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qjQTBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame DF72 222 KB
62 KB 55ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 19:22:21 GMT
age: 215907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 19:22:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DF72 15 KB
5 KB 71ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Sep 2023 10:00:11 GMT
age: 163237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DF72 94 KB
28 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 05:50:45 GMT
age: 264603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 05:50:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DF72 5 KB
2 KB 72ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 16:22:50 GMT
age: 226678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 16:22:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame DF72 40 KB
13 KB 73ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 10:05:13 GMT
age: 249335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 10:05:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DF72 4 KB
751 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 06:18:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 07:20:48 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF72 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 21199
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Sep 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF72 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 57569
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 08 Sep 2023 15:21:19 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.12&b=2&r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&sy=f9ca461d-596b-4539-ae43-974eb5c2a4d2&ts=77&cd=2&pud=351&pus=c&pue=568&pid=103&pis=c&pie=727&ppd=128&pps=a&ppe=763&pcl=418&ttc=976&tti=1411&ttif=0&lca=763&lcak=ppe&lct=763&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=a85c4dfa-b8db-40c7-9f8f-845553e82fb2&e=lm&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e58cd8337d2-FRA

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12357652262579690384/ Frame DF72 44 KB
44 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12357652262579690384/14763004658117789537?w=600&h=314

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a362d15633d0360726021ae2bbab970573db776c7346f9ce1082be702220935c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 06:02:31 GMT
x-content-type-options: nosniff
age: 91097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44885
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 07:23:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Sep 2024 06:02:31 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16268371024137126798/ Frame DF72 3 KB
3 KB 12ms
12ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16268371024137126798/14763004658117789537?w=100&h=100

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19dd56cfd20afa7853bd825eb4506f59fbf9bdd7af48378681823e3e17809280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 04:24:57 GMT
x-content-type-options: nosniff
age: 183351
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2728
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 09:44:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Sep 2024 04:24:57 GMT

GET
DATA 200
OK truncated
/ Frame DF72 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d274fe3278ec409bc7aca70e549ba257f4c02fe7eb3d39e311e1ae59d164bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 1E0E 222 KB
61 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 19:22:21 GMT
age: 215907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 19:22:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1E0E 15 KB
5 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Sep 2023 10:00:11 GMT
age: 163237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 10:00:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1E0E 94 KB
28 KB 30ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 05:50:45 GMT
age: 264603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 05:50:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1E0E 5 KB
2 KB 36ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 16:22:50 GMT
age: 226678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 16:22:50 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 1E0E 40 KB
13 KB 37ms
32ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 10:05:13 GMT
age: 249335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 10:05:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1E0E 14 KB
1 KB 24ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 06:14:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 07:20:48 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E0E 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 21199
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Sep 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E0E 295 B
319 B 13ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 57569
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 08 Sep 2023 15:21:19 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 20ms
20ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.09&b=2&r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&sy=f9ca461d-596b-4539-ae43-974eb5c2a4d2&ts=77&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=a85c4dfa-b8db-40c7-9f8f-845553e82fb2&e=lm&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e591dd337d2-FRA

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DF72 16 KB
16 KB 14ms
0ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 222874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DF72 15 KB
15 KB 21ms
4ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 119552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 22:08:16 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12357652262579690384/ Frame 1E0E 44 KB
44 KB 28ms
13ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12357652262579690384/14763004658117789537?w=600&h=314

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a362d15633d0360726021ae2bbab970573db776c7346f9ce1082be702220935c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 06:02:31 GMT
x-content-type-options: nosniff
age: 91097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44885
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 07:23:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Sep 2024 06:02:31 GMT

GET
DATA 200
OK truncated
/ Frame 1E0E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E0E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1E0E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 385062a8cd160903beadb4448eb42b6ff31dc629b122304df04375ea04439845

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307272333000/ Frame 5F37 222 KB
61 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 19:22:21 GMT
age: 215907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62092
x-xss-protection: 0
server: sffe
etag: "72571316e23440c4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 19:22:21 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5F37 15 KB
5 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Sep 2023 10:00:11 GMT
age: 163237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0
server: sffe
etag: "85c6144a0af9a6d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Sep 2024 10:00:11 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5F37 94 KB
28 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 05:50:45 GMT
age: 264603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29055
x-xss-protection: 0
server: sffe
etag: "34be4077024c0aa5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 05:50:45 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5F37 5 KB
2 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 16:22:50 GMT
age: 226678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "a56399b21b8bf15b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 16:22:50 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 5F37 40 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Sep 2023 10:05:13 GMT
age: 249335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13018
x-xss-protection: 0
server: sffe
etag: "62ea6ad255afcfa9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Sep 2024 10:05:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5F37 14 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Sep 2023 07:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Sep 2023 06:10:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Sep 2023 07:20:48 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5F37 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 21199
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Sep 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5F37 295 B
319 B 8ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 57569
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 08 Sep 2023 15:21:19 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.28&b=1&r=cutty.app_fluid_sq_firstpagemiddlebannerad1&sy=f9ca461d-596b-4539-ae43-974eb5c2a4d2&ts=77&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=a85c4dfa-b8db-40c7-9f8f-845553e82fb2&e=lm&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:48 GMT
cf-cache-status: HIT
age: 790293
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e597e4737d2-FRA

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1E0E 33 KB
33 KB 18ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 180380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 05:14:28 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12357652262579690384/ Frame 5F37 44 KB
44 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12357652262579690384/14763004658117789537?w=600&h=314

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a362d15633d0360726021ae2bbab970573db776c7346f9ce1082be702220935c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 06:02:31 GMT
x-content-type-options: nosniff
age: 91097
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44885
x-xss-protection: 0
last-modified: Thu, 22 Jun 2023 07:23:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Sep 2024 06:02:31 GMT

GET
DATA 200
OK truncated
/ Frame 5F37 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5F37 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5F37 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49985e29684ff7121cf3bcd2d59f72da307318ac1cdf781373dbafd0509c6bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5F37 33 KB
33 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 180380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Sep 2024 05:14:28 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF72 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 21200
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Sep 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DF72 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 57570
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 08 Sep 2023 15:21:19 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E0E 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 01:27:29 GMT
x-content-type-options: nosniff
server: cafe
age: 21200
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 09 Sep 2023 01:27:29 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1E0E 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 57570
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 08 Sep 2023 15:21:19 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5F37 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 15:21:19 GMT
x-content-type-options: nosniff
server: cafe
age: 57570
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 08 Sep 2023 15:21:19 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
483 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&e=nai&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:49 GMT
cf-cache-status: HIT
age: 790294
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e5b081437d2-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 286ms
285ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=764532298161765&correlator=4260878339665339&eid=31076399%2C21065725&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C9dac83f1-e85e-4045-b0af-8939d8cf8b9f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D675199fb47fc4c48%3AT%3D1694157648%3ART%3D1694157648%3AS%3DALNI_MbWPNcllMrN-G2y18HDVbcPVwHciw&gpic=UID%3D00000c70307e432e%3AT%3D1694157648%3ART%3D1694157648%3AS%3DALNI_MZfadf8GVgT4kYV0fgGBF1gzOdY0Q&abxe=1&dt=1694157649136&lmt=1694150449&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FNDFkAmiS3q0&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=216187640.1694157648&ga_sid=1694157648&ga_hid=172745084&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl-OonacxSABSAghkEhkKCnB1YmNpZC5vcmcY-uOonacxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGJfjqJ2nMUgAUgIIZBIXCghydGJob3VzZRj946idpzFIAFICCGoSGQoKdWlkYXBpLmNvbRiX46idpzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMfkqJ2nMUgAUgIIag..&dlt=1694157647545&idt=615&prev_scp=ti%3Da85c4dfa-b8db-40c7-9f8f-845553e82fb2%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D77&adks=497554658&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

