cutsy.net Open in urlscan Pro
104.21.20.185  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://hananashaka-tech.com/ HTTP 301
   https://cuty.io/XCvBJyPvB HTTP 302
   https://cutsy.net/XCvBJyPvB Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

• https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&rid=esp&cc=1

Request Chain 150

• https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIYDtEeXqfDbgXBrDsRcZFs&google_cver=1&google_push=AXcoOmSvQMZnq0kGmZYS_RMHuvVApt8GcK0qHUmYuZ6oLzC3q8AfvNh_Y2ifQ4D-6LNN2UQ23xqrXvNGPiQv1IIUjixOEDeNmLb0JQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSvQMZnq0kGmZYS_RMHuvVApt8GcK0qHUmYuZ6oLzC3q8AfvNh_Y2ifQ4D-6LNN2UQ23xqrXvNGPiQv1IIUjixOEDeNmLb0JQ

Request Chain 151

• https://d5p.de17a.com/cookies/google?google_gid=CAESEDr96BiuHrAQQP_Zln3qy6c&google_cver=1&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWjS4ZIWT_xQ HTTP 302
• https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDr96BiuHrAQQP_Zln3qy6c&google_cver=1&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWjS4ZIWT_xQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWjS4ZIWT_xQ

Request Chain 152

• https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTDMsP3rETJ-90uY-C-xnoNtENs2i6Dg7DLCELRptmKGywkZt-vJVN_P4Qf1CFxK1iqAiItHzNAoxelgNfIRqb4I6D8Ur4ZGg&google_gid=CAESEHvcBY38rvCyOiv1WC1VzO4&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-WSf-CVBfEQY7xwZuQPVCO3GGiNjF5mM_UR_A1w&google_push=AXcoOmTDMsP3rETJ-90uY-C-xnoNtENs2i6Dg7DLCELRptmKGywkZt-vJVN_P4Qf1CFxK1iqAiItHzNAoxelgNfIRqb4I6D8Ur4ZGg

Request Chain 153

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPK6LUJpu48WTsb61YOkFO4&google_cver=1&google_push=AXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw HTTP 302
• https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699699501922 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-45f2b3d4-3284-4aff-a54e-36dffbe2ec22-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw%26google_hm%3DA0Xys9QyhEr_pU423_vi7CI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw&google_hm=A0Xys9QyhEr_pU423_vi7CI

Request Chain 154

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPiQBf0kEmeDZK-gBOoo4wI&google_cver=1&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rOFi6zTMnjQSX4OAnZZY3SAI2lKkIw1F6YlG5YhQ HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rOFi6zTMnjQSX4OAnZZY3SAI2lKkIw1F6YlG5YhQ&google_gid=CAESEPiQBf0kEmeDZK-gBOoo4wI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYxMjM2Njg4MTM2NjA1Nzg5MzQy&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rOFi6zTMnjQSX4OAnZZY3SAI2lKkIw1F6YlG5YhQ

Request Chain 155

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPZLOJjJkLyFX9NyFR6O74U&google_cver=1&google_push=AXcoOmRT2tZq9SHR7pUD5oguqlRA2uVu6fvHTccFgidrKNYBW8-y1CGpKUaYI0K-OmMA6ttOuHPyrFHSH4_NTErMyMa8g3bb1pE9-Ps HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWU4NjE3N2UtZTY2Mi00M2JjLWFkYmItNGI1ZjdlN2U4NjMy&google_push=AXcoOmRT2tZq9SHR7pUD5oguqlRA2uVu6fvHTccFgidrKNYBW8-y1CGpKUaYI0K-OmMA6ttOuHPyrFHSH4_NTErMyMa8g3bb1pE9-Ps HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 156

• https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELDLR03w2MOh1qA6S6W7RV0&google_cver=1&google_push=AXcoOmROHOz3HuM1cUBdVy8rHb0qFrOr4bVaSdwlG8oPm8BqWp-tCRjykZmtZvUjjMpgMVtn4Kbia9rCHyuUxZqmFQzAJFCXita5Tw HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELDLR03w2MOh1qA6S6W7RV0%26google_cver%3D1%26google_push%3DAXcoOmROHOz3HuM1cUBdVy8rHb0qFrOr4bVaSdwlG8oPm8BqWp-tCRjykZmtZvUjjMpgMVtn4Kbia9rCHyuUxZqmFQzAJFCXita5Tw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Nzg3MzY2NTI5Mjg2MTM5Mg%3D%3D&google_gid=CAESELDLR03w2MOh1qA6S6W7RV0&google_cver=1&google_push=AXcoOmROHOz3HuM1cUBdVy8rHb0qFrOr4bVaSdwlG8oPm8BqWp-tCRjykZmtZvUjjMpgMVtn4Kbia9rCHyuUxZqmFQzAJFCXita5Tw

Request Chain 158

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECA2xdh06COpyIl3hjM4aEw&google_cver=1&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz_4n28-qIVppnm8dPdR7Id_CNvBA HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECA2xdh06COpyIl3hjM4aEw&google_cver=1&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz_4n28-qIVppnm8dPdR7Id_CNvBA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwMzMxNTIxNjE3MTg1Mzc2Ng&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz_4n28-qIVppnm8dPdR7Id_CNvBA

Request Chain 160

• https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEvmhjPOefhhzB7fg4I1qOI&google_cver=1&google_push=AXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ HTTP 302
• https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699699501920 HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-45f2b3d4-3284-4aff-a54e-36dffbe2ec22-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ%26google_hm%3DA0Xys9QyhEr_pU423_vi7CI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ&google_hm=A0Xys9QyhEr_pU423_vi7CI

Request Chain 161

• https://cs.media.net/cksync?type=g&google_gid=CAESEAQgNjy9H8DMvwtECJtMyFU&google_cver=1&google_push=AXcoOmQSnrPcQSilj-kSCl7RwbCY2DwEFwYIsw5GCGd8cN8GMc6gN-PsG_fvPkfOC2hWa3Bect40Xps_l0bMd7HdHiupbKt5Bx3W9w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&mn_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQSnrPcQSilj-kSCl7RwbCY2DwEFwYIsw5GCGd8cN8GMc6gN-PsG_fvPkfOC2hWa3Bect40Xps_l0bMd7HdHiupbKt5Bx3W9w&gdpr=&gdpr_consent=

Request Chain 162

• https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDVl8IYz0vPsJcSGrZHhbA0&google_cver=1&google_push=AXcoOmTiMzwB2FK4gVV_9GAPSDukC5PmYjD3-Ik6CNuyTHEsJB81C6T3xANFaOCYSPHS15L4IIpzmWX2X34xSubIAAC0o1rcaLUegw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTiMzwB2FK4gVV_9GAPSDukC5PmYjD3-Ik6CNuyTHEsJB81C6T3xANFaOCYSPHS15L4IIpzmWX2X34xSubIAAC0o1rcaLUegw&google_hm=WlU5YkxzQ281dEVBQUs5dzUtTUFBQUFB

Request Chain 164

• https://sync.inmobi.com/gob?google_gid=CAESEFGRMANi53bd2__POikZnWg&google_cver=1&google_push=AXcoOmSO6fzs6DPAdqsZ1d1GUPen5VFtt_L-wnCQ8mQf1R4PNrBPzYEzGj3m3bOW-8UTJJqCQX-1aDyCsmR4JvPG9kdcu4EdsIvp3VE HTTP 302
• https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSO6fzs6DPAdqsZ1d1GUPen5VFtt_L-wnCQ8mQf1R4PNrBPzYEzGj3m3bOW-8UTJJqCQX-1aDyCsmR4JvPG9kdcu4EdsIvp3VE

Request Chain 186

• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ_664jiu4IDFWuW_Qcd2eUCSA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
• https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
• https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
• https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023111111450390459072117X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023111111450390459072117X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request XCvBJyPvB Show response cutsy.net/ Redirect Chain https://hananashaka-tech.com/ https://cuty.io/XCvBJyPvB https://cutsy.net/XCvBJyPvB	62 KB 19 KB	510ms 179ms	Document text/html	104.21.20.185 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.20.185 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e88487ffce1f3f6f9fd10250974f0a22032526c49893941bcf2f22110156e37 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control must-revalidate, no-cache, no-store, private cf-cache-status DYNAMIC cf-ray 8245f16b3aaa2c6b-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 11 Nov 2023 10:44:58 GMT expires -1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9TNQweWFMKxkW8NTdKao8MqMGYaG0XTJ7Atth3h%2F5kBObHQCOpiQg6ST3SYBegyhs27%2BnT9p%2BA%2BGwL%2BrXFawTAnCiViP39Slyk7d2Qt8Qq3Cz5nQZnz8pwJ56M%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN SAMEORIGIN Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, must-revalidate cf-cache-status DYNAMIC cf-ray 8245f16879816ae7-FRA content-type text/html; charset=UTF-8 date Sat, 11 Nov 2023 10:44:58 GMT expires -1 location https://cutsy.net/XCvBJyPvB nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juYyuV8nE5VTbXuqpkz1QwSi9N5SAQh8oy9sVHsk5CqOKuw2yI0oLj7UP0Uc0sv66AXiL6WtAv8YHLKatVKJr%2FnekoPB0tKf%2FxW8unrSLe2%2F8ip2cDB3%2F0XG"}],"group":"cf-nel","max_age":604800} server cloudflare x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	11 KB 1 KB	390ms 34ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash a5a263756e794d5ad9a686025bb4174bd55dbbca9635748b247a8a527e89354c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 11 Nov 2023 10:44:59 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 11 Nov 2023 09:33:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 11 Nov 2023 10:44:59 GMT
GET H2	200	public.css cdn.cuty.io/css/	51 KB 10 KB	50ms 49ms	Stylesheet text/css	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153037 cf-polished origSize=52548 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 28 Dec 2022 14:22:02 GMT server cloudflare etag W/"63ac510a-cd44" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpOLB6s7jgSfQfP8cwTiKno3DmbIsE6mqFQsZG4u2XCbgOz12WajXsFQHuj9jnoYS0u6zZVrL9CgnAcvKqqnllohPkfH8G0ZDgz3M3aYf48R1352tLeUykzdItk%2BHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 8245f16c6cd16ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	logo.svg cdn.cuty.io/images/shared/	6 KB 3 KB	49ms 48ms	Image image/svg+xml	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/logo.svg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:58 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:13:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 153038 etag W/"654d0525-175a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fk4a0Phpj8Ec%2Bs6p5JOTZWEzXbvKJ399TiNRI%2FwURJ7oO9FvWk5%2BIzSVYuRcLPHpgWgVMfu%2BNZVn0evv%2FJA7sghTObrpUqNl%2FEwQcTA%2Bn3dG1pm5%2Fia8JCcdO%2B926Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8245f16c6cd36ae7-FRA alt-svc h3=":443"; ma=86400 expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	locale-en.png cdn.cuty.io/images/shared/	24 KB 24 KB	70ms 70ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-en.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 24647 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-6047" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kftDod%2BhMb8zR6pTjjwj9IrsgyuIt0B%2FDzG9zUJgX%2BASs0ccjI%2BpwIBZtKV6mhSeBTXIJSB3i6MlwdHQpf3D1i6ijXFgnlaES%2FDZt2JfeIU0IF5JpWl9SZVC29bs6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16c6cd66ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	arrow-down.svg cdn.cuty.io/images/shared/	220 B 472 B	67ms 63ms	Image image/svg+xml	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/arrow-down.svg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:58 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:13:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 153037 etag W/"654d0525-dc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2YaxA0I%2BEjnnfynF6TfhT4rLjpMk1qYsLWo53ZM7iGZlKe0IMYhY6SyXgyzNF1Tk2ZiwXWY24S%2FzbAcMy%2FrUhLf5%2B6%2BWVFsk%2FC5wrRm5P9yMIXH3LSEfmKBeJduCw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8245f16c9cf86ae7-FRA alt-svc h3=":443"; ma=86400 expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	locale-es.png cdn.cuty.io/images/shared/	12 KB 13 KB	70ms 66ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-es.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:58 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 104625 alt-svc h3=":443"; ma=86400 content-length 12579 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-3123" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oI6oP5MNLtG6cAhllu6lVBNsL65jWxCzIVJMsxe8LXYw0wmeNDnVFxHtLpFfK%2BZlipxeR3f9WCFkScBYkJlBlATZtW3V0UUCzdCUw%2F9rJqZ7%2BkwreEEJw9vIpDpFIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16c9cfc6ae7-FRA expires Sat, 09 Nov 2024 05:41:13 GMT
GET H2	200	locale-ar.png cdn.cuty.io/images/shared/	50 KB 50 KB	71ms 67ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-ar.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153039 alt-svc h3=":443"; ma=86400 content-length 51070 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-c77e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jonn0ymNS0pcnysl5qvjviQdSCI0Hfol2iYDl%2FDurxh06MADJaQsQqnFDK8Hi2Na5Wg2MS9kDXl1RwOOYd17FPTIVnvTCK%2BGxMR8Z3SO3DVEP5vb%2BrpDFH8zHB1DQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16cbd276ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	locale-fr.png cdn.cuty.io/images/shared/	16 KB 16 KB	73ms 71ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-fr.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153039 alt-svc h3=":443"; ma=86400 content-length 16411 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-401b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0pj3Hd2GIBFy5L5cQeQwu3glNvLj2%2Fq6dq9SI%2Fcr6hNpsHACCsc81IuuVFxjovDbyn5ImMf79z1aULbucA4djTEtGKHJjrDlag9C7VE5onRFp4KkDoet57sooJSQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16cbd286ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	burger.svg cdn.cuty.io/images/shared/	207 B 467 B	73ms 70ms	Image image/svg+xml	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/burger.svg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:13:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 109849 etag W/"654d0525-cf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvnWQGXIK1ySQml3a3nQE6rWWh6KkvWsCnpyvJx9wg7Xa1bbIrGHZiwhOR6E7L0HsL04UlPtNBg2aNefgd5qlkjYpdIGFerqvOk%2F8QwSh51vwqG7bGidg5E%2FVOmkrQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8245f16cbd296ae7-FRA alt-svc h3=":443"; ma=86400 expires Sat, 09 Nov 2024 04:14:10 GMT
GET H2	200	x.svg cdn.cuty.io/images/shared/	209 B 543 B	72ms 69ms	Image image/svg+xml	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/x.svg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:13:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 153039 etag W/"654d0525-d1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KDySTOOJr0ceUb0BoBSL5XjYoSmZWmBzH%2B2gnDe%2F2bcaNbuOletxNgKPJM1ZMMdqMRWc0LKrDyf9sGIBq22r2tHDIiEf%2B8ZfFlvVIDsQ%2Fu8KmPppBSKjOlx4hvKnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8245f16cbd2a6ae7-FRA alt-svc h3=":443"; ma=86400 expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	facebook-icon.png cdn.cuty.io/images/shared/	409 B 786 B	133ms 131ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/facebook-icon.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153039 alt-svc h3=":443"; ma=86400 content-length 409 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-199" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqsdoqHv1WwgtFxYinUe4whctQndwo1jJT95Lp5i8U2JWMgC1wEJJI4fWUC26nJnexvKNp2eDRKD6XXtHT53qDp4kd6UGhTcIz6LGgsWc%2BRnyXrvJ6BmyBG%2FlqCAYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16cbd2b6ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	twitter-icon.png cdn.cuty.io/images/shared/	809 B 1 KB	75ms 73ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/twitter-icon.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 809 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-329" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS7UeGaK3GtXulEjDPG5UW7Cdznw%2BjT3HllzR8Jg%2F70aGlDJ2kzYEU6A3MHWqBHAGLYJzhIjGmt4AIVJbI%2BAFf%2B6xmLmg4ecLzOH%2BJ%2FoPTFRTbxNyc12ef1suf8B4A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16cbd2d6ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	linkedin-icon.png cdn.cuty.io/images/shared/	222 KB 223 KB	77ms 75ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/linkedin-icon.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 227769 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-379b9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgBa%2BnbQMn4VgWcypn7i3ZmAPGAWQiV77LtB1X%2FnvdRIjxLuk6cLfqT8tdKmKfDSMcTXk6Ps2LJhk6U7%2FO1GHYNmVVpogpIK0N73DyuFsIbNSWTBfSdeKUr7FOVZOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16cbd2e6ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H/1.1	200 OK	60028 Show response forbidcrenels.com/1clkn/	6 B 1 KB	104ms 31ms	Script application/javascript	142.91.159.88 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://forbidcrenels.com/1clkn/60028 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 142.91.159.88 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Sat, 11 Nov 2023 10:44:59 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=1 Server nginx Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Connection keep-alive Keep-Alive timeout=20
GET H2	200	6534223 Show response glersakr.com/5/	70 KB 27 KB	211ms 81ms	Script application/javascript	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://glersakr.com/5/6534223 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash f9bca00fc0d9138a70397b89e77dd051757ca33d6310cfbb037f2944290da84b Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding gzip x-trace-id 276bca5fa97bdfe708485b94b39934cf pragma no-cache, no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	step-1.svg cdn.cuty.io/images/public/	2 KB 875 B	75ms 73ms	Image image/svg+xml	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/step-1.svg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:13:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 103943 etag W/"654d0525-658" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KckL7h3alq%2B3opRC6ybmtfzGNBlAjqV6acJoLLg8YI1dGIf63NVqae7o4bRWdhC4K5vZIsJEMOXANFBz6WgvcYQE9iv5XjRQVTv%2BvwzEhjtP86encu8JYuW0anR0HQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8245f16cbd2f6ae7-FRA alt-svc h3=":443"; ma=86400 expires Sat, 09 Nov 2024 05:52:36 GMT
GET H2	200	step-2.svg cdn.cuty.io/images/public/	2 KB 962 B	76ms 74ms	Image image/svg+xml	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/step-2.svg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:13:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 118269 etag W/"654d0525-607" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hp7rCRb4NOOGG8fwUX6b%2Bq%2Fsx5eRJMeHPoBSnS4FQb%2FOqSVaYsTbfemAHk2mRbzX5P7Z3nGwQ0GsXJsedRqBLQy2W1K1NeyxWakwMpQPvcp5W38m%2FfJLOYrcSOEnYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8245f16cbd306ae7-FRA alt-svc h3=":443"; ma=86400 expires Sat, 09 Nov 2024 01:53:50 GMT