753ffaab6dc557badc6bfde512ce97782a8f812c8cb797e66b8a177b4bdea57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11473
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DF72 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Chl2FUMv6ZMHtFpSE-gbJ94yIBYO6tN5yr5Dw0OAR35ndg9kPEAEglZvKIWCVqpSCoAegAf6t0c0CyAEJqQL-S-wiq_mxPuACAKgDAcgDCqoEqwJP0LSAxUMxq2dcC0n068Ut-aZ-1R-uYdnbcyVZ5hY6I4MdbZuyLRgBJ_wyv2v-XWdMarTLY0ExK4ONT52K9IdEmY2LJ-NgKn6IAEdKllzgQxWuDhNo0pRfoQUL4Y18KWU0g93SYRe1NxHez8wxjQ5KmU05vnitJhvulybDsL0bjNidwqpM00CbrRxJTRCIcrTmVarf7IYA6AN3lxOkJdeOrVaYwoGtsNKPC-UcQKF1qBrtKXDoSj9lm9VognguhZx_OOnnCrzIV-lItsMrCdpSFKr0NMpHCuGW6rNtNBVDUyOdmSAdXlC20z1epR2yti-arzP58GRFWQSW-zh4sVlWgMaWrIsI89x9BxWjgXvHfbPOT4m0rpYTshe9oLRUrZMpNoEujw85qdyN28AE7oKa_7IE4AQBiAXG8OyeTJIFBAgEGAGSBQQIBRgEoAYugAfFo66yAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPjGCtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCSRodHRwczovL3d3dy5saWNodGJsaWNrLmRlL29la29zdHJvbS-ACgPICwG4E-QD2BMN0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=jaH3yb9RWYg&uach_m=[]&ase=2&cid=CAQSTABpAlJWW-iok6PjCti7TAR3PXJrtB4EpIgV3gPw5b2xA02Zc0XjUMSijMm8jo1aaHH185SjyoQTSTJvacBUm3XtrOIjZ9J2g1NlhocYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1E0E 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0CpTUMv6ZP3jGIj7x_AP1vqCsAiDurTeco-U8NDgEdyEw8eUDhABIJWbyiFglaqUgqAHoAH-rdHNAsgBCakC_kvsIqv5sT7gAgCoAwHIAwqqBLECT9D6Y03z6wD_d66gDJclRP70IxbEEg8-fGhsFc97u-hHOQXGZhgR0xOLHuHtzz_17I6cfMyxjEaU1SlLtqiKtgu8gbhcrNwDbiCJuvod7XxFPphzLPaVLBFolnABUL7KhfkE45JjBOZcYTiGF1dlYfg4eHZOae2zOpxb2WroWdmSoiFdAuogSxvM4PdhXFxHViZuIC6PDRZplXRmEW8He2p9HMVL98O1LYp2Kfb433G9TYoku46k0GwV6L5NQ3wkzYMxGycAZhD5M-OEymMoYg0x-5feYev-O5ToG8DTbUQKhx17hUXcwBU49BasohvooFZw7IDYsieTypX5muuhCW77BGV2MBdhNvD-SCV6sr5UHXMcXXtk8klOIHnBXTZrppRyoxU31spJIxdeDMHj2cHABO6Cmv-yBOAEAYgFxvDsnkySBQQIBBgBkgUECAUYBKAGLoAHxaOusgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCD8xHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkkaHR0cHM6Ly93d3cubGljaHRibGljay5kZS9vZWtvc3Ryb20vgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=ol3p5xXMQ1w&uach_m=[]&ase=2&cid=CAQSTABpAlJW-YltD-drxW69DQHYA77JpzOrC5hsyMVmZFehUc9gWbfqB2YSHPtcRBQDafUu8ZImn3TCe-vpi_cGi_EqQ6Boi9Uog0UFnmcYAQ&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=764532298161765&bg=!QEOlQwzNAAa6D61Rmg87ADQBe5WfON1RRki2W4RxTQfjmbM1MYIjJE8dbB_W6ePkusHFCov_FoOFZa4k8bU2-DT2tDnDAgAAAIZSAAAACWgBBwoAUjdfr2HncpG3VSikq1GgOJ5RD4BDZKkpOf4Y_M645of1lNCFuLg98N7yXswvKHHlU1lrGHzqXSJbO8Z9ZvsWzRB-cMgWw8i_VuaS5XVGSbiJknyZArUUnvhzKoRlyUmF_-133_4TG1z_zzh2C8yGZLgh3hYHigdonP3UhyB7B4Oef1Qi3auI9ILh6jNBG17DMca-w_JIkvjPyhG9L33JlXCx-53V5fSH-SrxWGsNFxtTYsQOBMOPIkdS6pCAm_I3P7mptDLuAC2qXSw7H5rltFvLBhR75u9tFmQYGFG4LCHiQsH40ZChgzT_21SMtJ3vXa8OqlA1ZDs6sJBF_bR5YYesBMIUKkf405Yvx6-uMwOeqyUxKiVhcTSrLGljif3eCYhd2PzmWCl4cCeAAXvN_48wybG_XKDTt2D7STMry8ZkAlrU9KmdoesgqvUInvivwCUObddX1F_FSmRYf1mvzJbFTyqDknqSRDhJ_UNSgeuQT-MOhvH36QRD2RviN5XMpcGybLgkblgnbxEvPhAvagfOcxDyY4IDyKLSnBcUOVlJWOxcnG7A0ib8MkdKQUApUM6bIaq9j1NBLLmieb5C24rzcW_skjxETMNKsxW1PGN6vqeOM-XXSOnwex2ercG2TOO9ZJ1t7S39Tw0Y42XzYK2H4cT0BbQkZV5zStOKhPdG0CfNt8yR2kLHBk0u6xyHtCoCjjQkjgpImu8tV2IzjAhN0h5l5VTb0eYwYyaWQBIAxnVdttdm79jNaBTRu38TJBKd_Sm7GYGz26iN3tDO5RAkaJzHrBtKRRhGnUYMp2nVYOldX8QSkAujc4Q3lq1k2qXLMR_8YYEiJqIYFCo_FvuQA4R1PBvG186LCObVxY3pDIvPAFOtme0JIhvdYODLLi5UmRFC7s4WeAMtUFpKKnBwxjA9LtR1WhBb9YZjVFPk2cKmKKFzWGEz9-WDiZm6QKm5go2ZpjYpI1dups_zU0pYpLX2udtotam1u2bH8ffhroSgEUASw10f_Vul5e5uQY16MgUrkTtGLv8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5F37 0
0 55ms
55ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyJoNUMv6ZPTQGNWj-gbTxon4DIO6tN5yj5Tw0OARkuvVn5EOEAEglZvKIWCVqpSCoAegAf6t0c0CyAEJqQL-S-wiq_mxPuACAKgDAcgDCqoEowJP0Gevp-vBIKAVQbcJLx7FjJsVP66SkOM1z3kv8K6tPSgwSRGIslWrcA1DCj8A-wSlF7biaSJlrxpjUUOr6OrpBJKG0EeElNi6thq_cO7XxUgaYSaS7EVbnwKfw3vmmLCJ3sUQbI-SZMKSiiv3VzUAZMykXnPjg0rJNIUIdQEHnB3TS_clHeBM05avzj1duIf-nsYhGXL06RKNr1Vi3ocLKkh5G50MpwJajtbCY0F2EGSfj4PFSSDeAdLF5z5oqlwNbrXFcL7NsxWnWoh1tbIu2LueAsv3t2iTj10AVqPVUa2wCughq2kWcjoBfsx8usR3GOgP2UflszHR3eB2RaE7Xld4X1zoXWOBA8CPIoxSy_aQIDoRBaibzmHRVyfVah-DrrjABO6Cmv-yBOAEAYgFxvDsnkySBQQIBBgBkgUECAUYBKAGLoAHxaOusgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDRyhTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkkaHR0cHM6Ly93d3cubGljaHRibGljay5kZS9vZWtvc3Ryb20vgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=z1aF5b0P3zc&uach_m=[]&ase=2&cid=CAQSTABpAlJW2HJuY-jPDd9rRsy1LkS2OCsIGFxviI0UI9kBpCJ9QEKCaP3YA3i92m9jvpFtogv7BVvDs4jMwt6_Sxo5fCM7mL43_Go_I4AYAQ&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 container.html Show response
cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D2D 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:20:48 GMT
expires: Sat, 07 Sep 2024 07:20:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 23ms
22ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.20457456707954405&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:49 GMT
cf-cache-status: HIT
age: 790294
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e5d0ae337d2-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 124ms
124ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_auto_728x90_sticky_display_bottom&sy=f9ca461d-596b-4539-ae43-974eb5c2a4d2&ts=77&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=a85c4dfa-b8db-40c7-9f8f-845553e82fb2&e=lm&dsReferer=Y3V0dHkuYXBwL05ERmtBbWlTM3Ew
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.14.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-nf-request-id: 01H7PX9E9FM2Y3NFZMZ69PH5YK
date: Fri, 08 Sep 2023 07:20:49 GMT
cf-cache-status: HIT
age: 790294
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "1c18abef7faa339e228260124959585c-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 80356e5d0aef37d2-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BE38 624 B
577 B 74ms
49ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY6dKi7gEwAQ&v=APEucNUjYNIktBH6JaiQRWacJOPJ5-gL3sWSHg2pUByWDwu5whpzupN-gc-zxnXmLuD24dPqoRSwWAIF_-R3O273AgpShc7pt_molNDduTKV-i9qG_lE4mrr8CMOtyT4laceSPXDSoDIAyf9B4UqoVI8qAcsRk4aiy4EMbg497dvUxEDBEjBFtSgjNJwTna3F28JXA-sbLAS-LBjHH6Vn0cbe3hZ4N_n0Q

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 07:20:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6D2D 86 KB
29 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Sep 2023 07:20:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D2D 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLqRHAKh_j1-4tpuKFxG4-yNoWm3yy_Rgrxsswqy_fmgnMBuyfAmIbYkdDu0ahBipOpD2Qn0QGJo8Pbzvf-YNTuS66uArWn0JDn1eDs6zVE8GWTLA

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D2D 0
20 B 42ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16593092481209621699&x=1&ct=76

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6D2D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 18:23:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 6D2D 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:07:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6D2D 0
0 17ms
15ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ449iauTjvA__0aAYd1YBdiAdkg_F-LTON8cXYE3SCY-Alx0UG6nZRMnukINHQg9ai1uEKKeCs-KbdqFbNbVX9hQAb2Q
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D2D 181 KB
57 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 07:20:49 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BE38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1

43 B
769 B

24ms
23ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY6dKi7gEwAQ&v=APEucNUjYNIktBH6JaiQRWacJOPJ5-gL3sWSHg2pUByWDwu5whpzupN-gc-zxnXmLuD24dPqoRSwWAIF_-R3O273AgpShc7pt_molNDduTKV-i9qG_lE4mrr8CMOtyT4laceSPXDSoDIAyf9B4UqoVI8qAcsRk4aiy4EMbg497dvUxEDBEjBFtSgjNJwTna3F28JXA-sbLAS-LBjHH6Vn0cbe3hZ4N_n0Q
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCoZ1goEtr%2BtxnLh6AHo6gBWjn3Bxed7crJ0X4I213XIOv20qG9n0c9SgWOKJo%2BhFAhXU3vtRRDnb2QxNnpQ4G7I%2B7QX3i%2FaiysPBXFPCrvRdLWFfUgMSosw63Ua5S6ZjyqfhOapQ5WFEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80356e5e19c3bb7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BE38
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPrLUckmldBPuNNmXOTNeAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1

43 B
740 B

21ms
21ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY6dKi7gEwAQ&v=APEucNUjYNIktBH6JaiQRWacJOPJ5-gL3sWSHg2pUByWDwu5whpzupN-gc-zxnXmLuD24dPqoRSwWAIF_-R3O273AgpShc7pt_molNDduTKV-i9qG_lE4mrr8CMOtyT4laceSPXDSoDIAyf9B4UqoVI8qAcsRk4aiy4EMbg497dvUxEDBEjBFtSgjNJwTna3F28JXA-sbLAS-LBjHH6Vn0cbe3hZ4N_n0Q
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIwaXtpEHwy1Db4AUFt2B54H%2Bzu8nQB4OZ%2BuL51tpo5ueqF6UPYsljVunObwTUdyQIg%2BKLK2LtLx9J62JEGTfObChAxILy%2FmDs6QCfrMgybLWqaRyC62%2BJhmfCW8Bm%2BE%2FMZ5zuQYcVn%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80356e5e39d8bb7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAdl-Cc-AypIUet79IG4GBw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BE38
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGjvbnPdIKfb20UYzIAX24g&google_cver=1

43 B
834 B

36ms
35ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGjvbnPdIKfb20UYzIAX24g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhCTqWIY6dKi7gEwAQ&v=APEucNUjYNIktBH6JaiQRWacJOPJ5-gL3sWSHg2pUByWDwu5whpzupN-gc-zxnXmLuD24dPqoRSwWAIF_-R3O273AgpShc7pt_molNDduTKV-i9qG_lE4mrr8CMOtyT4laceSPXDSoDIAyf9B4UqoVI8qAcsRk4aiy4EMbg497dvUxEDBEjBFtSgjNJwTna3F28JXA-sbLAS-LBjHH6Vn0cbe3hZ4N_n0Q

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
an-x-request-uuid: 9205d488-f089-45b7-b0a7-6b88a7912f31
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.36; 81.95.5.36; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGjvbnPdIKfb20UYzIAX24g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE38
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzE2MjM3NTU0NTg4OTQzMg%3D%3D