GET H2	200	step-3.svg cdn.cuty.io/images/public/	1 KB 728 B	76ms 74ms	Image image/svg+xml	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/step-3.svg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:13:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 153039 etag W/"654d0525-45b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hox8MVNjZQhG6zmqcf1yyfawv0Qsc2UdheHs1sA2iSe5kZs7XCloeUZu7nmvISP2zdh3F4KKeWrAc76k4Jva3JAHawAjPLaef%2B%2Ftni6bn5VHZruF%2B0wf7wrb%2Bvtsg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8245f16cbd326ae7-FRA alt-svc h3=":443"; ma=86400 expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	money-tree.png cdn.cuty.io/images/public/	27 KB 27 KB	134ms 132ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/money-tree.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 27646 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-6bfe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPUSwu0fdBKuyZJcWx2kXcNlYdYlbQbVfC6MQg57K8gud9EMvIz9gZPggtYTABcLAvVS9Ycfv45n1KH4EY9Gv6Ti87%2FHo8j8b2h2IoibUogKUsXdc5YgoePmugGrVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd3b6ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	bitcoin.png cdn.cuty.io/images/public/	30 KB 30 KB	205ms 203ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/bitcoin.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 30766 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-782e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4exakaq9xwzFX%2BzvQvLr1L0sLkbd2DcBMqs4z5ZMVgpMjWIB3VTALKH1WmiuFMEC2BvMvCSjLOBGJxSI8%2FnJwkYEGivCF7vkZsK9G1f0suzxgTn4wFdY0TuybEACxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd3c6ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	payeer.png cdn.cuty.io/images/public/	1 KB 2 KB	183ms 181ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/payeer.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 1390 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-56e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXYdt8%2BhjzLhgLi8D6HPUG%2BmxhuHFAX2DXKQlaH2%2Be6CTUUNMMs23gMpqAcgYM9ss0bWMQFBC8hnt7xtIGkfUCryC2KHVbNLZ7oV%2ByYYTLrEC7hzPB0CJ3SSxGyR6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd3e6ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	paypal.png cdn.cuty.io/images/public/	24 KB 24 KB	184ms 182ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/paypal.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153039 alt-svc h3=":443"; ma=86400 content-length 24721 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-6091" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hxPxpvaHnPbFouiQQ2yoSb1Pc%2FgUH5k6NAbwYG6Qsy992Yoyuae6JvC8C86i5IZs%2FwDv8Z5YN0HjB59os88l%2FVVcSt%2FxxmdWJmUBLJzaETKLKbpNDAG3dNIp3ApcQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd3f6ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	perfectMoney.png cdn.cuty.io/images/public/	198 KB 198 KB	203ms 201ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/perfectMoney.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 24471 alt-svc h3=":443"; ma=86400 content-length 202386 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-31692" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0oGMzkGG4roonq9%2FHmdofkcOX3nznaUMvGR0sKT3jm3JbnDpnQBe71BlGUddJ4PS4Af4myPpbWBaHxSW1LEcTQXuN3rk4CKEhzkA86D8v%2BPgAW3e3X4Bn7r9qaPbA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd416ae7-FRA expires Sun, 10 Nov 2024 03:57:08 GMT
GET H2	200	advcash.png cdn.cuty.io/images/public/	8 KB 8 KB	202ms 201ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/advcash.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 8141 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-1fcd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY6dEYGHJlY0TYQXHkrLD5v4OrPSnyFCg5fixQ59PSNtmmCGu3%2BYW0FIyZQN5sRi7hIQal64fcikQjpLpWTYt9svO%2Fe%2BaYMV6FWu2ZMLA3%2BwYmncxu9pcuC4STfDjw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd426ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	airtm.png cdn.cuty.io/images/public/	2 KB 2 KB	204ms 203ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/airtm.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153038 alt-svc h3=":443"; ma=86400 content-length 1558 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-616" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chsJYhZeHkXMAaRWmM6tNflSDg9bdjRFpLVg34otPOYhNlQVxm0eZSIBC4dsKiJ0VRe6uCpw766w2LsIA9jQyA1rZvKqWpiign%2BOZLLivcoO7ZIrVWCa%2FLEnjAVQQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd436ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	usdt.png cdn.cuty.io/images/public/	66 KB 66 KB	177ms 176ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/usdt.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bba0f811185072747208aa5d22793e3fa0c8f4048a5496553872f452845c0376 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153039 alt-svc h3=":443"; ma=86400 content-length 67278 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-106ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=016i4c2Gw%2BY2YnGT6AfwI5aAnahSmRs6fL5iDSSC8%2BqpOrxlUZOq6ZuNsJ1ybtzHks%2Blh4Yot5WYE4OBKhDcSiTOcnLSnHHkdzYSMlIA6c0jwIOGtnXGRQ2aQ5t4%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16ccd446ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	base.js Show response cdn.cuty.io/js/layouts/	104 KB 38 KB	71ms 67ms	Script application/javascript	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/layouts/base.js?id=0dbb3b1a5b8fdf23f6a11f8056879d42 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d334c60de2c9c9504e21117142954a92e10a93e70921afeccb1e996ee463c24 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:58 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153037 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag W/"654d0525-1a036" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfRe9g7SGnMF9do2yP0iwN2DumWXNqFb%2BbjFYkMXCmyKgSi7mK1g5abJ1NRztL%2FrGV1Je2qjr2GdnfTRTzsEiUs3kcL1LnFbUze%2F2yaGafaPwb1oOs2p%2BKPBWUO5UQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8245f16c9cff6ae7-FRA expires Fri, 08 Nov 2024 16:14:21 GMT
GET H2	200	first.js Show response cdn.cuty.io/js/public/links/	23 KB 8 KB	204ms 203ms	Script application/javascript	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/public/links/first.js?id=0c8c578a52a38d07be1e2e04379b2785 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b26468b48c30a73409f9260de0b72daf7beebae3f77e371bbe583c3f08c892b Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 101839 cf-polished origSize=23979 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag W/"654d0525-5dab" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8xrFQTGeH56oR2mYrudFVZT7ZC29iHjNHMva643dgks1LHevRDQ3W8SrCE2BPeGYtWCTlN%2BG5EdDcujNZkES7R9lq3jxENeZH8M10Zff6Q7WHFEzSdqpXcM5YNRXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8245f16ccd466ae7-FRA expires Sat, 09 Nov 2024 06:27:40 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	354ms 19ms	Script text/javascript	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software GSE / Resource Hash 7434307d32a6a0078240769f36e53e9e910a662c73b6195d6f8e0195df78e759 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Sat, 11 Nov 2023 10:44:59 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	249 KB 86 KB	410ms 41ms	Script application/javascript	216.58.212.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f136.1e100.net Software Google Tag Manager / Resource Hash 8d329c6821df010a8de39f876a17886a3634a73bf2a22bc0988f84da5ac58d32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88160 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 11 Nov 2023 10:44:59 GMT
GET H2	200	nav-links.js Show response cdn.cuty.io/js/public/layouts/_partials/	3 KB 1 KB	201ms 200ms	Script application/javascript	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=0b6cd2e4bcfbf719fc8b516ace1e2d04 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65d66e30eb5d04f338a6953963c46f28d4bb63d3183a13f47516c315621af600 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153039 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag W/"654d0525-bf2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgTEy54%2B1%2BAxz5%2FAN1okE%2BI6B1iW6MfRutH9l%2BktEOEt5Ed15KQRNXHxaMrCmHLqVT9hwJa%2FvZKpinI5sL2RtuVEX9Q93OtnVoXe0ytD56mvYD7JX52ODg%2F3nQ7Xvg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8245f16ccd476ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	app.js Show response cdn.cuty.io/js/public/layouts/	336 KB 99 KB	205ms 204ms	Script application/javascript	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/public/layouts/app.js?id=fc53f269994622c629f1827dd0fb6f4f Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 943d3702dc9d01420c846d3e3812940ab45abf36839603b75c23e5fe67d4092a Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 117849 cf-polished origSize=344134 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag W/"654d0525-54046" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftZOjDIjk%2F2fD0QKUBFGAzdVD5u2b6moMCgochf67B6gtKWgKJfHpS7x00Ckxxc1m%2FQwfnC4tCT%2Fv78j75z2%2BSQGDQSH6G5b2vWxRjQROhLkb%2BZjS002SCz5mTr7dw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8245f16ccd486ae7-FRA expires Sat, 09 Nov 2024 02:00:50 GMT
GET H2	200	up.js Show response live.demand.supply/	5 KB 3 KB	670ms 303ms	Script application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/up.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88c4cd8dda2accfebbd8ed44a708bd734c6198795235d076b3011f317f72423a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HEY2HX5G83NXCEFDRVD3VJAG date Sat, 11 Nov 2023 10:44:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT age 378 cf-polished origSize=4807 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"e752da79a938607a4d765d2e974783b8-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=1200,must-revalidate,stale-while-revalidate=3600 cf-ray 8245f16edd611c30-FRA link <https://live.demand.supply/impl.v17.19.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/Y3V0c3kubmV0Lw==>; rel=preload; as=script timing-allow-origin *
GET H2	200	heading-background.png cdn.cuty.io/images/public/	105 KB 105 KB	183ms 182ms	Image image/png	172.67.139.32 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/heading-background.png Requested by Host: cdn.cuty.io URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15e9a191aef4c2d8d504df2367c89aaf857ca48862b098746fa1f524e3c8fa00 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 153039 alt-svc h3=":443"; ma=86400 content-length 107203 last-modified Thu, 09 Nov 2023 16:13:25 GMT server cloudflare etag "654d0525-1a2c3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1RwkkW4TfroDazgn6mwQ4UvskHigtlDjnQMZPR51JaqAq5CILD7f8wEyrtxF%2BNjug1IymjJV4O%2FjFfhqGOZxqFTLf6pTmzb8kEP3ZKoOiDSlDOMfGtlnBwCT1%2Ffkw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8245f16cdd5b6ae7-FRA expires Fri, 08 Nov 2024 16:14:20 GMT
GET H2	200	1 Show response cameesse.net/	42 KB 16 KB	155ms 59ms	Script text/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/1?z=6537682 Requested by Host: glersakr.com URL: https://glersakr.com/5/6534223 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9e18f32ac3d3792f136f60ccf5c6ba804e699561d590e9abce5733ee4c15e3eb Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-trace-id 964c80a4cb55817121a38c07ea1091f8 pragma no-cache date Sat, 11 Nov 2023 10:44:59 GMT content-encoding gzip x-sc 58XXBjfd1i6DGIoXWd_BTPQ2UEuTXLfyZ3tgMErp0kFgZRptg0X23TBw9sVbQvdjxitfJVgoRJvimwcOETDDcalwgFY= server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 540 B	89ms 26ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=874592be99674be2b8875df2c4e93667 Requested by Host: glersakr.com URL: https://glersakr.com/5/6534223 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 948d0496bc10786969547426cdcdf63aa85022c1ab632aa8a1ce46cac825e651 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://cutsy.net access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	/ Show response glersakr.com/	2 KB 3 KB	175ms 174ms	Fetch application/json	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://glersakr.com/?rb=_XAO4H2H1HuPuhrXvr8R_6LqUUweWfpXAShEw52GOWNykasxMDpQX3-3v97r5wbOlF4G5xke8M4TTqVSnhoKj_jOSk3OatBzbqrgxMP0w34k_zhNhr2GZK6Cp8bnKGKdeCvRYpRy6a9px-2Y5PRrd5Q3s6Vk_mCARyxPTLMe2HYRanCxwEeUUDpzgY2h6u3NuGn5lQS4Bwdi0XTi8zj8D6bpBrWnOII628YqXB4CFTH6zmdZ96g7fAEphESXPTkDCPAqN-GGIFRtPypx0ltVVA%3D%3D&request_ab2=0&zoneid=6534223&js_build=iclick-1.626.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-1.626.0&bs=84a45583-91e0-4e63-a8ba-31bb73bd4648&userId=874592be99674be2b8875df2c4e93667&m=link Requested by Host: glersakr.com URL: https://glersakr.com/5/6534223 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 055a6cf6a319fbad8e5b45433f6e954740d9395f82b481ca8c12dc4a1fea9234 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 1d5bd94ef5140cbbd15eb664b712a6b2 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://cutsy.net cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/	470 KB 189 KB	360ms 20ms	Script text/javascript	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 17:09:05 GMT content-encoding gzip x-content-type-options nosniff age 63354 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192495 x-xss-protection 0 last-modified Mon, 06 Nov 2023 03:03:27 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 09 Nov 2024 17:09:05 GMT
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	450ms 114ms	Fetch text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: cdn.cuty.io URL: https://cdn.cuty.io/js/public/links/first.js?id=0c8c578a52a38d07be1e2e04379b2785 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52788 x-xss-protection 0 server cafe etag 16356934650149598640 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 11 Nov 2023 10:44:59 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	464ms 71ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 20:16:09 GMT x-content-type-options nosniff age 138530 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Nov 2024 20:16:09 GMT
GET H2	200	34140bf7a9bfababc041a6dd34e08b17 Show response cameesse.net/27/	403 KB 128 KB	56ms 55ms	Script application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/27/34140bf7a9bfababc041a6dd34e08b17 Requested by Host: cameesse.net URL: https://cameesse.net/1?z=6537682 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash cbc0e6c0446c61080c87d5c5bdd7c4526cccd9671beeaf9312c090173f41f8bb Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-trace-id 1fc6cbdc02431e275e32001a2a049b6d date Sat, 11 Nov 2023 10:44:59 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Tue, 07 Nov 2023 08:53:13 GMT server nginx content-encoding gzip access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control max-age:290304000, public access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Tue, 07 Dec 2083 08:53:13 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 249 B	451ms 28ms	Ping text/plain	216.239.34.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=45je3b81v869225560&_p=1699699499326&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1496705362.1699699499&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699699499&sct=1&seg=0&dl=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20cuty.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1898 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:44:59 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutsy.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	9 cameesse.net/ Frame	0 0	47ms 14ms	Preflight	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/9?z=6537682&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=874592be99674be2b8875df2c4e93667 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://cutsy.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://cutsy.net cache-control no-store, no-cache, must-revalidate, max-age=0 date Sat, 11 Nov 2023 10:44:59 GMT expires Mon, 26 Jul 1997 05:00:00 GMT pragma no-cache server nginx
POST H2	200	9 Show response cameesse.net/	7 KB 4 KB	73ms 72ms	XHR application/json	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/9?z=6537682&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=874592be99674be2b8875df2c4e93667 Requested by Host: cameesse.net URL: https://cameesse.net/27/34140bf7a9bfababc041a6dd34e08b17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1d2b995c1e3e5f1569b3bab16cb4cd114e5b905658f2f9bb05257ce7023e215d Request headers Referer https://cutsy.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type application/json Response headers x-trace-id 44f66b620ceb45ad78e41667ca5ad1d0 pragma no-cache date Sat, 11 Nov 2023 10:44:59 GMT content-encoding gzip server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin https://cutsy.net access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	impl.v17.19.2.js Show response live.demand.supply/	84 KB 27 KB	164ms 153ms	Script application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v17.19.2.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b81e735a078ffd44b5d082b9ac5a4a58e8811d1c30402084adf606fc97c82c6d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HEWRANSJQPMBA6RQDBJ6WE4H date Sat, 11 Nov 2023 10:44:59 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT age 74890 cf-polished origSize=85684 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"4d9bcc2df1cf54b71b850f21a4844261-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 8245f170df661c30-FRA
GET H2	200	Y3V0c3kubmV0Lw== Show response live.demand.supply/p4/v17-10-0/	981 B 623 B	238ms 229ms	Script text/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v17-10-0/Y3V0c3kubmV0Lw== Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8bd09af55f1b7ae0a051fabad5732080ffa83b074f0c1b7bb24730849ca366b Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 8245f170df671c30-FRA alt-svc h3=":443"; ma=86400
HEAD H2	200	e.js Show response live.demand.supply/e/	0 272 B	377ms 48ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?e=ll&d=672&cs=c&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT age 895619 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f172da452c4d-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	103 KB 32 KB	483ms 139ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash bd04f35eb771e162d60f54e28cc21527eba95d8d1613b0f50d2e52d0e1b8c29e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31838 x-xss-protection 0 server cafe etag 744 / 19672 / 31079591 / config-hash: 5108900474499610176 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 11 Nov 2023 10:45:00 GMT
GET H2	200	Y3V0c3kubmV0L1hDdkJKeVB2Qg== Show response live.demand.supply/p4/v17-10-0/	2 KB 909 B	266ms 262ms	Script text/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v17-10-0/Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30c474d0efa0fbdefb76e5490b8c054ecf0d283aa56535caf0f44b24d5159f16 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 8245f170df6d1c30-FRA alt-svc h3=":443"; ma=86400
GET H2	200	ds.2.html Show response live.demand.supply/	413 B 527 B	373ms 49ms	XHR text/html	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/ds.2.html Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5R8QK0MP1GDFQXMF8TT088 date Sat, 11 Nov 2023 10:44:59 GMT content-encoding br cf-cache-status HIT server cloudflare age 894365 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 8245f172da4b2c4d-FRA alt-svc h3=":443"; ma=86400
GET H2	200	11 Show response cameesse.net/	0 592 B	66ms 66ms	XHR image/jpeg	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/11?rnd=3991878700&z=6537682&b=19530686&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=RY1Kqj4Xk8Ez0aQZ4IuMDt0VXLoBBG_IZPK3OkX_oe_VWTn-LHUZFez_nXpRhqTL5urcxeYKx3VtkA9-KugS-98HooYDqS7fwUdnhsZMhoMgcu8ax5XDfiAKyFuxhZwu-lRIMmzpYwyQlaWOnxrxkTc-hcYgdbz_6oLWhlqpTReECPnRcNvtGHk03irvB9HBrD2TzY3AMLDcRzTBuhStgC5s4LT8xj0l0dsRMpunD9SoFilpoccHTyhYv7l7sJM3ph5WGRT5k61rusmqAoIMmuiHXmrKpf-R1lQ_WJELTX0tnvb1z749qd8q9rSDbl8ntfNvVUS55-bbOaK4B3f7dgMyvkvLihLlE9qqWeI2BF8YbeRQ8oC-7yAudxC5WjMZ67Yd03AD868wtcOIeIt1OLHZMjrMOUNxumy_ksFWNo0UsarCNSSqCsjFHXlwKWB4kHNbSYaDlkE3MVlMFlLxvNhgveOkMkVuTVx7F-Filbs_dyw8vhyg1LpuShlxwhIJLkeBYAeEy4W7k1CBJtK7HXLQxhubQEWNjocbkFdOJjcpAmLIG2Io0J_NoP0N3UBzbHPV07fshHVsg2x_Xp6usj6bIvonyTyfsgm3iTyJqrKS-Ov19fTsxzMut6SH449KKBglJyVi8MQXLRdSGDvdccYpQ88ndQPnPgFooNenEMI5ZULxohq8yPDolwY9Xq8SfuHz_LDA1md2dGsr7tNjO-kEqeRCUc42lewUHPGeJbuEKM8lKoxvz51klGL3hfnJENAInk0oDr_JzhqJL4sBDXMToQx9pboc70aRt9Mtp4RvoolBGSFiMXPsIBVHczD-hjejB3bR9J2wodnI2CIxMHj4Av91P9hY00n1R8xguT_oIroBVrKqccxD1vq_NiqT9Z65VXAlIKfp5c-8LnEV6chyyuSR_WbOUyeyIaFHaJw=&ruid=55e8893a-4d9d-4ea2-a317-a465d62c4d1f&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=124 Requested by Host: cameesse.net URL: https://cameesse.net/27/34140bf7a9bfababc041a6dd34e08b17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-trace-id 2842e5c198107ba5fc7c11968269518e pragma no-cache date Sat, 11 Nov 2023 10:44:59 GMT server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/jpeg access-control-allow-origin https://cutsy.net access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace content-length 0 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ Show response interbuzznews.com/ Frame 9213	53 KB 8 KB	141ms 77ms	Document text/html	139.45.197.154 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://interbuzznews.com/?l=REfvCpTGmUd3Oe7&cd_meta_crid=387600&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1409904604%26z%3D6537682%26b%3D19530686%26c%3D7630840%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fstragtegytracking.com%252Findex.php%253Fcid%253D0zp61xmzgurcd3act4wdetqxnit5od55%2526visitor_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%2526zoneid%253D%257Bzoneid%257D%2526campaignid%253D%257Bcampaignid%257D%2526device%253D%257Bdevice%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526osversion%253D%257Bosversion%257D%2526country%253D%257Bcountry%257D%2526language%253D%257Blanguage%257D%2526isp%253D%257Bisp%257D%2526user_activity%253D%257Buser_activity%257D%26cln%3D1%26btp%3D7%26rb%3DRY1Kqj4Xk8Ez0aQZ4IuMDt0VXLoBBG_IZPK3OkX_oe_VWTn-LHUZFez_nXpRhqTL5urcxeYKx3VtkA9-KugS-98HooYDqS7fwUdnhsZMhoMgcu8ax5XDfiAKyFuxhZwu-lRIMmzpYwyQlaWOnxrxkTc-hcYgdbz_6oLWhlqpTReECPnRcNvtGHk03irvB9HBrD2TzY3AMLDcRzTBuhStgC5s4LT8xj0l0dsRMpunD9SoFilpoccHTyhYv7l7sJM3ph5WGRT5k61rusmqAoIMmuiHXmrKpf-R1lQ_WJELTX0tnvb1z749qd8q9rSDbl8ntfNvVUS55-bbOaK4B3f7dgMyvkvLihLlE9qqWeI2BF8YbeRQ8oC-7yAudxC5WjMZ67Yd03AD868wtcOIeIt1OLHZMjrMOUNxumy_ksFWNo0UsarCNSSqCsjFHXlwKWB4kHNbSYaDlkE3MVlMFlLxvNhgveOkMkVuTVx7F-Filbs_dyw8vhyg1LpuShlxwhIJLkeBYAeEy4W7k1CBJtK7HXLQxhubQEWNjocbkFdOJjcpAmLIG2Io0J_NoP0N3UBzbHPV07fshHVsg2x_Xp6usj6bIvonyTyfsgm3iTyJqrKS-Ov19fTsxzMut6SH449KKBglJyVi8MQXLRdSGDvdccYpQ88ndQPnPgFooNenEMI5ZULxohq8yPDolwY9Xq8SfuHz_LDA1md2dGsr7tNjO-kEqeRCUc42lewUHPGeJbuEKM8lKoxvz51klGL3hfnJENAInk0oDr_JzhqJL4sBDXMToQx9pboc70aRt9Mtp4RvoolBGSFiMXPsIBVHczD-hjejB3bR9J2wodnI2CIxMHj4Av91P9hY00n1R8xguT_oIroBVrKqccxD1vq_NiqT9Z65VXAlIKfp5c-8LnEV6chyyuSR_WbOUyeyIaFHaJw%3D%26bag%3DUjBindITRhUpo44JxTAQQSgpVVLtp3VG%26ruid%3D55e8893a-4d9d-4ea2-a317-a465d62c4d1f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fcutsy.net%252FXCvBJyPvB%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 Requested by Host: cameesse.net URL: https://cameesse.net/27/34140bf7a9bfababc041a6dd34e08b17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.154 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / PHP/7.4.33 Resource Hash 98220ae1bdead777dbbebfc0de34f52252d7bc42c29ab95230002c6925b7ed0b Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range access-control-allow-methods GET, POST, OPTIONS, HEAD access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-encoding br content-type text/html; charset=UTF-8 date Sat, 11 Nov 2023 10:44:59 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	01554405595285.jpeg interbuzznews.com/contents/s/fc/d8/c9/22cc10b3d2526eb5cb2f787f68/ Frame 9213	14 KB 14 KB	18ms 17ms	Image image/jpeg	139.45.197.154 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://interbuzznews.com/contents/s/fc/d8/c9/22cc10b3d2526eb5cb2f787f68/01554405595285.jpeg Requested by Host: interbuzznews.com URL: https://interbuzznews.com/?l=REfvCpTGmUd3Oe7&cd_meta_crid=387600&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1409904604%26z%3D6537682%26b%3D19530686%26c%3D7630840%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fstragtegytracking.com%252Findex.php%253Fcid%253D0zp61xmzgurcd3act4wdetqxnit5od55%2526visitor_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%2526zoneid%253D%257Bzoneid%257D%2526campaignid%253D%257Bcampaignid%257D%2526device%253D%257Bdevice%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526osversion%253D%257Bosversion%257D%2526country%253D%257Bcountry%257D%2526language%253D%257Blanguage%257D%2526isp%253D%257Bisp%257D%2526user_activity%253D%257Buser_activity%257D%26cln%3D1%26btp%3D7%26rb%3DRY1Kqj4Xk8Ez0aQZ4IuMDt0VXLoBBG_IZPK3OkX_oe_VWTn-LHUZFez_nXpRhqTL5urcxeYKx3VtkA9-KugS-98HooYDqS7fwUdnhsZMhoMgcu8ax5XDfiAKyFuxhZwu-lRIMmzpYwyQlaWOnxrxkTc-hcYgdbz_6oLWhlqpTReECPnRcNvtGHk03irvB9HBrD2TzY3AMLDcRzTBuhStgC5s4LT8xj0l0dsRMpunD9SoFilpoccHTyhYv7l7sJM3ph5WGRT5k61rusmqAoIMmuiHXmrKpf-R1lQ_WJELTX0tnvb1z749qd8q9rSDbl8ntfNvVUS55-bbOaK4B3f7dgMyvkvLihLlE9qqWeI2BF8YbeRQ8oC-7yAudxC5WjMZ67Yd03AD868wtcOIeIt1OLHZMjrMOUNxumy_ksFWNo0UsarCNSSqCsjFHXlwKWB4kHNbSYaDlkE3MVlMFlLxvNhgveOkMkVuTVx7F-Filbs_dyw8vhyg1LpuShlxwhIJLkeBYAeEy4W7k1CBJtK7HXLQxhubQEWNjocbkFdOJjcpAmLIG2Io0J_NoP0N3UBzbHPV07fshHVsg2x_Xp6usj6bIvonyTyfsgm3iTyJqrKS-Ov19fTsxzMut6SH449KKBglJyVi8MQXLRdSGDvdccYpQ88ndQPnPgFooNenEMI5ZULxohq8yPDolwY9Xq8SfuHz_LDA1md2dGsr7tNjO-kEqeRCUc42lewUHPGeJbuEKM8lKoxvz51klGL3hfnJENAInk0oDr_JzhqJL4sBDXMToQx9pboc70aRt9Mtp4RvoolBGSFiMXPsIBVHczD-hjejB3bR9J2wodnI2CIxMHj4Av91P9hY00n1R8xguT_oIroBVrKqccxD1vq_NiqT9Z65VXAlIKfp5c-8LnEV6chyyuSR_WbOUyeyIaFHaJw%3D%26bag%3DUjBindITRhUpo44JxTAQQSgpVVLtp3VG%26ruid%3D55e8893a-4d9d-4ea2-a317-a465d62c4d1f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fcutsy.net%252FXCvBJyPvB%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.154 