170 B
243 B

20ms
19ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzE2MjM3NTU0NTg4OTQzMg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
an-x-request-uuid: c71f3722-0850-4f81-aed2-7138630af4d5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjAxMzE2MjM3NTU0NTg4OTQzMg%3D%3D
x-proxy-origin: 81.95.5.36; 81.95.5.36; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D2D 0
20 B 43ms
43ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2276992649844&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D2D 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2276992649844&version=m202307240101&ct=76&x=1&cor=16593092481209623000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6D2D 105 KB
40 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DeFMUP-04klFZT82HdgkvGIbKCviLq-3kHlRUQmz24rgPJR1xurp1paJ3E3avJYBFQWeubLs2xpNC3Kk_X0O6qApUop_jMUR9s1UD_-JXV0Vs4sEh5TW3XQ6pGE9mn_SzMCJJa-hneo9816VzsNaYcPtJj1u_-aB7e-SnTHKoB7qv63Pg&dbm_d=AKAmf-C5AvrBJv2Zetcng_XYNojGCwPJEDXE-Grepg7myr9QRMr6lAZ3HbUXf3Y9GPJhuV-0aTbXaoNtvDzjSCJ_ietQweJnYv8h9_qEuZBfPQqfkiJYKUwL2_smEtlhK2f3GFg5oqBMD_8hpMzDTBSBL9vx9drqNriKgwlEy706AigENgjq2XS5qGDLyu6fXRvu6ESUPtylOxFTlVuu3bmlADxKmuR7vcwNuc7KhlCPZCkbKAU_sW3zLHeb_1wCERJ9LVpc1A8Za9lKbZhSWMY8qIgAx30ks91HrLdo0sEQMHmrny_oE4UNGJs64gsbSM7R9t32swP2bcAdk1i3Up5wSRFS1RB8aiELUd_yp2D5rYzcJISH-gKCy7XVlcwLYyf9YRmD_ljT3bFXsOvse4JPsNYnGI8dZ-_j9j_TbPM6xe9e7PzHeV0-0c4D9_aRFqUSd73E_BYMxRDEBYF4SLya5r_hgKTuF9tLI-vZKM2l5xRCw89QY_7_5mUMbGDFHyHFgC-CJYcDdyMnut-LeEiCPWIgEvq_gyovvE9ZGc-nEO0qRP873VcpofNJAN8e9x9rYcy56To24jIsX3UwdtR9kRQvjx4MOncvK6-hML0jImyuVzkGPzwuZp8Z_1cMJ1oO8ZpHaGIoP1gdOfrplY_PRxu9kIhM30RmcDAsSS20gnNzVJnfC8W0fLs1OBecv0e0lRvNvpkVdhO9XsvHfqQTCV8jx_Taa-zQSrzgf75V6BFL6YMBR2fa5r8FH56X1UVgZEgGB0B3mwir2yK19JOFH6Ie1_fhOEBfsMoiE-cmbsKf7Juf_EaT2mSRSQcCSzpHAi9G2FIbM3l_cZ0ofaW3P_Z0PZV2KaUUZZE6s064vX6-Ti0ehZXkY_lIUQI1ez_W8YGt-6IPF4ZxaunlIDqnEgZg1ipF6sEYHODt4cRnpOvVQrHjjNYPhXaeUIkMLTLAfKF0VTebAaMACLmHqLAnISJDEYAcDsnQaBKfOxC8S3yEFIdClmB0VyemeAItoyfDIeQRc1LE3952MuFHf1fXNh6hDzbiLK0DgQhdmoDMMZrLsF4bc8V2Ocb6be1XkFQ3hnJ_H6EDfcw1vZbBySrCkWuDoBq0m-gqBHCMghrXhDMNLCWhlKYUx4OTRW-Cjq8AaHkO3ApMm8ifvBuYdgxEqYRTCIEGYPWC9b_T6qP1-4HpS5oLwMhPUSRzb_4xtg4Z-8CVEwIWy6Ku6d2pspWdTucOhJ5xRnItXkD4rvnWiqstzxYZH9g6VzYeHHfK4B8G3PBJI2-poDm69aGgai3yaR6D71TO7jpETFHcE1eptxpGxZvpZ02a5ENXLTtp91gf91HKmXN1hh0NN6q95gHFv-StdLPJuDjfJ5JcGYaQZyzpuWW2kBEYZQsho73FROVcLVCT7w-PkXIn3Ll4rwsG8fetalKNKunMzjxZwmlIPPNPVo54nLv8mt3jjqLMo5RyZOwm53nuHUge_cSduLyEUbRN-CPoct84wghyX9rBZqXLH5t1Fu5O6jho9K-vODZS5dZdpHLQmIHKJLzfCDN9v5TRvxSPvwbWs4boATv8QKyuMlv9LVyHe6IMNMQxNWUyhN5I5WBU7K0R9RYSpeAebDE5zh6GvkCIoDeOB6sX0vX7-nQP-pAT8puSs88N2tqX2H-laQZLVLoCDCqoPArjomAOO4eA7_YnluX-Ln7xa1sIKwMgXgp_152yQthrXWQImPmV6kfdr77CJ6zxy4_Qz7v1LfzhVt0bY3dTB-ja_sMaA_X7kGdcBYTW0NeEgcUl_P7ZON94L4IkWVDtlNufmBofIq48A7wQglU0hTwVgqEK5PT48LnIt6zRsFGr9SXjdtd7JgQUTUM1k60AN3tUDDhOHNCXcYjzlMGqUPqy3dInBbuzvyMuWz0gp1xXUU_ea8mlqJK_igb-SkRL7UCaLMTfaKZe57ZR8cBI56PJQHkSbNFPlKL6buueIN6PiFinPpIxUFlCFnIKviIPYWT573HE5mieZzz-J8X4ARoZs0dCNHVE-AY_EHSfr8AOCHjBPpS5-__S0A8DzyFUBXkT0LNZ7ySCGG-AfQhkVxe_fUddavv4r_H93jmRWAxvtRSxmGWIs6JK5sV4G0Z0xgYfbKigz6elx8kbi6PYMfN3TA9bqVy9RmiKFTKFQ2W20r2-pmTgAuXyxmCVHVjac0_zhhlu0_kvQ3reUZiSQBTzNC4WKolN14ZElLDAMfevJfmEmAabA1rTBBXhxjRDvkLw6Dt6ReqGcDvMs4G7RctAG_bOBSu_3K7TY2YoSFgGUXbsViMo9q8JOZlx652pvSdKxSDvhZKPipCnRW-KUjXDA-Aw9w2qlA9g1_brsynZ1Qz8J4bMfYdrbjQEUqMLiVF9c160GeUchWl_GWoDEnQHMWRsJBT9jC94ZvvvM47oxNjwnhYxUi3wq5vNl-KfW0VDMbvy7IhAT_QL_Hyt6Bf3N5zGHHX_-d0Sz8IkX05BuWe3YWqROzq9qQZF-advrjA57-tmCDaiIA5sW4it-SxknW_40NYsBUbt71pw0LxtQMMg2kdtEtWb66m8VwNYxP5nuZK5k2ozO2W1D1hzt2t5zvpMOObjJ5swgJATeSEeEqyBSfrT7nj1CG-LuSbcP4kUMAecSqGlDyy638OVmMqwdb_7XEUiy8T42cfL7v0SOiKWciFKZv1OiVJCWFL_oGO8mm-78k7TRPnuvByAsW9bGEPDhFyOCLIQ9JQYjXwzrM7z0XdE3KYr2RTx0e90NUxn5zR_LnA2O0v21t5ac0pHizIOy-KMsOQkQHOhC4WytlDs28ecM6fK8O3xr7IYfq7mpqkWlrqU0TLD5oegAb4jEiMFi1CJMJ1LAAKJZQ6tdiY05DM19wnE3U6RouVGtz_qYMf6EMAcPsxjKQXqgWlSdE8lHft6-aHlGSfUBa10j40SSvDaYeM_RykmEjAYYcYF-u26ikULBHwmq_1BwWIRrFYi7W-hcqaf5bdUcJiQ_dXDIbFTNTDYORgF7tS6mSZLDNGUK9g4NGpUlxgFUrvNZZ4m-Y_oefX8XVXvm1VN2N7DAN4n6Zd2FqQXfIsh33aERnERCQeriQ4yvIQvC3i4RmbGz91Nwy5J3NF3J2xQZXe20I_fY7-2YLMFw6OCUJoYfc5ZhNL681IRsyBTPXDHu9eXcwa4DdGFTOh3mr2Yp_MZwT4eqlmP89XwZnOcDMlvIPYLJ8EGYavC4j-kbbstqjHBsFvB310qtSBCZkhGm-npqe5OPylkE9_lmEBsKzHf7yJ7so1W73dQJv5lmnlGVfxK1ulXUkVWcUq2Bc1Y-PWdsftlF7JagOHKHKk_edy8p1XgjzC6fZvlySNLKPEmGWTht1zmMlNe9pAonnUrBHqDP74TZqjaWrMI5pSwMyIW7P1z0xaEUoeeoq5PoOU1FxKoMm1SgdDsb6EdqNYaXeiRQwc8rtOiE5H3ukTP8WOlnRK1vV0A9Nk6Zg0cQZAXy3yv3g6BYABK6c319fh_cFIEIpJnBuJm0UkzIoLorWjDB5slfMmgGzfnwyCbnVJ8FwY536_J4yc&cid=CAQSOwBpAlJWRB0e8-M22ZB-7p1AT3Bavc_Yb-14owtRqNgTuIGoizhGu9Q2XPajxz7mQMmhyibCJP7R6wUTGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fcutty.app%2F&ds=l&xdt=1&iif=1&cor=16593092481209623000&adk=2086295851&idt=90&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5a58fb176242a7e6c353cad58da9c1387a8ebd57d4539c49f7704f2c370bc32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40905
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1496047/72037979/ Frame 6D2D 250 KB
75 KB 123ms
34ms Script
application/javascript 34.253.61.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1496047/72037979/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013235800&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20318015734&bidurl=https://cutty.app/NDFkAmiS3q0&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0hOJ2hrcGigDr8XkDDQ7lSD
Requested by: Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.61.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-61-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d43f232060aea1eb4297d45856d4dbeca430b7a4a9bb119cd1581708e650ef23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6D2D 111 KB
39 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
Origin: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:12:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 6D2D 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DeFMUP-04klFZT82HdgkvGIbKCviLq-3kHlRUQmz24rgPJR1xurp1paJ3E3avJYBFQWeubLs2xpNC3Kk_X0O6qApUop_jMUR9s1UD_-JXV0Vs4sEh5TW3XQ6pGE9mn_SzMCJJa-hneo9816VzsNaYcPtJj1u_-aB7e-SnTHKoB7qv63Pg&dbm_d=AKAmf-C5AvrBJv2Zetcng_XYNojGCwPJEDXE-Grepg7myr9QRMr6lAZ3HbUXf3Y9GPJhuV-0aTbXaoNtvDzjSCJ_ietQweJnYv8h9_qEuZBfPQqfkiJYKUwL2_smEtlhK2f3GFg5oqBMD_8hpMzDTBSBL9vx9drqNriKgwlEy706AigENgjq2XS5qGDLyu6fXRvu6ESUPtylOxFTlVuu3bmlADxKmuR7vcwNuc7KhlCPZCkbKAU_sW3zLHeb_1wCERJ9LVpc1A8Za9lKbZhSWMY8qIgAx30ks91HrLdo0sEQMHmrny_oE4UNGJs64gsbSM7R9t32swP2bcAdk1i3Up5wSRFS1RB8aiELUd_yp2D5rYzcJISH-gKCy7XVlcwLYyf9YRmD_ljT3bFXsOvse4JPsNYnGI8dZ-_j9j_TbPM6xe9e7PzHeV0-0c4D9_aRFqUSd73E_BYMxRDEBYF4SLya5r_hgKTuF9tLI-vZKM2l5xRCw89QY_7_5mUMbGDFHyHFgC-CJYcDdyMnut-LeEiCPWIgEvq_gyovvE9ZGc-nEO0qRP873VcpofNJAN8e9x9rYcy56To24jIsX3UwdtR9kRQvjx4MOncvK6-hML0jImyuVzkGPzwuZp8Z_1cMJ1oO8ZpHaGIoP1gdOfrplY_PRxu9kIhM30RmcDAsSS20gnNzVJnfC8W0fLs1OBecv0e0lRvNvpkVdhO9XsvHfqQTCV8jx_Taa-zQSrzgf75V6BFL6YMBR2fa5r8FH56X1UVgZEgGB0B3mwir2yK19JOFH6Ie1_fhOEBfsMoiE-cmbsKf7Juf_EaT2mSRSQcCSzpHAi9G2FIbM3l_cZ0ofaW3P_Z0PZV2KaUUZZE6s064vX6-Ti0ehZXkY_lIUQI1ez_W8YGt-6IPF4ZxaunlIDqnEgZg1ipF6sEYHODt4cRnpOvVQrHjjNYPhXaeUIkMLTLAfKF0VTebAaMACLmHqLAnISJDEYAcDsnQaBKfOxC8S3yEFIdClmB0VyemeAItoyfDIeQRc1LE3952MuFHf1fXNh6hDzbiLK0DgQhdmoDMMZrLsF4bc8V2Ocb6be1XkFQ3hnJ_H6EDfcw1vZbBySrCkWuDoBq0m-gqBHCMghrXhDMNLCWhlKYUx4OTRW-Cjq8AaHkO3ApMm8ifvBuYdgxEqYRTCIEGYPWC9b_T6qP1-4HpS5oLwMhPUSRzb_4xtg4Z-8CVEwIWy6Ku6d2pspWdTucOhJ5xRnItXkD4rvnWiqstzxYZH9g6VzYeHHfK4B8G3PBJI2-poDm69aGgai3yaR6D71TO7jpETFHcE1eptxpGxZvpZ02a5ENXLTtp91gf91HKmXN1hh0NN6q95gHFv-StdLPJuDjfJ5JcGYaQZyzpuWW2kBEYZQsho73FROVcLVCT7w-PkXIn3Ll4rwsG8fetalKNKunMzjxZwmlIPPNPVo54nLv8mt3jjqLMo5RyZOwm53nuHUge_cSduLyEUbRN-CPoct84wghyX9rBZqXLH5t1Fu5O6jho9K-vODZS5dZdpHLQmIHKJLzfCDN9v5TRvxSPvwbWs4boATv8QKyuMlv9LVyHe6IMNMQxNWUyhN5I5WBU7K0R9RYSpeAebDE5zh6GvkCIoDeOB6sX0vX7-nQP-pAT8puSs88N2tqX2H-laQZLVLoCDCqoPArjomAOO4eA7_YnluX-Ln7xa1sIKwMgXgp_152yQthrXWQImPmV6kfdr77CJ6zxy4_Qz7v1LfzhVt0bY3dTB-ja_sMaA_X7kGdcBYTW0NeEgcUl_P7ZON94L4IkWVDtlNufmBofIq48A7wQglU0hTwVgqEK5PT48LnIt6zRsFGr9SXjdtd7JgQUTUM1k60AN3tUDDhOHNCXcYjzlMGqUPqy3dInBbuzvyMuWz0gp1xXUU_ea8mlqJK_igb-SkRL7UCaLMTfaKZe57ZR8cBI56PJQHkSbNFPlKL6buueIN6PiFinPpIxUFlCFnIKviIPYWT573HE5mieZzz-J8X4ARoZs0dCNHVE-AY_EHSfr8AOCHjBPpS5-__S0A8DzyFUBXkT0LNZ7ySCGG-AfQhkVxe_fUddavv4r_H93jmRWAxvtRSxmGWIs6JK5sV4G0Z0xgYfbKigz6elx8kbi6PYMfN3TA9bqVy9RmiKFTKFQ2W20r2-pmTgAuXyxmCVHVjac0_zhhlu0_kvQ3reUZiSQBTzNC4WKolN14ZElLDAMfevJfmEmAabA1rTBBXhxjRDvkLw6Dt6ReqGcDvMs4G7RctAG_bOBSu_3K7TY2YoSFgGUXbsViMo9q8JOZlx652pvSdKxSDvhZKPipCnRW-KUjXDA-Aw9w2qlA9g1_brsynZ1Qz8J4bMfYdrbjQEUqMLiVF9c160GeUchWl_GWoDEnQHMWRsJBT9jC94ZvvvM47oxNjwnhYxUi3wq5vNl-KfW0VDMbvy7IhAT_QL_Hyt6Bf3N5zGHHX_-d0Sz8IkX05BuWe3YWqROzq9qQZF-advrjA57-tmCDaiIA5sW4it-SxknW_40NYsBUbt71pw0LxtQMMg2kdtEtWb66m8VwNYxP5nuZK5k2ozO2W1D1hzt2t5zvpMOObjJ5swgJATeSEeEqyBSfrT7nj1CG-LuSbcP4kUMAecSqGlDyy638OVmMqwdb_7XEUiy8T42cfL7v0SOiKWciFKZv1OiVJCWFL_oGO8mm-78k7TRPnuvByAsW9bGEPDhFyOCLIQ9JQYjXwzrM7z0XdE3KYr2RTx0e90NUxn5zR_LnA2O0v21t5ac0pHizIOy-KMsOQkQHOhC4WytlDs28ecM6fK8O3xr7IYfq7mpqkWlrqU0TLD5oegAb4jEiMFi1CJMJ1LAAKJZQ6tdiY05DM19wnE3U6RouVGtz_qYMf6EMAcPsxjKQXqgWlSdE8lHft6-aHlGSfUBa10j40SSvDaYeM_RykmEjAYYcYF-u26ikULBHwmq_1BwWIRrFYi7W-hcqaf5bdUcJiQ_dXDIbFTNTDYORgF7tS6mSZLDNGUK9g4NGpUlxgFUrvNZZ4m-Y_oefX8XVXvm1VN2N7DAN4n6Zd2FqQXfIsh33aERnERCQeriQ4yvIQvC3i4RmbGz91Nwy5J3NF3J2xQZXe20I_fY7-2YLMFw6OCUJoYfc5ZhNL681IRsyBTPXDHu9eXcwa4DdGFTOh3mr2Yp_MZwT4eqlmP89XwZnOcDMlvIPYLJ8EGYavC4j-kbbstqjHBsFvB310qtSBCZkhGm-npqe5OPylkE9_lmEBsKzHf7yJ7so1W73dQJv5lmnlGVfxK1ulXUkVWcUq2Bc1Y-PWdsftlF7JagOHKHKk_edy8p1XgjzC6fZvlySNLKPEmGWTht1zmMlNe9pAonnUrBHqDP74TZqjaWrMI5pSwMyIW7P1z0xaEUoeeoq5PoOU1FxKoMm1SgdDsb6EdqNYaXeiRQwc8rtOiE5H3ukTP8WOlnRK1vV0A9Nk6Zg0cQZAXy3yv3g6BYABK6c319fh_cFIEIpJnBuJm0UkzIoLorWjDB5slfMmgGzfnwyCbnVJ8FwY536_J4yc&cid=CAQSOwBpAlJWRB0e8-M22ZB-7p1AT3Bavc_Yb-14owtRqNgTuIGoizhGu9Q2XPajxz7mQMmhyibCJP7R6wUTGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fcutty.app%2F&ds=l&xdt=1&iif=1&cor=16593092481209623000&adk=2086295851&idt=90&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 07:12:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 6D2D 30 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 06:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3240
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Sep 2023 06:26:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D2D 41 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 442701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2024 04:22:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E149 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 08:56:47 GMT
etag: 48472445140208031
expires: Fri, 08 Sep 2023 08:56:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6D2D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 611caf259fc0d1412e2a1ea8564fb184326ff5e3037d0f28a7b45541a353d117