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 03838d106d6d4ed109a7b3f5049f49fd407108a0663289ee3757edaa43f5e8cc Request headers accept-language de-DE,de;q=0.9 Referer https://interbuzznews.com/?l=REfvCpTGmUd3Oe7&cd_meta_crid=387600&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1409904604%26z%3D6537682%26b%3D19530686%26c%3D7630840%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fstragtegytracking.com%252Findex.php%253Fcid%253D0zp61xmzgurcd3act4wdetqxnit5od55%2526visitor_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%2526zoneid%253D%257Bzoneid%257D%2526campaignid%253D%257Bcampaignid%257D%2526device%253D%257Bdevice%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526osversion%253D%257Bosversion%257D%2526country%253D%257Bcountry%257D%2526language%253D%257Blanguage%257D%2526isp%253D%257Bisp%257D%2526user_activity%253D%257Buser_activity%257D%26cln%3D1%26btp%3D7%26rb%3DRY1Kqj4Xk8Ez0aQZ4IuMDt0VXLoBBG_IZPK3OkX_oe_VWTn-LHUZFez_nXpRhqTL5urcxeYKx3VtkA9-KugS-98HooYDqS7fwUdnhsZMhoMgcu8ax5XDfiAKyFuxhZwu-lRIMmzpYwyQlaWOnxrxkTc-hcYgdbz_6oLWhlqpTReECPnRcNvtGHk03irvB9HBrD2TzY3AMLDcRzTBuhStgC5s4LT8xj0l0dsRMpunD9SoFilpoccHTyhYv7l7sJM3ph5WGRT5k61rusmqAoIMmuiHXmrKpf-R1lQ_WJELTX0tnvb1z749qd8q9rSDbl8ntfNvVUS55-bbOaK4B3f7dgMyvkvLihLlE9qqWeI2BF8YbeRQ8oC-7yAudxC5WjMZ67Yd03AD868wtcOIeIt1OLHZMjrMOUNxumy_ksFWNo0UsarCNSSqCsjFHXlwKWB4kHNbSYaDlkE3MVlMFlLxvNhgveOkMkVuTVx7F-Filbs_dyw8vhyg1LpuShlxwhIJLkeBYAeEy4W7k1CBJtK7HXLQxhubQEWNjocbkFdOJjcpAmLIG2Io0J_NoP0N3UBzbHPV07fshHVsg2x_Xp6usj6bIvonyTyfsgm3iTyJqrKS-Ov19fTsxzMut6SH449KKBglJyVi8MQXLRdSGDvdccYpQ88ndQPnPgFooNenEMI5ZULxohq8yPDolwY9Xq8SfuHz_LDA1md2dGsr7tNjO-kEqeRCUc42lewUHPGeJbuEKM8lKoxvz51klGL3hfnJENAInk0oDr_JzhqJL4sBDXMToQx9pboc70aRt9Mtp4RvoolBGSFiMXPsIBVHczD-hjejB3bR9J2wodnI2CIxMHj4Av91P9hY00n1R8xguT_oIroBVrKqccxD1vq_NiqT9Z65VXAlIKfp5c-8LnEV6chyyuSR_WbOUyeyIaFHaJw%3D%26bag%3DUjBindITRhUpo44JxTAQQSgpVVLtp3VG%26ruid%3D55e8893a-4d9d-4ea2-a317-a465d62c4d1f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fcutsy.net%252FXCvBJyPvB%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT last-modified Thu, 09 Nov 2023 10:39:39 GMT server nginx etag "654cb6eb-3750" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/jpeg access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 14160
GET H2	200	01638064885891.png interbuzznews.com/contents/s/26/c3/a2/e799659fd74481b119ac32e30e/ Frame 9213	57 KB 58 KB	24ms 24ms	Image image/png	139.45.197.154 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://interbuzznews.com/contents/s/26/c3/a2/e799659fd74481b119ac32e30e/01638064885891.png Requested by Host: interbuzznews.com URL: https://interbuzznews.com/?l=REfvCpTGmUd3Oe7&cd_meta_crid=387600&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1409904604%26z%3D6537682%26b%3D19530686%26c%3D7630840%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fstragtegytracking.com%252Findex.php%253Fcid%253D0zp61xmzgurcd3act4wdetqxnit5od55%2526visitor_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%2526zoneid%253D%257Bzoneid%257D%2526campaignid%253D%257Bcampaignid%257D%2526device%253D%257Bdevice%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526osversion%253D%257Bosversion%257D%2526country%253D%257Bcountry%257D%2526language%253D%257Blanguage%257D%2526isp%253D%257Bisp%257D%2526user_activity%253D%257Buser_activity%257D%26cln%3D1%26btp%3D7%26rb%3DRY1Kqj4Xk8Ez0aQZ4IuMDt0VXLoBBG_IZPK3OkX_oe_VWTn-LHUZFez_nXpRhqTL5urcxeYKx3VtkA9-KugS-98HooYDqS7fwUdnhsZMhoMgcu8ax5XDfiAKyFuxhZwu-lRIMmzpYwyQlaWOnxrxkTc-hcYgdbz_6oLWhlqpTReECPnRcNvtGHk03irvB9HBrD2TzY3AMLDcRzTBuhStgC5s4LT8xj0l0dsRMpunD9SoFilpoccHTyhYv7l7sJM3ph5WGRT5k61rusmqAoIMmuiHXmrKpf-R1lQ_WJELTX0tnvb1z749qd8q9rSDbl8ntfNvVUS55-bbOaK4B3f7dgMyvkvLihLlE9qqWeI2BF8YbeRQ8oC-7yAudxC5WjMZ67Yd03AD868wtcOIeIt1OLHZMjrMOUNxumy_ksFWNo0UsarCNSSqCsjFHXlwKWB4kHNbSYaDlkE3MVlMFlLxvNhgveOkMkVuTVx7F-Filbs_dyw8vhyg1LpuShlxwhIJLkeBYAeEy4W7k1CBJtK7HXLQxhubQEWNjocbkFdOJjcpAmLIG2Io0J_NoP0N3UBzbHPV07fshHVsg2x_Xp6usj6bIvonyTyfsgm3iTyJqrKS-Ov19fTsxzMut6SH449KKBglJyVi8MQXLRdSGDvdccYpQ88ndQPnPgFooNenEMI5ZULxohq8yPDolwY9Xq8SfuHz_LDA1md2dGsr7tNjO-kEqeRCUc42lewUHPGeJbuEKM8lKoxvz51klGL3hfnJENAInk0oDr_JzhqJL4sBDXMToQx9pboc70aRt9Mtp4RvoolBGSFiMXPsIBVHczD-hjejB3bR9J2wodnI2CIxMHj4Av91P9hY00n1R8xguT_oIroBVrKqccxD1vq_NiqT9Z65VXAlIKfp5c-8LnEV6chyyuSR_WbOUyeyIaFHaJw%3D%26bag%3DUjBindITRhUpo44JxTAQQSgpVVLtp3VG%26ruid%3D55e8893a-4d9d-4ea2-a317-a465d62c4d1f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fcutsy.net%252FXCvBJyPvB%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.154 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a4d6c013fdde20e88c176f9d398245311395da01649c37edda76479d251037c0 Request headers accept-language de-DE,de;q=0.9 Referer https://interbuzznews.com/?l=REfvCpTGmUd3Oe7&cd_meta_crid=387600&trkintimp&target_url=https%3A%2F%2Fcameesse.net%2F12%3Frnd%3D1409904604%26z%3D6537682%26b%3D19530686%26c%3D7630840%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Fstragtegytracking.com%252Findex.php%253Fcid%253D0zp61xmzgurcd3act4wdetqxnit5od55%2526visitor_id%253D%2524%257BSUBID%257D%2526cost%253D%257Bcost%257D%2526zoneid%253D%257Bzoneid%257D%2526campaignid%253D%257Bcampaignid%257D%2526device%253D%257Bdevice%257D%2526browser%253D%257Bbrowser%257D%2526os%253D%257Bos%257D%2526osversion%253D%257Bosversion%257D%2526country%253D%257Bcountry%257D%2526language%253D%257Blanguage%257D%2526isp%253D%257Bisp%257D%2526user_activity%253D%257Buser_activity%257D%26cln%3D1%26btp%3D7%26rb%3DRY1Kqj4Xk8Ez0aQZ4IuMDt0VXLoBBG_IZPK3OkX_oe_VWTn-LHUZFez_nXpRhqTL5urcxeYKx3VtkA9-KugS-98HooYDqS7fwUdnhsZMhoMgcu8ax5XDfiAKyFuxhZwu-lRIMmzpYwyQlaWOnxrxkTc-hcYgdbz_6oLWhlqpTReECPnRcNvtGHk03irvB9HBrD2TzY3AMLDcRzTBuhStgC5s4LT8xj0l0dsRMpunD9SoFilpoccHTyhYv7l7sJM3ph5WGRT5k61rusmqAoIMmuiHXmrKpf-R1lQ_WJELTX0tnvb1z749qd8q9rSDbl8ntfNvVUS55-bbOaK4B3f7dgMyvkvLihLlE9qqWeI2BF8YbeRQ8oC-7yAudxC5WjMZ67Yd03AD868wtcOIeIt1OLHZMjrMOUNxumy_ksFWNo0UsarCNSSqCsjFHXlwKWB4kHNbSYaDlkE3MVlMFlLxvNhgveOkMkVuTVx7F-Filbs_dyw8vhyg1LpuShlxwhIJLkeBYAeEy4W7k1CBJtK7HXLQxhubQEWNjocbkFdOJjcpAmLIG2Io0J_NoP0N3UBzbHPV07fshHVsg2x_Xp6usj6bIvonyTyfsgm3iTyJqrKS-Ov19fTsxzMut6SH449KKBglJyVi8MQXLRdSGDvdccYpQ88ndQPnPgFooNenEMI5ZULxohq8yPDolwY9Xq8SfuHz_LDA1md2dGsr7tNjO-kEqeRCUc42lewUHPGeJbuEKM8lKoxvz51klGL3hfnJENAInk0oDr_JzhqJL4sBDXMToQx9pboc70aRt9Mtp4RvoolBGSFiMXPsIBVHczD-hjejB3bR9J2wodnI2CIxMHj4Av91P9hY00n1R8xguT_oIroBVrKqccxD1vq_NiqT9Z65VXAlIKfp5c-8LnEV6chyyuSR_WbOUyeyIaFHaJw%3D%26bag%3DUjBindITRhUpo44JxTAQQSgpVVLtp3VG%26ruid%3D55e8893a-4d9d-4ea2-a317-a465d62c4d1f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fcutsy.net%252FXCvBJyPvB%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:44:59 GMT last-modified Thu, 09 Nov 2023 10:39:38 GMT server nginx etag "654cb6ea-e5b1" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS, HEAD content-type image/png access-control-allow-origin * access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range content-length 58801
GET H2	200	cutsy.net_fluid_lb_firstpagefirstbannerad1 Show response live.demand.supply/cp/	21 B 278 B	358ms 271ms	XHR text/plain	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagefirstbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 8245f172da522c4d-FRA alt-svc h3=":443"; ma=86400 content-length 21
GET H2	200	cutsy.net_fluid_sq_firstpagemiddlebannerad1 Show response live.demand.supply/cp/	30 B 285 B	411ms 325ms	XHR text/plain	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_sq_firstpagemiddlebannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e8abdf404cef76611dbe6a4bf9b7f779ad045be89182f1a8ff94babf0fe48f1 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 8245f172da572c4d-FRA alt-svc h3=":443"; ma=86400 content-length 30
GET H2	200	cutsy.net_fluid_lb_firstpagelastbannerad1 Show response live.demand.supply/cp/	21 B 276 B	420ms 334ms	XHR text/plain	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 8245f172da552c4d-FRA alt-svc h3=":443"; ma=86400 content-length 21
HEAD H2	200	e.js Show response live.demand.supply/x/	0 496 B	132ms 47ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5FF30YHWSY7WFRW4G6NW4X date Sat, 11 Nov 2023 10:44:59 GMT cf-cache-status HIT age 799503 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f172da4f2c4d-FRA
GET H2	200	cutsy.net_auto_728x90_sticky_display_bottom Show response live.demand.supply/cp/	29 B 342 B	306ms 249ms	XHR text/plain	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81fbdd8d46ee8c92128a80abb89e3cb275d19f76afaabb2da769934ac539c0f3 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 8245f172da472c4d-FRA alt-svc h3=":443"; ma=86400 content-length 29
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/	428 KB 134 KB	30ms 29ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash b9b20c45fa7937a540df46f96c90d6a36a0f3c2cc4be9f500e89168b0ea330a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 19:14:36 GMT content-encoding br x-content-type-options nosniff age 55824 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137198 x-xss-protection 0 server cafe etag 1612709275544178178 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 09 Nov 2024 19:14:36 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 249 B	19ms 19ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f1747c5c2c4d-FRA
GET H2	200	ob.js Show response cdn-ima.33across.com/	11 KB 5 KB	69ms 26ms	Script application/javascript	172.64.152.89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ima.33across.com/ob.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 30 Oct 2023 20:31:13 GMT server cloudflare age 21738 etag W/"65401291-2b7d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 8245f174eb4a65ba-FRA expires Tue, 14 Nov 2023 10:45:00 GMT
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	75ms 25ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Wed, 25 Oct 2023 03:26:36 GMT content-encoding gzip age 1495104 x-guploader-uploadid ABPtcPomD9PwI-x1w_qV94tV1ozSRGR8ZeUKPfmAcHMXugM_rapxZCGwrYNwQRfVOUUs3oMWA37p8xfLMlvY-C9eeSMu x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Thu, 24 Oct 2024 03:26:36 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	368ms 18ms	Script text/javascript	178.250.1.3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-a9a7" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 12 Nov 2023 10:45:00 GMT
GET H2	200	connectId-gpt.js Show response connectid.analytics.yahoo.com/	9 KB 9 KB	363ms 17ms	Script application/javascript	18.66.97.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://connectid.analytics.yahoo.com/connectId-gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-14.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a Security Headers Name Value Content-Security-Policy default-src 'self' Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 09:48:17 GMT via 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront) content-security-policy default-src 'self' x-amz-cf-pop FRA56-P2 age 3404 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 8730 x-amz-expiration expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle" last-modified Tue, 17 Oct 2023 13:17:45 GMT server AmazonS3 etag "c46e30de24d0f12167e302e9e32ff4a5" content-type application/javascript cache-control max-age=3600 accept-ranges bytes x-amz-cf-id hpPxtuFjqldYKEXgUY7BmsvbWNspIFh4kUtk2YnFdrS0HZ6YAzZFYA==
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	356ms 18ms	Script application/javascript	104.16.86.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 23776 x-jsd-version master content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230066-FRA x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPvtHflwvb3qhb5c342g%2FWRJl7iypiLFTbuU4aP%2FkqKof2vw8QuB7Jw2%2B9CXR9Va%2FQIsTZ2BEFTxFbT%2F5eJbMU6Zx7ueKg14E6qhESOiqZ4PHd9MmS0JQDkXasGvK00J1w8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 8245f176b823372e-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	147 KB 32 KB	380ms 31ms	Script text/javascript	104.22.52.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 09 Nov 2023 09:47:12 GMT server cloudflare x-amz-request-id M1VMPE2B6P2FAKYN age 486 etag W/"c129d5681852fdb4346e144820aba0c3" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 8245f176dcbb5c3e-FRA x-amz-id-2 GBEfKUgc7OLFpt0thc4Vz+m1Fn7Jm7TTCfYh+lpYgP+CPB9oA3ZRq1X3ma9f+Jjb0sT3xFTTMyfy7fNa+Z4/Jw==
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	66ms 30ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT via 1.1 google, 1.1 google last-modified Thu, 03 Aug 2023 03:28:51 GMT server Google Frontend etag fc4e6bfe266081c4873c6f08c8298e5c content-type text/javascript; charset=utf-8 x-cloud-trace-context 34bce2af885918e149d85c05706a9f61 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	3 KB 3 KB	344ms 11ms	Script text/javascript	18.66.129.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.129.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-129-71.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-amz-version-id KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3 Date Sat, 11 Nov 2023 05:04:04 GMT Via 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA60-P2 Age 20457 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Content-Length 2776 Last-Modified Thu, 19 Oct 2023 06:40:11 GMT Server AmazonS3 ETag "a3a9a9ee8e72db69d54e805f0586c651" Content-Type text/javascript Accept-Ranges bytes X-Amz-Cf-Id mOzrWBTOoa4TKCHn8K1UFKkFCsG8Cf21z403ar8GEA3LAvNAFsN5zw==
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	39 KB 12 KB	88ms 22ms	Script text/javascript	65.9.66.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.68 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-68.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 03:16:17 GMT content-encoding gzip via 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront) last-modified Wed, 06 Sep 2023 15:56:57 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 113324 x-amz-server-side-encryption AES256 etag W/"e073e71ed7a44e6f9cdd72904fda5940" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id 0Rbn7uWDBDQVxHm3UaXnEfiFHXKrj-OcI7CiofiizXuMfvRBki_07g==
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 880 B	521ms 520ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=1777225621229422&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C63218209-e090-430f-a36f-1753fdfa71ca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699699500247&lmt=1699699500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjTyfDvuzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjTyfDvuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGNLJ8O-7MUgAUgIIZBIZCgpwdWJjaWQub3JnGNPJ8O-7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UY08nw77sxSABSAghkEhQKBW9wZW54GNPJ8O-7MUgAUgIIZBIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26interstitials-bid%3D11%26bid-p%3Dgoogle%26bsc%3D93&adks=2892534720&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash de1322c26e79fdd657dc0d017b7ea901a7339920777c2194df85ff2e81b5f2f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 702 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A693	6 KB 3 KB	369ms 21ms	Document text/html	172.217.16.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f129.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 10:45:00 GMT expires Sun, 10 Nov 2024 10:45:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/	39 KB 14 KB	11ms 11ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl_page_level_ads.js?cb=31079591 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 1feae27bce64848747874eb049b0b945cbad02d0a88c21df9eb42a80005a8fd0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 19:14:37 GMT content-encoding br x-content-type-options nosniff age 55823 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13738 x-xss-protection 0 server cafe etag 16881063792315815319 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 09 Nov 2024 19:14:37 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 266 B	112ms 112ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_728x90_sticky_display_bottom&pdc=0.3525343656539917&ucv=null&e=tcp&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f174ecdf2c4d-FRA
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	34 KB 14 KB	382ms 382ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=3890392826320814&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C6f402293-c386-46fe-8771-cca4c7835674&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&fas=4&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699699500308&lmt=1699699500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjTyfDvuzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjTyfDvuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGNLJ8O-7MUgAUgIIZBIZCgpwdWJjaWQub3JnGNPJ8O-7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UY08nw77sxSABSAghkEhQKBW9wZW54GNPJ8O-7MUgAUgIIZBIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dy%26pof%3D0%26bid%3D0.22%26bid-p%3Dgoogle%26stt%3Dvs%26bsc%3D93&adks=2114445249&frm=20&plas=500x1080_r Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash e18c142b7a642beb206f1a024e41fcc09b9c919405c127d28ee432f62ef0bcb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14626 x-xss-protection 0 google-lineitem-id 5564064167 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138332681208 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cutsy.net_fluid_lb_firstpagefirstbannerad1 Show response live.demand.supply/cp/	21 B 274 B	317ms 317ms	XHR text/plain	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagefirstbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 8245f174fcf62c4d-FRA alt-svc h3=":443"; ma=86400 content-length 21
HEAD H2	200	e.js Show response live.demand.supply/e/	0 426 B	23ms 23ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_sq_firstpagemiddlebannerad1&pdc=0.30267655849456787&ucv=null&e=tcp&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f174fcf82c4d-FRA
GET H2	200	cutsy.net_fluid_lb_firstpagelastbannerad1 Show response live.demand.supply/cp/	21 B 274 B	150ms 150ms	XHR text/plain	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 8245f174fcfa2c4d-FRA alt-svc h3=":443"; ma=86400 content-length 21
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	658 B 699 B	296ms 296ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=4038001577413426&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C7ce04be1-846c-41bb-ba5c-f2113256ed4e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699699500328&lmt=1699699500&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjTyfDvuzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjTyfDvuzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGNLJ8O-7MUgAUgIIZBIZCgpwdWJjaWQub3JnGNPJ8O-7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UY08nw77sxSABSAghkEhQKBW9wZW54GNPJ8O-7MUgAUgIIZBIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dy%26pof%3D0%26bid%3D0.16%26bid-p%3Dgoogle%26bsc%3D93&adks=2109511285&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash f27293c4205477eb62b698684fc845a3a540b098963e1f957f330542b2c363bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 312 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&rid=esp&cc=1	85 B 204 B	126ms 125ms	Fetch application/json	34.120.107.143 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&rid=esp&cc=1 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Server 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 143.107.120.34.bc.googleusercontent.com Software / Express Resource Hash 4166a57dd37516fa3aaabefc82bfd7c9106b746ce8bb92a99e8f2d6db936be02 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT via 1.1 google x-powered-by Express etag W/"55-VfS+htpxvNe3+lyj5h1dSn5QZGQ" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://cutsy.net access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Sat, 11 Nov 2023 10:45:00 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://cutsy.net location /esp?url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 329 B	110ms 32ms	XHR application/json	34.255.67.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.255.67.121 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-67-121.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 13834c0f9401eb72c1262b6c9a34f6b415af5cf704a0255c2b33b10fb15802be Request headers Referer https://cutsy.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:00 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://cutsy.net cache-control no-cache x-server 10.45.22.63 access-control-allow-credentials true content-length 60 expires 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	661 B 489 B	440ms 440ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=1536788496356361&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C998c8701-9887-4441-9cd8-6e71c0aee253&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699699500479&lmt=1699699500&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY08nw77sxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSyfDvuzFIAFICCGQSGQoKcHViY2lkLm9yZxjTyfDvuzFIAFICCGQSGAoJeWFob28uY29tGNPJ8O-7MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UYtMrw77sxSABSAghqEhQKBW9wZW54GNPJ8O-7MUgAUgIIZBIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dn%26pof%3D1%26bsc%3D93&adks=389180772&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 2b8ca676a0d18067fbe0e345908438b724cc400616178436f885a184ddbb996f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 311 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	400	fed Show response ups.analytics.yahoo.com/ups/58813/	0 359 B	136ms 54ms	XHR application/json	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB Requested by Host: connectid.analytics.yahoo.com URL: https://connectid.analytics.yahoo.com/connectId-gpt.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.87 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 vary Origin p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV access-control-allow-origin https://cutsy.net content-type application/json access-control-allow-credentials true content-length 0
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame 0274	0 176 B	95ms 34ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Sat, 11 Nov 2023 10:45:00 GMT server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
HEAD H2	200	e.js Show response live.demand.supply/e/	0 266 B	18ms 18ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_sq_firstpagemiddlebannerad1&e=nai&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f1770f852c4d-FRA
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	426 B 471 B	288ms 287ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=2599807859570538&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2Ca726997a-fd84-490f-8c9b-7476e1ba216f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df462b87aa73efcb7%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZ3OkbxmiEnLSkqiEERlT1br-W0eQ&gpic=UID%3D00000cbfbb36f26f%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZb7iLbpdsVT4eSGQXnOuHtcEbnhQ&abxe=1&dt=1699699500652&lmt=1699699500&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY08nw77sxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSyfDvuzFIAFICCGQSGQoKcHViY2lkLm9yZxjKzPDvuzFIAFICCGoSGAoJeWFob28uY29tGNTM8O-7MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UYtMrw77sxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVJIaFZZelJqVkdkVVNXVm1SV0V2VWxZclVVUndkejA5SW4wPRjZzPDvuzFIABIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&adks=390153407&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 1c738650d3e96eb409458f25754094f30f49d6c90ae26055123a974d91a03b4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:00 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 166 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 3D0C	15 KB 6 KB	372ms 25ms	Document text/html	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutsy.net Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 10:45:00 GMT server Kestrel server-processing-duration-in-ticks 293741 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	429 B 481 B	340ms 339ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=2340600411400152&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C2652c909-ca8d-4dc0-94db-efbef098794e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df462b87aa73efcb7%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZ3OkbxmiEnLSkqiEERlT1br-W0eQ&gpic=UID%3D00000cbfbb36f26f%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZb7iLbpdsVT4eSGQXnOuHtcEbnhQ&abxe=1&dt=1699699500687&lmt=1699699500&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY08nw77sxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSyfDvuzFIAFICCGQSGQoKcHViY2lkLm9yZxjKzPDvuzFIAFICCGoSGAoJeWFob28uY29tGNTM8O-7MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UYtMrw77sxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVJIaFZZelJqVkdkVVNXVm1SV0V2VWxZclVVUndkejA5SW4wPRjZzPDvuzFIABIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dn%26pof%3D1%26bsc%3D93&adks=2916397908&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 87a5ca79145273c3d48ee87d6a724bb1b9eb7ae138a1c343378ad392973bab39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 176 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	increment Show response id5-sync.com/api/esp/	0 225 B	215ms 77ms	XHR text/plain	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://cutsy.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cutsy.net date Sat, 11 Nov 2023 10:45:00 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	pubads_impl_side_rails.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/	6 KB 2 KB	42ms 42ms	Script text/javascript	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl_side_rails.js?cb=31079591 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 22f1620c382372aa45532730cebba3f6ac0e1eb8bd87cf4ee9dc1f13df579989 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 19:30:05 GMT content-encoding br x-content-type-options nosniff age 54895 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1891 x-xss-protection 0 server cafe etag 16835361877799714190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sat, 09 Nov 2024 19:30:05 GMT