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B5F7 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 424269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Sep 2023 09:29:40 GMT
expires: Mon, 02 Sep 2024 09:29:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D2D 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BsJiSUcv6ZMiwJK_px_APi4SzoAkAAAAAOAHgBAI

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13408741722857238719/ Frame 1007 4 KB
1 KB 24ms
7ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6a60c57c4e5ac8fd0c6fa142c8bcfa15416c67397e93bcf36a4682bc1e5253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 271147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1286
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 04:01:42 GMT
expires: Wed, 04 Sep 2024 04:01:42 GMT
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D2D 0
0 95ms
56ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYMXIGy8BA1Z6ur57g9FYaVNohxD8-6_DAl-CeKkX3pXRrnbIBD6hyaT7H-tpM2iCToOP_PaIWvTjf_UegbkGUV36TkJt3LiSS-N-uoJ21zqktp7D234zJDPTPDo0Ekf6diyduWXoYbt0ZJFaBqFQOEb7Hpjt_xbFtP58K1SQFaF9Ec_5FpHTPhBWQ0YR2Smec_9w7qtWrlKOKE3ipjBpFDVOaFKU30qVqe1ewhUD8Qj8xfhVISdEfKUrLveZJuZ5mGf7yy9g3DrQD2hr6O1WqbMXOIzdj1PHwRQYajB_298nrC7N7sDQc3yOXn3Rk2r_t8Tp6_J27_kr8VKkYtLN_vmIjTvWwglezzkn2h6GMG560SbXg5apl4KaG6m1d6QC1N39afePOpNIgCb2FMt4KoLU_kqRPAgUtwtnhQxU-nnL4mDl-7DJOoiUBRLKBcLrAVfuX1Zx2hISL1Q7H1ln4eIEb4SzXSal-_wkDIGCxf6obrfEydcilZcPdg6VB9NPzJYmuDRUtJyHlPQJi0HMvKr3qZfQ7m7SYUvi1L6HeIdlhVxfrtYpck4VE4YfKRLXVMaKX-nnpSpx2JFfA42Wp18Nuvn0Is8x6S8wJ6ai8IpdG4gfWrEochy3LvCo8ucq7uwGFYpiA9n9qWGGbJw2r3we8KkUF-1h5JApWKzrIpwU1Y8Ncmw8nOwZ8Y_UPtCenn_p8ha0enp822AUufuYfS-GfNrIuMiboAp9Ow25M0uYQAWc58ZlnGQx2UN-l6awpsQHTwzITH2KDfe3a3P64QKt1unv5DaxrNDXPzkfN0kOtq-VDlLJybPw_VxCNcrNZnIIo20YHg2eFAa7LE-exUGczvHvjreGmkXgELpv-5pVfL2VIQL-0crg-oWfG_lsAgEuTSOPQK7n0lPy2GqRY80Q1JjM6tthJbOT34mKn2taZDNNU6Hs6E5iqNykB3KJJf-Gkt3tubYxS6O_PYHj27NwwxOmGDl4ifNLWQZ3zmop0UQ68UXhOCxZTGxt82y49cqF5TMU3WnxKILCnPQb7cEH0dmzGmkOTmN7gCGtnL7pkeGupFvvutxCNTNk_6cJc7bUAVXsINOKibIU2aW4T0LkVid-FsGN78LTxPS8vF_9E69iyj39tkCBqOa8ktEVQYycHfP29is2hpDubMCJ1YESOqYUgaSeW6YIh8H3JkX77kP9RkX1KhZ4sNGVS5yNQDJRI_ASfRWPu8133t_nhtVoIMBJtjiqiI6ouEhyX1buH6EbUnt5TcmLnagY6jyKsNclFVwCYCsgQ182HQhNTRT1qCUdI_L2j4sQ&sai=AMfl-YQ2mYxeXDs748maBzjJJ3KH7CoPBOF9_WsTbGJyscwciq3M-bQfRMvENX2_Vyl0tiYHv5krFLMz3-vWyEqdb4PvZgfCvaYoSkY8YcmckM3Mwn5YrcAGdIUupGr5zyRYQ8NetEVfgmJTypyqfQUAKKvlr6e6Lvq4EiXn4Jugqc1yS49IIiNhrFGWhIjUdPA6WqPKFhw9lccqBUHbUZXWSFOXZ4w9qRo8FdKpA3jadsOuGLZBX3Lvjs-fHx2K_URR7I-DgUmLUcxTWZGLBU0DTx0Qg40q&sig=Cg0ArKJSzItuSrYQrOnKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=111&cbvp=1&cstd=108&cisv=r20230906.25259&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Sep 2023 07:20:49 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 08 Sep 2023 07:20:49 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E149 70 B
265 B 127ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEA_u2BJqTJY6fS0hRjaCuWs&google_cver=1&google_push=AXcoOmQ4kCmM_fPt_QYH8xC022364SgnxREcmpxscL2uWNcvAc2mzzZeXcxAeQXEonlqXVgyclRaZPIEu5uYAoNeLWrB617aOSU
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E149
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO88Ru7jKu3V_sTFc-koW6w&google_cver=1&google_push=AXcoOmQyjSBb9A7z49YyvqBKYD59ytUBPL-B3SKdWSJu_51XH2gEeAlP0eOlYKWpzN2i0xViP7y2dlK8eZNPHHyf5QMEDoD...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyjSBb9A7z49YyvqBKYD59ytUBPL-B3SKdWSJu_51XH2gEeAlP0eOlYKWpzN2i0xViP7y2dlK8eZNPHHyf5QMEDoDdOLc&google_hm=eS1QclhvdFZCRTJwRXpIaUd...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyjSBb9A7z49YyvqBKYD59ytUBPL-B3SKdWSJu_51XH2gEeAlP0eOlYKWpzN2i0xViP7y2dlK8eZNPHHyf5QMEDoDdOLc&google_hm=eS1QclhvdFZCRTJwRXpIaUdEN3lBeDZZd2lQRWNtU0FaaH5B