GET		ufs_web_display.js www.googletagservices.com/activeview/js/current/ Frame C3E3	0 0
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	50 KB 19 KB	363ms 363ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=2547381098811445&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C5014a5ce-d63a-46e6-84a7-ffbebd1291cc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&sfv=1-0-40&fas=4&eri=1&sc=1&cookie=ID%3Ded36136f301156ad%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MY0XsYhPXdhb8ulig-DYwascLL3bg&gpic=UID%3D00000cbfbba99569%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MbnzYr5B7-lPg8dwjRbTDDrSLEyVQ&abxe=1&dt=1699699500767&lmt=1699699500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY08nw77sxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSyfDvuzFIAFICCGQSGQoKcHViY2lkLm9yZxjKzPDvuzFIAFICCGoSGAoJeWFob28uY29tGNTM8O-7MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UYtMrw77sxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVJIaFZZelJqVkdkVVNXVm1SV0V2VWxZclVVUndkejA5SW4wPRjZzPDvuzFIABIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dvs%26bsc%3D93&adks=1413887851&frm=20&plas=500x1080_r Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 19d4d01d607609aa20b6d850905bb6ca5fdc125321eff0f22cd7beb8617f9ad9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18738 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 248 B	105ms 105ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_interstitial_desktop&e=nai&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f177f8b62c4d-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 243 B	20ms 19ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f17808ca2c4d-FRA
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	178 KB 52 KB	491ms 490ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=3012999232592282&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2Cc41e85da-628b-4b91-810a-859baca50f0a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3De1119b7c8520ebeb%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZCs6kNbwZVHAVn23gLPovM86WYmg&gpic=UID%3D00000cbfba88391f%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZa5cWDvPkYrJL4qNVV1tRR7e1XBQ&abxe=1&dt=1699699500813&lmt=1699699500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY08nw77sxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSyfDvuzFIAFICCGQSGQoKcHViY2lkLm9yZxjKzPDvuzFIAFICCGoSGAoJeWFob28uY29tGNTM8O-7MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UYtMrw77sxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVJIaFZZelJqVkdkVVNXVm1SV0V2VWxZclVVUndkejA5SW4wPRjZzPDvuzFIABIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D93&adks=2223602015&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash c4547c1177d0c59b5233c5693ae7bc4ff812407fb5bb5c9f7b9534280c422c16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52864 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 453 B	103ms 103ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_lb_firstpagelastbannerad1&e=nai&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:01 GMT cf-cache-status HIT age 895621 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f178c9bb2c4d-FRA
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	65 KB 17 KB	385ms 385ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=1275760722576276&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C1fb72239-77b7-4cf5-a2ae-33e6ebffe3e8&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D729e26cf75606db5%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MYwc7YXPSA-eCygRx0GNbQ2WX9gPA&gpic=UID%3D00000cbfba8d6027%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZ6OOWTbSg07WpavoJqsM12x1_JCA&abxe=1&dt=1699699500930&lmt=1699699500&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY08nw77sxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSyfDvuzFIAFICCGQSGQoKcHViY2lkLm9yZxjKzPDvuzFIAFICCGoSGAoJeWFob28uY29tGNTM8O-7MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UYtMrw77sxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVJIaFZZelJqVkdkVVNXVm1SV0V2VWxZclVVUndkejA5SW4wPRjZzPDvuzFIABIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y08nw77sxSABSAghk&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&adks=3123837394&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash ddf3546b1aaf09886bce423a8be09a425936c103049f0f1c657ab2e4e53495d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16603 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 245 B	23ms 22ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_sq_firstpagemiddlebannerad1&e=nai&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f178e9e42c4d-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 243 B	20ms 19ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_sq_firstpagemiddlebannerad1&pn=2&sn=3&pc=0.30267655849456787&ds=false&e=wdp&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:00 GMT cf-cache-status HIT age 895620 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f178e9e52c4d-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 278 B	130ms 130ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_lb_firstpagefirstbannerad1&e=nai&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:01 GMT cf-cache-status HIT age 895621 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f1797a8a2c4d-FRA
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	429 B 251 B	259ms 258ms	Fetch text/plain	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=611254877376519&correlator=327832960895672&eid=44807409%2C31079591%2C44808653%2C31079527&output=ldjh&gdfp_req=1&vrg=202311080101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C5c8f82c4-d477-4295-bf4d-fd8c877d312c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D729e26cf75606db5%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MYwc7YXPSA-eCygRx0GNbQ2WX9gPA&gpic=UID%3D00000cbfba8d6027%3AT%3D1699699500%3ART%3D1699699500%3AS%3DALNI_MZ6OOWTbSg07WpavoJqsM12x1_JCA&abxe=1&dt=1699699501042&lmt=1699699501&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=1496705362.1699699499&ga_sid=1699699500&ga_hid=511267761&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY08nw77sxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjSyfDvuzFIAFICCGQSGQoKcHViY2lkLm9yZxjKzPDvuzFIAFICCGoSGAoJeWFob28uY29tGNTM8O-7MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjTyfDvuzFIAFICCGQSFwoIcnRiaG91c2UYtMrw77sxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVJIaFZZelJqVkdkVVNXVm1SV0V2VWxZclVVUndkejA5SW4wPRjZzPDvuzFIABIZCgp1aWRhcGkuY29tGNPJ8O-7MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yhs_w77sxSABSAghq&dlt=1699699498937&idt=1280&prev_scp=ti%3D2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D93&adks=662097421&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software cafe / Resource Hash 4ae7a7754d0fbf32a0b0d40026941ac0ff39684c39be42d68a49d9a3838f8946 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 174 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	json Show response gum.criteo.com/sid/ Frame 3D0C	446 B 565 B	22ms 22ms	Fetch application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutsy.net&sn=ChromeSyncframe&so=0&topUrl=cutsy.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 Requested by Host: gum.criteo.com URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutsy.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 5c698eed8a7973db97ee7f6f557b0a7d70ba8220ea3d34bbca3537818cd5e69e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutsy.net User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:00 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 1505134 expires 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	130ms 129ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311080101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash b4a41347598adb1ec92647f039635782be9d37c8ad4541d6a5e03699b6749815 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12442 x-xss-protection 0
GET H2	200	a www.googletagmanager.com/	0 59 B	104ms 103ms	Image text/html	216.58.212.136 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?v=3&t=l&pid=114753891&rv=3b81&u=AAAAAAAAAAAAACCA&h=Ag&gtm=45je3b81v869225560&ccid=69225560&cid=G-GGDCMPL4QP&l=G-GGDCMPL4QP.L1756.S4.Y3.B23.E1622.I1756.EC6.TC11.HTC0~gtm.init.S0.V0.E24.TS5ccdconversionmarking.TI3.TE1.TS5ccdemdownload.TI5.TE1.TS5ccdemoutboundclick.TI6.TE0.TS5ccdempageview.TI7.TE0.TS5ccdemscroll.TI8.TE0.TS5ccdemsitesearch.TI9.TE0.TS5ccdemvideo.TI10.TE0.TS5ccdgaregscope.TI11.TE0.TS5setproductsettings.TI12.TE0.TS5ogtgooglesignals.TI13.TE0~gtm.js.S0.V0.E15.TS5gct.TI1.TE0~*~gtm.dom.S0.V0.E1~gtm.load.S0.V0.E0~gtm.init_consent.S1.V0.E24~GA142 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f136.1e100.net Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT server Google Tag Manager alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	container.html Show response 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F118	6 KB 3 KB	39ms 38ms	Document text/html	172.217.16.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f129.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 10:45:00 GMT expires Sun, 10 Nov 2024 10:45:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H2	200	e.js Show response live.demand.supply/e/	0 242 B	31ms 30ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.3525343656539917&ds=true&e=wdp&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:01 GMT cf-cache-status HIT age 895621 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f17a4b952c4d-FRA
HEAD H2	200	e.js Show response live.demand.supply/e/	0 244 B	27ms 27ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutsy.net_auto_728x90_sticky_display_bottom&sy=83bb9891-d982-4856-8099-609810d3a025&ts=93&cd=2&pud=672&pus=c&pue=2070&pid=190&pis=c&pie=2261&ppd=242&pps=a&ppe=2313&pcl=1781&ttc=2349&tti=3590&ttif=0&lca=2313&lcak=ppe&lct=2313&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=0&mlsi=1x1&mlbw=4g&mlcs=NaN&mltp=2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0&e=lm&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:01 GMT cf-cache-status HIT age 895621 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f17a4b992c4d-FRA
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	450ms 94ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sat, 11 Nov 2023 10:45:01 GMT