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Sep 2023 07:20:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQyjSBb9A7z49YyvqBKYD59ytUBPL-B3SKdWSJu_51XH2gEeAlP0eOlYKWpzN2i0xViP7y2dlK8eZNPHHyf5QMEDoDdOLc&google_hm=eS1QclhvdFZCRTJwRXpIaUdEN3lBeDZZd2lQRWNtU0FaaH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E149
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTCPQ...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lOwewhQhh5Rmcp6Y9mAEOQJUEw2kG31NdIkInQ&google_push=AXcoOmTCPQhTbSu9WLLpdzDuu5e0DULOetLXYxvnO3Ydnv_Tb4rR1kpPxA1V7R1sJObWbIi5fpeU6sya4pQU...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lOwewhQhh5Rmcp6Y9mAEOQJUEw2kG31NdIkInQ&google_push=AXcoOmTCPQhTbSu9WLLpdzDuu5e0DULOetLXYxvnO3Ydnv_Tb4rR1kpPxA1V7R1sJObWbIi5fpeU6sya4pQUIJzTE4EQk6eUjxo

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lOwewhQhh5Rmcp6Y9mAEOQJUEw2kG31NdIkInQ&google_push=AXcoOmTCPQhTbSu9WLLpdzDuu5e0DULOetLXYxvnO3Ydnv_Tb4rR1kpPxA1V7R1sJObWbIi5fpeU6sya4pQUIJzTE4EQk6eUjxo
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 771934
content-length: 0
expires: Fri, 08 Sep 2023 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame E149 43 B
245 B 46ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKOFdERWA60USNbqWVUDgtU&google_cver=1&google_push=AXcoOmT5-eBomYWyEh71L0770Mos12QZR-LAvcmJw9tgwc-hKMy7UnYagStiSKKt6aXI_SWtzVJIgfnBrn6h3A6oSUqhY5MVt8Q
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E149
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJDLLATPOsMkzUx01y1o9Sw&google_cver=1&google_push=AXcoOmTStxZMQUVQTwCd6-rHW93Zd25M2FNMyQCJcik4WKKx-dpp-3onsdkCq_vwPSH9kVshYJIRS5eDup7lLQtnCBfyUuMYug
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&mn_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTStxZMQUVQTwCd6-rHW93Zd25...

170 B
188 B

20ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&mn_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTStxZMQUVQTwCd6-rHW93Zd25M2FNMyQCJcik4WKKx-dpp-3onsdkCq_vwPSH9kVshYJIRS5eDup7lLQtnCBfyUuMYug&gdpr=&gdpr_consent=

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 07:20:49 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&mn_hm=MzM3MTU5MjQ5ODE3MzI1NDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTStxZMQUVQTwCd6-rHW93Zd25M2FNMyQCJcik4WKKx-dpp-3onsdkCq_vwPSH9kVshYJIRS5eDup7lLQtnCBfyUuMYug&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 08 Sep 2023 07:20:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E149
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAThilY6keJ2AOFgL23_zqg&google_cver=1&google_push=AXcoOmRkft69NZilaEJKWACQFXcI4wU3MqS1owSQiwf2yLyOKAha8DZ8OSdyuLWPfBc0PprcB1GKc...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRkft69NZilaEJKWACQFXcI4wU3MqS1owSQiwf2yLyOKAha8DZ8OSdyuLWPfBc0PprcB1GKcuwespJqNxuurK_q0moGlrQ&google_hm=WlByTFVzQ284...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRkft69NZilaEJKWACQFXcI4wU3MqS1owSQiwf2yLyOKAha8DZ8OSdyuLWPfBc0PprcB1GKcuwespJqNxuurK_q0moGlrQ&google_hm=WlByTFVzQ284WGtBQUdVWlNLNEFBQUFB

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 08 Sep 2023 07:20:50 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEAThilY6keJ2AOFgL23_zqg&google_push=AXcoOmRkft69NZilaEJKWACQFXcI4wU3MqS1owSQiwf2yLyOKAha8DZ8OSdyuLWPfBc0PprcB1GKcuwespJqNxuurK_q0moGlrQ&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZPrLUsCo8XkAAGUZSK4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad45"}
X-SO-Key: ZPrLUsCo8XkAAGUZSK4AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad45
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRkft69NZilaEJKWACQFXcI4wU3MqS1owSQiwf2yLyOKAha8DZ8OSdyuLWPfBc0PprcB1GKcuwespJqNxuurK_q0moGlrQ&google_hm=WlByTFVzQ284WGtBQUdVWlNLNEFBQUFB
Cache-Control: private
X-SO-HostName: m-ad45.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 5
Content-Length: 0
X-SO-LB-Hostname: m-tgng21.dc4p.scaleout.jp
X-SO-IP: 81.95.5.36

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame E149 42 B
233 B 284ms
89ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEDbNA4ch5qUeUTQ4CbfP3jo&google_cver=1&google_push=AXcoOmTQoSrqpY9OVeo_rzR5-PJAaygCI74IVB8V1gL4i7eOOoEKOkFwReYNPf-2Swq_o-AWc2BNdkolPeNQM-mnhX2geutsE70
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Sep 2023 07:20:50 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E149 0
12 B 16ms
16ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JR9tBlv9LrmmAWFV4pt4qv-TDTQpm4NZx3zDLpZuwJSz4ZsrhTcH6P9A0dQGDrWhdlqESRRQ

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame B5F7 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 06:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 06:47:10 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/ Frame 1007 1 KB
460 B 11ms
10ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34840afad59b73224f5fe0bfaacd50d6ff75bfb8abb259d6fb3833870b43ccf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 04:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 431
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Sep 2024 04:01:36 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame 1007 113 KB
33 KB 47ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2726408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33497
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-82d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEArLV5sRYRXWQnmbW%2FZUE8rgk8shq%2BMr7JksezTobpJiZJvrGg6GOiqqbXyjBjthMitNXgypdB52Sjoh0zdZpePy3cOmxD6zTmX0ogqfltUylTWbif6%2FiDWq9y4Jq%2FEReSBOW5S27s7wuIKxWMj%2FwSp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80356e5f680f915c-FRA
expires: Wed, 28 Aug 2024 07:20:49 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/13408741722857238719/javascripts/ Frame 1007 2 KB
706 B 11ms
11ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc8b7fb76d283f6ac0bb47af712bf2240031e426c925d3a3727b5f808a166aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 04:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 677
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Sep 2024 04:01:36 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 2 KB
2 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2a090a4678040ef43722d2055ec26d3f96d4b1d7eed8edd4679ea3d86528da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H3 200 push01.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 2 KB
2 KB 22ms
20ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/push01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9810fe13497305b7432ffd1204b8fcd39cdb3d476fecc4ece8b4825cf96a3898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2481
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H3 200 push01b.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 3 KB
3 KB 21ms
19ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/push01b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd77ac1b8e30444b3306a1beabbdb7f1436014fee4553407e42b34623f65e3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2738
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H3 200 push02.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 3 KB
3 KB 19ms
17ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/push02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf0fa2e19a429dde289ac0204668cf394c7a88fd7d036930aaa4d8e4887651f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3022
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H3 200 push02b.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 3 KB
3 KB 19ms
18ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/push02b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7196e0163adecd2b96dc1c8f9c7d8a50f86d4c81ab4fd9e7be9447b8e7f6892f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3524
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 824 B
851 B 16ms
15ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50731722fc173acb95869d35926e046dc8af072c4fbbee1e9ccef64974ea8200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 04:01:36 GMT
x-content-type-options: nosniff
age: 184753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Sep 2024 04:01:36 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 967 B
994 B 16ms
14ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc54a39e01dfbc64fe9ca6ef66dc3f338deab0578846d1406b9867b4192cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 967
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 2 KB
2 KB 18ms
16ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc44aaf2310567ab54b2ad72ae59a25ca076af709edeb2120737f36cc4e2903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 04:01:36 GMT
x-content-type-options: nosniff
age: 184753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1889
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Sep 2024 04:01:36 GMT

GET
H3 200 mbl.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 3 KB
3 KB 22ms
20ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/mbl.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

998fa45a1f05f54d8acf825e0740f91772056f75b21d9b33919d0c606c522697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2829
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H3 200 terminal.png
s0.2mdn.net/sadbundle/13408741722857238719/images/ Frame 1007 17 KB
17 KB 22ms
21ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13408741722857238719/images/terminal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557cd4c682c861cbfcecea410f5b4e51984ae6c3f4b3b135a4100eebc028e755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13408741722857238719/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 271147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17232
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 15:09:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Sep 2024 04:01:42 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 6D2D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1496047/72037979/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013235800&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=20318015734&bidurl=ht...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

16ms
15ms

Script
application/javascript

2600:9000:223f:800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
date: Thu, 07 Sep 2023 19:02:23 GMT
x-amz-cf-pop: FRA56-P5
age: 44308
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: xvEgB6Q1QsfA00MeAz4Nlhs-EW5DJsGSB7YHeTip1YXtuA5mk8JsDw==

Redirect headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:49 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1956 91 KB
23 KB 55ms
8ms Script
application/javascript 2600:9000:223f:800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 30383073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: PDiCCYuxzWJzWDsjjnaG4y5DnQ7aZztHw2Gi0Vz6o45-Rp2l7xNw3w==

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D2D 0
0 46ms
45ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYMXIGy8BA1Z6ur57g9FYaVNohxD8-6_DAl-CeKkX3pXRrnbIBD6hyaT7H-tpM2iCToOP_PaIWvTjf_UegbkGUV36TkJt3LiSS-N-uoJ21zqktp7D234zJDPTPDo0Ekf6diyduWXoYbt0ZJFaBqFQOEb7Hpjt_xbFtP58K1SQFaF9Ec_5FpHTPhBWQ0YR2Smec_9w7qtWrlKOKE3ipjBpFDVOaFKU30qVqe1ewhUD8Qj8xfhVISdEfKUrLveZJuZ5mGf7yy9g3DrQD2hr6O1WqbMXOIzdj1PHwRQYajB_298nrC7N7sDQc3yOXn3Rk2r_t8Tp6_J27_kr8VKkYtLN_vmIjTvWwglezzkn2h6GMG560SbXg5apl4KaG6m1d6QC1N39afePOpNIgCb2FMt4KoLU_kqRPAgUtwtnhQxU-nnL4mDl-7DJOoiUBRLKBcLrAVfuX1Zx2hISL1Q7H1ln4eIEb4SzXSal-_wkDIGCxf6obrfEydcilZcPdg6VB9NPzJYmuDRUtJyHlPQJi0HMvKr3qZfQ7m7SYUvi1L6HeIdlhVxfrtYpck4VE4YfKRLXVMaKX-nnpSpx2JFfA42Wp18Nuvn0Is8x6S8wJ6ai8IpdG4gfWrEochy3LvCo8ucq7uwGFYpiA9n9qWGGbJw2r3we8KkUF-1h5JApWKzrIpwU1Y8Ncmw8nOwZ8Y_UPtCenn_p8ha0enp822AUufuYfS-GfNrIuMiboAp9Ow25M0uYQAWc58ZlnGQx2UN-l6awpsQHTwzITH2KDfe3a3P64QKt1unv5DaxrNDXPzkfN0kOtq-VDlLJybPw_VxCNcrNZnIIo20YHg2eFAa7LE-exUGczvHvjreGmkXgELpv-5pVfL2VIQL-0crg-oWfG_lsAgEuTSOPQK7n0lPy2GqRY80Q1JjM6tthJbOT34mKn2taZDNNU6Hs6E5iqNykB3KJJf-Gkt3tubYxS6O_PYHj27NwwxOmGDl4ifNLWQZ3zmop0UQ68UXhOCxZTGxt82y49cqF5TMU3WnxKILCnPQb7cEH0dmzGmkOTmN7gCGtnL7pkeGupFvvutxCNTNk_6cJc7bUAVXsINOKibIU2aW4T0LkVid-FsGN78LTxPS8vF_9E69iyj39tkCBqOa8ktEVQYycHfP29is2hpDubMCJ1YESOqYUgaSeW6YIh8H3JkX77kP9RkX1KhZ4sNGVS5yNQDJRI_ASfRWPu8133t_nhtVoIMBJtjiqiI6ouEhyX1buH6EbUnt5TcmLnagY6jyKsNclFVwCYCsgQ182HQhNTRT1qCUdI_L2j4sQ&sai=AMfl-YQ2mYxeXDs748maBzjJJ3KH7CoPBOF9_WsTbGJyscwciq3M-bQfRMvENX2_Vyl0tiYHv5krFLMz3-vWyEqdb4PvZgfCvaYoSkY8YcmckM3Mwn5YrcAGdIUupGr5zyRYQ8NetEVfgmJTypyqfQUAKKvlr6e6Lvq4EiXn4Jugqc1yS49IIiNhrFGWhIjUdPA6WqPKFhw9lccqBUHbUZXWSFOXZ4w9qRo8FdKpA3jadsOuGLZBX3Lvjs-fHx2K_URR7I-DgUmLUcxTWZGLBU0DTx0Qg40q&sig=Cg0ArKJSzItuSrYQrOnKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=291&vt=11&dtpt=180&dett=3&cstd=108&cisv=r20230906.25259&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Sep 2023 07:20:49 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D2D 43 B
216 B 295ms
94ms Image
image/gif 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1496047&asId=22fc738e-9e7a-579f-f68d-d6ba93735a7e&tv=%7Bc:nBPu5u,pingTime:-3,time:73,type:v,im:%7Bpci:%7Btdr:51%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:-1,vs:n,r:,t:68%7D,%7Bpiv:0,vs:o,r:l,t:71%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:73,n:3,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:n,t:68,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~1,0~0%5D,as:%5B4~728.90%5D%7D%7D,%7Bsl:o,t:71,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPfqQxe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1496047-72037979%7C191%7C192%7C1931%7C194,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22%7D&br=c
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D2D 43 B
215 B 291ms
94ms Image
image/gif 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1496047&asId=22fc738e-9e7a-579f-f68d-d6ba93735a7e&tv=%7Bc:nBPu5w,pingTime:-6,time:74,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:74,n:3,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:n,t:68,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~1,0~0%5D,as:%5B4~728.90%5D%7D%7D,%7Bsl:o,t:71,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPfqQxe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1496047-72037979%7C191%7C192%7C1931%7C194,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22%7D&tpiLookup=ao:cutty.app*&br=c
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D2D 43 B
215 B 285ms
95ms Image
image/gif 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1496047&asId=22fc738e-9e7a-579f-f68d-d6ba93735a7e&tv=%7Bc:nBPu5G,pingTime:-2,time:84,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:450,beZ:451,mfA:454,cmA:455,inA:456,inZ:460,prA:460,prZ:465,si:471,poA:472,poZ:500,cmZ:500,mfZ:500,loA:524,loZ:528,ltA:534,ltZ:534%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:-1,vs:n,r:,t:68%7D,%7Bpiv:0,vs:o,r:l,t:71%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:84,n:3,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~728.90%5D%7D%7D,%7Bsl:n,t:68,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~1,0~0%5D,as:%5B4~728.90%5D%7D%7D,%7Bsl:o,t:71,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPfqQxe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1496047-72037979%7C191%7C192%7C1931%7C194,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:22,sinceFw:61,readyFired:true%7D&br=c
Requested by: Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D2D 0
26 B 71ms
51ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLkAq6h8b5pDIS0HjH3vgBJQ2M8dIw9AL9LuZ694-zcixkGhBpg1mfRpcl_aLNZGODelqXQs9RebaAgc40VER7CgcBzrUbNWI4FxHTCObaNxbCWHsXIkKtlCG-PVR1QdWbCyjKJW48uk4g2fQ6vohDtGhyGn6TsibfKu9BTxnDiFD0SRJ98sxsrt-MDyj6T2Iu_ItqS7azYLNU&sai=AMfl-YSkzUv0MVxT6YmMuGTh-c493m7iSf23lw0TBLNWNj52gLmmZuJjc1XFEIKPKWC6Yebuy0IgH3wKxRswA6ksdaCEhgEOzjUKZMTmYJVbZ6iE1Fts308jfo_jWgV-hRykELC4vjHMlrp_xcdu6A92g_2J&sig=Cg0ArKJSzAFCxGNjpmW4EAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: cutty.app
URL: https://cutty.app/NDFkAmiS3q0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:20:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_728x90.js Show response
static.adsafeprotected.com/ Frame 18E1 3 KB
2 KB 11ms
11ms Script
application/javascript 2600:9000:223f:800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
date: Tue, 05 Sep 2023 10:15:07 GMT
x-amz-cf-pop: FRA56-P5
age: 248744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: wqfMNk7v46amSSILBFikP-ar9rQDM-tktiXTSDtAok5P2092YtjGFg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5F7 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsJiSUcv6ZMiwJK_px_APi4SzoAkAAAAAOAHgBAI&bg=!-vml-bbNAAa6D61Rmg87ADQBe5WfOCZvkiuf3e-thoodWv9PL12kouuEXgBYAEowx8ZiXj1StUO4iAVpLqrBhfQ4hzf1AgAAAOBSAAAACGgBB5kC-L7vM4tKwUDkt5ErXe6ubUSNyBELK4dtiAbWUVmuCC5_tdqkTieUmQjb6Y3nun4kutYAcGIUyG8BSaUjN25rcLs0I5YGKGIxZf9gceLl6HiDzIX5K6PV_8IMCtte6S_kGhcPqpGySOnyLQrNceourhltwvsIzrNdQfMEeZK-T3pcLaJ2Gpk9fU6eMjVApC3YaEQXMVp_-PIWeIftdtD1mpTK543alIFgGXz-OwX3Q7mA0sbEJ1hAnwY0RMUs9y7NtrsIYWvV76uoe5H7KawVfI1mh1RZVtGGFNax61tmXhsmxVATeCQX6LZR6g5q0mZCK_5L4G-veCIU1_9tmzb4h3s5-fyJhgFnU2rExciQN3HlJI-EAyd8GvcxVemZcclAT_G27IKhzw7iq7fJ1bTfIfAgutJy6Y4kWh2dlzKRDPhP5R0Nep-FvajZs9u-Tz4TcRBi6tEiLB26Qv_F1x2GEMs6EfvN8EKH3a28EsNnIMi-8mSeM6XcTpaDYkgFWgdGkVaJs1JGQ2Jrp7nyVzV1NImbJET5Nry0hnfRrO-Q0kigRw6vZ-9i9RWHG44FwF0WKTy_6T7jzURN4Fyz17TGTjF-As2KrtKyd4hYNDRJuyfzf6BaGliIabukfQ1wvvk6sJ9qLDIU2jrjBMuN9EbOlTNB6rmpwtC80U7ECGgWXfVM9FJnIH5bwaCjllaKClm2zqByI_FRhagWjoCn9nIIEaKMveRw-JVNKzoxYzXa8WkgeO05CJwseE4ZFn_9qEzz5txKuBcF8RL634TYXmzZea0oTqv2Ciwla8fJQU88vqtdurpC25BRnPPMXiJf7AAMipWRxnnsa4evyFwALoqif4GbeZ3VdNs0qgJZIp3rMgrOfOjZYINPIdkBy7GzSoVi8dFgLtMgwIcnm6r-neyRv0anfvnp8ybytd7Cf-00a1jOzGRAaF9Wg898H0vCep4ADszoROkKc2nrcu5dKjkcvM_YH9lGHnChPmXKi0z3PKwCjbp-K2iID4E

Requested by

Host: cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
URL: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 18E1 10 KB
10 KB 8ms
8ms Image
image/png 2600:9000:223f:800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Sun, 03 Sep 2023 14:45:51 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 405300
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: FDaXrA0zOSIfEFRXj4HLOBv2cRNAwpsXlDXOxB63xTaV2hmeFAz-6Q==

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DF72 42 B
64 B 47ms
47ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRGOuX83lw2rZ_v-IUBjmBw5QTZnnUAJeyRmPB80iiAzII905NsY4mWewyNsv6acMFuJU7LIU_cG_XBTcU3QMgVTAKZ2KFesQHKnNNhqlwh6wLktCbY6DiHDBlsva90m3kIBXQcfE0hFoN&sai=AMfl-YQjlH9W0VoX6M5mp6RvtOddyAy607UyDM2GBt7MpDn0AUyqmYtSjZxJwpqm1wA1yRmrFTm5Jy9GmZfv6xJ1J5Sn21zMZTxpU3SOTcuYWyU7wwTRfN8jsd0AjgFGLiMwiWqbCe91rU0EvdsSGQ&sig=Cg0ArKJSzAgddBKaHX3AEAE&cid=CAQSTABpAlJWW-iok6PjCti7TAR3PXJrtB4EpIgV3gPw5b2xA02Zc0XjUMSijMm8jo1aaHH185SjyoQTSTJvacBUm3XtrOIjZ9J2g1NlhocYAQ&id=ampim&o=415,275&d=770,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=436&tls=1436&g=100&h=100&tt=1436&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1E0E 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW11Y2q-Y9W53Wfh3mIB-9ZYylUa-Pu-wcVf8xMReGLxRYUEsMID1Rdo-hWwAxdr40w4In5XB_Fm397yfyO9KAxVv84blERFKlMvKFOVSNmHhF0o5tq5q6tWc_DsvItYLUPVHtSfS3f5q-&sai=AMfl-YRAa34-lUSyVkRvC4Bfmrag2eQEV_wxiNnNe6VKE9RK6tkEg8R4bewrXYvskCqVPhh0yZJRfJ3AyRDpYF-8Jvnu09tYpcM9mJCyZfYl3DM4BWaEXo6RX6zKqlHHOeYj2mxXAOgyWaAwfvbAjQ&sig=Cg0ArKJSzGVwjq5nMumcEAE&cid=CAQSTABpAlJW-YltD-drxW69DQHYA77JpzOrC5hsyMVmZFehUc9gWbfqB2YSHPtcRBQDafUu8ZImn3TCe-vpi_cGi_EqQ6Boi9Uog0UFnmcYAQ&id=ampim&o=415,986&d=770,300&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=388&tls=1389&g=71.33333086967468&h=71.33333086967468&tt=1389&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5F37 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveBibCRNtZHuauiA30fBkxJZGg09G9WAn6cy54auUfTEkoU7KC0m3vCNzZXLAh_YoiX3mirIaOr-MLyKtYygNaECYEPB6Si6Rawp2tP_5yvfDPZUmDKyOCRzujmfR1rNQWAPHT1A3eUwBL&sai=AMfl-YQy65_VJCGKd1Dfw1ADDFgqnejOCqOT3BA3wODXIcAD0J70dXnCur7xIjQ80lQzB11P5Ojy0Me-0QQMErlfhtUhnpUuJwNAvAwOdVvc86a4CKZXhsC7yjyh1XxKplyByHp2rg2wVyojkpSkpA&sig=Cg0ArKJSzFXn1NnCG6EmEAE&cid=CAQSTABpAlJW2HJuY-jPDd9rRsy1LkS2OCsIGFxviI0UI9kBpCJ9QEKCaP3YA3i92m9jvpFtogv7BVvDs4jMwt6_Sxo5fCM7mL43_Go_I4AYAQ&id=ampim&o=415,618&d=770,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=379&tls=1379&g=100&h=100&tt=1379&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6D2D 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1496047&asId=22fc738e-9e7a-579f-f68d-d6ba93735a7e&tv=%7Bc:nBPubo,pingTime:-10,time:438,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694157650322%7C%7C449d8e30faea8d3fc6db55d7f5e3d3d0%7C%7Caaf8e1c5fa6f2472e971350e5968c28c%7C%7Caae22596bf19bbb9b0ee05d481731976%7C%7Cad28c3bcae22e9ee85e025db18015fa3%7C%7C4956f007a66bae73f25471d42e5304b4%7C%7C720d1e65b2051b4e22498647af9633cc%7C%7C4b6916f3b299ee99f5da1c551b73f760%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ca8a:10f2:e03a:a803 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D2D 42 B
64 B 250ms
250ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5HEXg4xUBgYe8i_aajWCGrLhrJDnaZo9v2-_IMoPhJCOcADi9kuRoq6SENB01g9enFGrleUbskyormpGb36r3jxGHZIhOgJ1TE9WOYq0tkNlznrjZeJfaRM3L_ManqW-r-VPRdGUZYggf&sai=AMfl-YTQtEwm46SAQ-GwjuPFGOI4Z-aqZ5GJj0qNLk5Q6PMbVgiD5mAr7RKgsd92r6NTOkYv3c9-qZAmFhe10eQix3ZHSoQRvaGBD_5ewmm7Q6lTLZkT40p-iVVHH4A&sig=Cg0ArKJSzPp-BnxvjvhLEAE&cid=CAQSOwBpAlJWRB0e8-M22ZB-7p1AT3Bavc_Yb-14owtRqNgTuIGoizhGu9Q2XPajxz7mQMmhyibCJP7R6wUTGAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=497554658&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694157649434&rpt=277&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D2D 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2276992649844&version=m202307240101&ct=76&x=1&cor=16593092481209623000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Sep 2023 07:20:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cuty.io/	1970-01-20 14:46:02	Name: XSRF-TOKEN Value: eyJpdiI6IkdRaUl2dElUSkhvZWd4eDN1K1F6RGc9PSIsInZhbHVlIjoiNFRyK0RFbEZ3YWF1aDlKOU5rUXdwYzFVN0FLSm4rVGZmaXRuSHVHVi9rWmhzNWhTbXB0SXR0MU9vR0h5ZWxYeDVvUWhwK3FoelZ5czgvSEJGY25pRlZKSnVFQXFGYVVDbFBtQWNDUi90RmpYV29ZcW1HZmlucVVLNjdLb25aZ0ciLCJtYWMiOiI1ODBhYzg5ZTU1ZmE5YmQ0YTdjYWY2NzczNjM2NzczYmFhODZkMDg5OTgxMWVmMWJhNTQxOGRmNjI5ZDJjN2RiIiwidGFnIjoiIn0%3D
cuty.io/	1970-01-20 14:46:02	Name: cuty_session Value: eyJpdiI6InAzZFBTUXFRSDE4cXNxSHZwcTBndFE9PSIsInZhbHVlIjoiejNaVXE2YURnWEdzejVEblVEUzhxTGNnR1NaUXc1WWc5OUdrTXRqNXh4QlhOWDAwNFVBclhYOUlkS3NGTklHd1RnWjNFTGtpOUVwZ04razJVVjgwN0Y0d1R2MG9sSWp2OVU4VUNFKzNjdmlodmdTR0F2V0NjRkxuK3Q5Z0RxZy8iLCJtYWMiOiIwNjlhZDk1MTk3ZTMxYzkyZjQyNmU0NDI4MTkyNDI1OTc5YjExNzJlYzMyYjI4MmI4MjQwOTBhMGU4ZDQwZGI0IiwidGFnIjoiIn0%3D
forbidcrenels.com/	1970-01-20 14:37:24	Name: GL_UI4 Value: eJw9jd1OhDAYRPln1QWdhAfwEQCFZS%2BND%2BElKe0HWxfaTakQ397GRK%2FmZHIm43leUDzC35II4Rdr8MzY2FHFm5G1Y%2F16qul8ql6akppz2%2FG647iTa2%2FZMJONcFgXZmxvtwjHiRQZyXuuBWV4ctZfc1V6VxHiwTAlMsSLM%2BYM6WD0vpIpQkSKLYTk%2FWK0y3hhn9ogrKrWsVSO%2FRKBXoswv0f6IZVww%2FyIoCrzPPHwcJuZHbVZeikSH%2FFkmCD4bzhwZmnS5hupoPVq9Q3Qs%2Bj%2F%2Fd%2FfcK9KJII2yd25thcyP00gTmc%3D
forbidcrenels.com/	1970-01-20 14:37:24	Name: GL_GI10 Value: eJw1yE0KwjAQBtDMLCL%2BLT7oAbyAAZGKbqPixkvENJSgTsK0CN7ebtw9njGGmxU4VyyOO3dqXev2B1APvlzBUTC7JX0H%2BYIU7KdTwfIepNv4pK8soAj7Z8b6XDRtfYjPR5EElgHzqWrRMCZQtQQei2Xw0DUG9LH4AXI3HmI%3D
cutty.app/	1970-01-20 14:46:02	Name: XSRF-TOKEN Value: eyJpdiI6Ii9CSnRqb3UvcFdmUGVEU285RkpGNnc9PSIsInZhbHVlIjoiZ3NUeHBXWnRsY2JPMTlNeXc0ajg0aWhVTi9SM3Z4TDlkUFVJL1NtWXh2YVc4cWlBUHg4RnZFVk9nSGJXVU84cU9JeE8rVlhCSFBvWEtWazRGSkFoeXZqRXN0SldEUzlYaThsd09xSE5OWUgwbWFNVDRrQjEwVFFQM2V3QWdHdDIiLCJtYWMiOiI1OWQ2Y2U2YzQ4OGIwNzg0YmM5NzQ4YTU5N2Q3ZDVlNWUxYTZlYTIxOGUzYTliMGMwZmUzOGMzYjMxYWRkNjU5IiwidGFnIjoiIn0%3D
cutty.app/	1970-01-20 14:46:02	Name: cuty_session Value: eyJpdiI6InZtR2o0VXpBVVh5UFdsU0VaenRiL3c9PSIsInZhbHVlIjoiSW1wWjdyVWFpS0ExQTBELzc3SlErMlA4aHV6TzAzR3UzdlU2VGxjSGlkblRxajg3cVdtaGRIYkt0Si9Nc3NzNDdVNXFCekdTSnM4bjBhYlE4SUVPMnNtWVhnclBLVVRBby9FNUJLWVlxNTJMYmFpckc4ODhhbm9OQWFQRFJjM0QiLCJtYWMiOiJmMGZlYmM2ZjFjYjM1MTA2ZTA3Mzk0ZmQxOTIwZmI1ODZhMjFmNTBjZTc1NzRiOGM5Y2MxYWE3ZThjMjAxZjkxIiwidGFnIjoiIn0%3D
cagothie.net/	1970-01-20 23:21:33	Name: OAID Value: d46b127d35854bf8ab164390a7c808b4
cagothie.net/	1970-01-20 23:21:33	Name: oaidts Value: 1694157647
.cutty.app/	1970-01-21 00:11:57	Name: _ga_GGDCMPL4QP Value: GS1.1.1694157647.1.0.1694157647.0.0.0
.cutty.app/	1970-01-21 00:11:57	Name: _ga Value: GA1.1.216187640.1694157648
my.rtmark.net/	1970-01-20 23:21:33	Name: ID Value: d46b127d35854bf8ab164390a7c808b4
eedsaung.net/	1970-01-20 23:21:33	Name: scm Value: 1
eedsaung.net/	1970-01-20 23:21:33	Name: oaidts Value: 1694157647
live.demand.supply/	1970-01-21 00:11:57	Name: demandSupplyTi Value: a85c4dfa-b8db-40c7-9f8f-845553e82fb2
.demand.supply/	1970-01-20 14:35:59	Name: __cf_bm Value: bw0979p1AJtv_WHZO_aMBRlgpchyHHj2DhShozzQlZA-1694157647-0-AX1+Q9Y5LzOjJADoQ3MzrvlvKxpFa4Na91WajZwK785cYK4Oi07TW0d0wp6rwK/ll3uxxjBcy/F7bQHk3Bpp360=
.cutty.app/	1970-01-20 23:21:33	Name: cf_clearance Value: A7spPqp5bguCFQGt8ghI5x1oaGo4da7Lh4aam2_cm1g-1694157647-0-1-99b8db3d.f2b3d7d0.ceb984dd-0.2.1694157647
eedsaung.net/	1970-01-20 23:21:33	Name: OAID Value: d46b127d35854bf8ab164390a7c808b4
.criteo.com/	1970-01-20 23:57:33	Name: uid Value: 7e58a467-38b9-4ba6-a558-f42770314fc1
.cutty.app/	1970-01-20 23:57:33	Name: cto_bundle Value: YyZEal9BUHo3YVNBT054JTJCb3lkbDlZNzZ4b0k1WkFyemNoZVNTZ1dNVXozWGNicHhyY3liMGQ3blJneW1YZ1dJTkxrZ1J2c0x1ZiUyQkg4TFhtbmtFV255em0yTllENExLN0pKc3pkOGJVUmd1Nmw5VXBLRVExRWJVY0txRkxZNWkxUkFIQSUyQiUyQjU0RkRWTkFVWEFhRFBDQU9rM29zZyUzRCUzRA
.cutty.app/	1970-01-20 23:57:33	Name: __gads Value: ID=675199fb47fc4c48:T=1694157648:RT=1694157648:S=ALNI_MbWPNcllMrN-G2y18HDVbcPVwHciw
.cutty.app/	1970-01-20 23:57:33	Name: __gpi Value: UID=00000c70307e432e:T=1694157648:RT=1694157648:S=ALNI_MZfadf8GVgT4kYV0fgGBF1gzOdY0Q
.doubleclick.net/	1970-01-20 23:57:33	Name: IDE Value: AHWqTUn91EPe3vR55an8kRCdHtB2PR0mxIxCY-f9aszGjxIFn6yu8vhMarXUEgJVJTo
.casalemedia.com/	1970-01-20 23:21:33	Name: CMID Value: ZPrLUckmldBPuNNmXOTNeAAA
.casalemedia.com/	1970-01-20 16:45:33	Name: CMPS Value: 2213
.casalemedia.com/	1970-01-20 16:45:33	Name: CMPRO Value: 2213
.adnxs.com/	1970-01-20 16:45:33	Name: uuid2 Value: 6013162375545889432
.doubleclick.net/	1970-01-20 18:55:09	Name: APC Value: AfxxVi5vdOX3UsPrQcLA_-_PuCcqfFVvzMCqntYQpKV574a8QmcucQ
.adnxs.com/	1970-01-20 16:45:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTzrFzSN!]tbPl1M>e)ZlrFUfJ+tGXxoi@ewA/8e5MeB-B#9FSrG.Dyby=b#q>!^IzVj3If)y3KL9D3I?+BKswYI
.media.net/	1970-01-20 23:21:33	Name: visitor-id Value: 3371592498173254000V10
.media.net/	1970-01-20 14:56:07	Name: data-g Value: CAESEJDLLATPOsMkzUx01y1o9Sw~~3
.yahoo.com/	1970-01-20 23:21:55	Name: A3 Value: d=AQABBFHL-mQCEGCOy_uC4r6DLUKFR-CpIgEFEgEBAQEc_GQEZQAAAAAA_eMAAA&S=AQAAAg54rx95xVsF6tdiRIgRRkI

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cutty.app/NDFkAmiS3q0 Message: The resource https://live.demand.supply/p4/v17-10-0/Y3V0dHkuYXBwLw== was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcp.crwdcntrl.net
cagothie.net
cd19f41720d0033379d64470a702205b.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.cuty.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.media.net
cutty.app
cuty.io
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eedsaung.net
fonts.googleapis.com
fonts.gstatic.com
forbidcrenels.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
match.adsrvr.org
mug.criteo.com
my.rtmark.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.openx.net
rtb2-useast.e-volution.ai
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.39.155
124.146.215.47
139.45.195.8
139.45.197.238
139.45.197.242
142.250.185.130
142.250.186.34
162.19.138.83
174.137.133.49
178.250.1.9
178.250.7.13
18.66.97.88
185.89.210.101
2001:4860:4802:34::36
23.109.82.155
23.212.88.20
2600:1f18:1aca:4282:ca8a:10f2:e03a:a803
2600:9000:223f:800:8:48e:53c0:93a1
2600:9000:2250:7000:a:e047:753:6381
2606:4700:10::ac43:266a
2606:4700:20::ac43:4621
2606:4700:3036::ac43:8be5
2606:4700::6810:5514
2606:4700::6810:8516
2606:4700::6811:180e
2a00:1450:4001:806::2006
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a02:2638:3::3
2a02:2638:3::c
2a05:d018:d29:3602:e201:bdb5:e43c:2ec
34.253.61.43
34.96.70.87
35.186.253.211
52.223.40.198
54.217.80.122
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04aa8c8fd08ed9b9b26e66314da286da6bdda7131cb826cbd0855a475acac295
07ac15d8d9f7da428c2d7e9b0ef5497717826bd353c567be0ddff6c7928470f2
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2308dbc6a5170b95ff28b0734a9c083f25cf5dcf6cf6cfb526e9f1551b0058
0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f2a090a4678040ef43722d2055ec26d3f96d4b1d7eed8edd4679ea3d86528da
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
163412492738a4458887c0784da56fbbb1e273b0eabcd6dcd725cd3848041e8a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224
19dd56cfd20afa7853bd825eb4506f59fbf9bdd7af48378681823e3e17809280
23be6850d0096322d9dd70aec9560e03c58553e1781482a7dcd6dfbd8211563e
247f7ed4f9cb2f22cdef40b161d075142fe4e3256cb081d9f76c6e135f246ff5
28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f
28ccd76f69e6bdac8cbd6ccbce43db08972098d3187902247a757df6cae55d57
2b3880805c8a69b1176084b7da79a298add01efb9cdbb2c561c67c999ab5e983
30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
34840afad59b73224f5fe0bfaacd50d6ff75bfb8abb259d6fb3833870b43ccf3
34b48c08cd364d87f2d9815b2f2f14c95f6c0aac55f1d686a12d35da1911a5b6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3820310916466a4b86c1de8114ec8cfe8f8a259c121104587219e7d84f84b84f
385062a8cd160903beadb4448eb42b6ff31dc629b122304df04375ea04439845
391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f
3b2acceca6aa51e66ab6cc70e328dae26a95edef508d395f43b7c34b6e9960b1
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3f4197cff3792b7945a0b72909ead8bd2ab4f961c0b60ba46bdece045d771039
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
40f8ea2bfde2d888d942907515a94f29afa37692851c9688e28e8100c572da79
426d26eb4a92c1b3a3e2fe0149d1e036e50837bc9d43dc52099bbd541c33bfbf
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
49985e29684ff7121cf3bcd2d59f72da307318ac1cdf781373dbafd0509c6bff
4b157d8c37258481c47d52b01bf39b0b6f989a59a8f7486df38ea6a155616fe7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50731722fc173acb95869d35926e046dc8af072c4fbbee1e9ccef64974ea8200
53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c
557cd4c682c861cbfcecea410f5b4e51984ae6c3f4b3b135a4100eebc028e755
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5964112f9f01e08a75fa6203a6f908946c7a8f74e06ae113076f57d0edb92e61
611caf259fc0d1412e2a1ea8564fb184326ff5e3037d0f28a7b45541a353d117
61591281e257f53702c40fe568e3a4f4d309abe626e9c59c1ed4ac2392f7b36d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d
6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e
691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7
6face8a048cce62fed7de77820ad5b56cb055b5599861a2400855bb4beed222d
7196e0163adecd2b96dc1c8f9c7d8a50f86d4c81ab4fd9e7be9447b8e7f6892f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
753ffaab6dc557badc6bfde512ce97782a8f812c8cb797e66b8a177b4bdea57b
7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be
7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be
7cc54a39e01dfbc64fe9ca6ef66dc3f338deab0578846d1406b9867b4192cf10
7d274fe3278ec409bc7aca70e549ba257f4c02fe7eb3d39e311e1ae59d164bd6
7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82d969259539194fdcab87360e7f4567e6214287243beb8ca74cc5ad42040437
870cfeb852a72c157887137a6ac4b86e921f18c65d1f3cbc1c8b4822ad2e10f1
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d96b8a02fdb833783f370a304b70914d2f1d349f4bdc9ce86cee72f878634ec
8f6a60c57c4e5ac8fd0c6fa142c8bcfa15416c67397e93bcf36a4682bc1e5253
9376f3e30ddd47391a2b6bd1b0f7797e0013351591519fce3d028f0120c37670
977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8
9810fe13497305b7432ffd1204b8fcd39cdb3d476fecc4ece8b4825cf96a3898
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
998fa45a1f05f54d8acf825e0740f91772056f75b21d9b33919d0c606c522697
99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d6f4adf929ef93b222e4daa3095ad4cd1df19a84275e0f52157d3a80e4461c3
9e2964ae83dbdb40f7fe78a5d553484a820e4c964e932c5c349a1f7b2737d18b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a362d15633d0360726021ae2bbab970573db776c7346f9ce1082be702220935c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a87e749899b0a103057e430fcd48baa05bdd2af960a4b50328f664b5f80bff3a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
b8fbe418d6186e070a3e5c486bd099b896cd46e3fda53a1907d098a873b4cd47
bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bf0fa2e19a429dde289ac0204668cf394c7a88fd7d036930aaa4d8e4887651f9
c159e8042a06efe8917b5c68ba42929197eceb53d1023f329bdb5cdefd858f4a
c38fb8a26064b4a22c9e9d59726fbe3d1e93bf1abbc5e97ac7e084e4bb10b1b2
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
d0112c66fd7b76151b98a13bd4136e331c7478a3278f7a19c74fd13a81dfe170
d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a
d43f232060aea1eb4297d45856d4dbeca430b7a4a9bb119cd1581708e650ef23
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd6b98fe58461dab80208f369c9a517d66f2b7d3e82b675c72f50b14a8e8e5f6
ddc44aaf2310567ab54b2ad72ae59a25ca076af709edeb2120737f36cc4e2903
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e
f5a58fb176242a7e6c353cad58da9c1387a8ebd57d4539c49f7704f2c370bc32
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fc8b7fb76d283f6ac0bb47af712bf2240031e426c925d3a3727b5f808a166aa1
fd77ac1b8e30444b3306a1beabbdb7f1436014fee4553407e42b34623f65e3c8

cutty.app Open in urlscan Pro 2606:4700:20::ac43:4621 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

94 %HTTPS

57 %IPv6

34 Domains

47 Subdomains

43 IPs

8 Countries

2758 kBTransfer

6321 kBSize

31 Cookies

6 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cutty.app Open in urlscan Pro
2606:4700:20::ac43:4621 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

94 %
HTTPS

57 %
IPv6

34
Domains

47
Subdomains

43
IPs

8
Countries

2758 kB
Transfer

6321 kB
Size

31
Cookies

200 HTTP transactions
9 data transactions