GET H2	200	dr Show response as.ad4m.at/ad/ Frame B2A6	2 KB 3 KB	410ms 55ms	Document text/html	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1jt3tc89sgwd75crhdf87p23fpergz2pswv1t3kj6s8trzjqxsne40tkb2k09jccsf2etfrjb9epk2tsb25y2h54wsaq7jxaws8w6m40bks2ff2y6k9tag4apddrc3mf1pxjzpcfvn5t4bjbyt6sa5zf5vtcy2k9xnxck3q8fd9sskccng3jgt899avwz9j0ns7pnhzhygpkjag7pp41t0rqg43r1qrh0h2q8gv2k888gpgya6rmnnsegam3gmy1a64wpthnk2xg1aesjy4vncc5rz61qq59e3b3m9txz5bjz282r8sgf1d34axy8v77ytvnx2y33gz0tvwsvbtyck9zms3kjybb6e9k5p5pwph80f27ke3a4cccz9qvh62bwmwatqhb6w0dam19051ytkmwhfq5nvse41camej6a69x44ksm18c5n4v3sm35gz54czam7rzfea0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%26client%3Dca-pub-3831894559014614%26adurl%3D Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86c0d48f1ea16906b810b6821dea842ab4611702a860fd0aa0bd3c24bb0f22ba Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 8245f17cd9d93808-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 10:45:01 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame F118	3 KB 1 KB	408ms 60ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 09:53:34 GMT content-encoding br x-content-type-options nosniff age 3087 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 25 Nov 2023 09:53:34 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame A18C	1 KB 1001 B	523ms 68ms	Document text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 47288 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 10 Nov 2023 21:36:53 GMT etag 48472445140208031 expires Sat, 11 Nov 2023 21:36:53 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame F118	20 KB 9 KB	362ms 16ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 01:58:26 GMT content-encoding br x-content-type-options nosniff age 31595 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 25 Nov 2023 01:58:26 GMT
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F118	24 KB 7 KB	407ms 61ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 01:55:06 GMT content-encoding br x-content-type-options nosniff age 118195 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 09 Nov 2024 01:55:06 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame F118	199 KB 64 KB	552ms 92ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64401 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699570296391874" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 11 Nov 2023 10:45:01 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 240 B	50ms 50ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_lb_firstpagefirstbannerad1&e=nai&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:01 GMT cf-cache-status HIT age 895621 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f17b3d102c4d-FRA
GET H2	200	container.html Show response 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CEE	6 KB 3 KB	42ms 41ms	Document text/html	172.217.16.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f129.1e100.net Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 10:45:00 GMT expires Sun, 10 Nov 2024 10:45:00 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H2	200	e.js Show response live.demand.supply/e/	0 243 B	124ms 124ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=3.9&b=2&r=cutsy.net_auto_interstitial_desktop&sy=83bb9891-d982-4856-8099-609810d3a025&ts=93&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0&e=lm&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:01 GMT cf-cache-status HIT age 895621 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f17b7d672c4d-FRA
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012310301456000/ Frame 4363	196 KB 56 KB	438ms 45ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f1.1e100.net Software sffe / Resource Hash c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 10 Nov 2023 02:37:57 GMT age 115624 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56081 x-xss-protection 0 server sffe etag "6a17d296884b026a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 09 Nov 2024 02:37:57 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4363	15 KB 5 KB	474ms 81ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f1.1e100.net Software sffe / Resource Hash b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 10 Nov 2023 04:12:48 GMT age 109933 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "0b7142e00666043e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 09 Nov 2024 04:12:48 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4363	95 KB 29 KB	476ms 85ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f1.1e100.net Software sffe / Resource Hash 3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 10 Nov 2023 03:53:12 GMT age 111109 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29077 x-xss-protection 0 server sffe etag "7b1f1965b6cd6fda" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 09 Nov 2024 03:53:12 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4363	5 KB 2 KB	473ms 83ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f1.1e100.net Software sffe / Resource Hash 516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 10 Nov 2023 01:14:32 GMT age 120629 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1911 x-xss-protection 0 server sffe etag "5b0a82507b260c6e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 09 Nov 2024 01:14:32 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4363	40 KB 13 KB	456ms 65ms	Script text/javascript	172.217.18.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f1.1e100.net Software sffe / Resource Hash 18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 09 Nov 2023 14:54:32 GMT age 157829 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12952 x-xss-protection 0 server sffe etag "9817e561a46c70fa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 08 Nov 2024 14:54:32 GMT
GET H2	200	css fonts.googleapis.com/ Frame 4363	6 KB 802 B	48ms 41ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311080101/pubads_impl.js?cb=31079591 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash 9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 11 Nov 2023 10:45:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 11 Nov 2023 09:27:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 11 Nov 2023 10:45:01 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4363	2 KB 3 KB	242ms 66ms	Image image/png	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 03:23:34 GMT x-content-type-options nosniff server cafe age 26487 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Sun, 12 Nov 2023 03:23:34 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4363	295 B 424 B	212ms 36ms	Image image/png	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 03:23:34 GMT x-content-type-options nosniff server cafe age 26487 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Sun, 12 Nov 2023 03:23:34 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 4363	0 0	32ms 28ms	Image text/html	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsI3nBxArn2e8cgi42ONOLJtp3kBdaBk2soTQjKlcG-3IRRH4dJn_6WsW9D86ZBlqnm2SWt_Uf-e_PrWSm2QzttZUCCA Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers
HEAD H2	200	e.js Show response live.demand.supply/e/	0 243 B	34ms 32ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutsy.net_fluid_lb_firstpagelastbannerad1&sy=83bb9891-d982-4856-8099-609810d3a025&ts=93&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=0&mlsi=770x100&mlbw=4g&mlcs=NaN&mltp=2cfd3b6c-2c5e-46d0-9dbf-d4215f5e2dd0&e=lm&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:01 GMT cf-cache-status HIT age 895621 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f17badb82c4d-FRA
GET H2	200	6592766407814317453 tpc.googlesyndication.com/simgad/11707786310490328524/ Frame 4363	47 KB 47 KB	248ms 74ms	Image image/jpeg	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/11707786310490328524/6592766407814317453 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash b8eb7151c4f680f114cbb56a1065660ef87c4dc8e0c1ba03a935d810310e3d99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 06:50:30 GMT x-content-type-options nosniff age 100471 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48157 x-xss-protection 0 last-modified Mon, 06 Nov 2023 14:07:32 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 09 Nov 2024 06:50:30 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/616164144241982869/ Frame 4363	1022 B 1 KB	243ms 70ms	Image image/jpeg	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/616164144241982869/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 8efbe995601673fb300494005215b6c1a0040c977a3ddf6b74378cd3275f658e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 06:50:43 GMT x-content-type-options nosniff age 100458 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1022 x-xss-protection 0 last-modified Mon, 06 Nov 2023 14:07:27 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 09 Nov 2024 06:50:43 GMT
GET DATA	200 OK	truncated / Frame 4363	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8d72cc5111d531c26f55daf968eb72f1c86ebd0fdf3ddbafcb2925c20ccd95c1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css2 fonts.googleapis.com/ Frame 1CEE	4 KB 744 B	47ms 46ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 11 Nov 2023 10:45:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 11 Nov 2023 09:25:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 11 Nov 2023 10:45:01 GMT
GET H2	200	css fonts.googleapis.com/ Frame 3D5A	14 KB 1 KB	76ms 76ms	Stylesheet text/css	142.250.186.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f10.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 11 Nov 2023 10:45:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 11 Nov 2023 09:35:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 11 Nov 2023 10:45:01 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 3D5A	2 KB 903 B	165ms 57ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 15:15:59 GMT content-encoding br x-content-type-options nosniff age 70142 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 24 Nov 2023 15:15:59 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231108/r20110914/ Frame 3D5A	23 KB 9 KB	166ms 59ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/abg_lite_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 18:18:45 GMT content-encoding br x-content-type-options nosniff age 59176 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9286 x-xss-protection 0 server cafe etag 5170786266788330719 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 24 Nov 2023 18:18:45 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 3D5A	3 KB 1 KB	165ms 58ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 09:53:34 GMT content-encoding br x-content-type-options nosniff age 3087 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 25 Nov 2023 09:53:34 GMT
GET H2	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame C3A3	1 KB 677 B	287ms 68ms	Document text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 47288 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 10 Nov 2023 21:36:53 GMT etag 48472445140208031 expires Sat, 11 Nov 2023 21:36:53 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame 3D5A	20 KB 8 KB	143ms 37ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 01:58:26 GMT content-encoding br x-content-type-options nosniff age 31595 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 25 Nov 2023 01:58:26 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 3D5A	0 0	32ms 29ms	Image text/html	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuISVMQJWP7LOuWO3NDMSkPHEBRYAWdEOao4Vd7FeG-Uovgmi-uM-MDOZ1LLt2k8dwgLsq5mmqeMOY9LvouOP1_6-qwg Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 3D5A	199 KB 63 KB	379ms 158ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash 2b4cc063a23b35749b179b99bdb852c968aeca98886d97d6c32961edae25adff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64401 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699570296391874" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sat, 11 Nov 2023 10:45:01 GMT
GET H2	200	81801f102bbf3ca11da2806ffde236a3.js Show response www.gstatic.com/mysidia/ Frame 3D5A	37 KB 16 KB	474ms 45ms	Script text/javascript	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/81801f102bbf3ca11da2806ffde236a3.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash ec7e5b4f20e4e5f2bec7c116075036082f6bccc56c3522790c7040d4d9380f43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 17:46:39 GMT content-encoding gzip x-content-type-options nosniff age 147502 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15369 x-xss-protection 0 last-modified Tue, 07 Nov 2023 05:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 07 Feb 2024 17:46:39 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame 1CEE	21 KB 9 KB	167ms 68ms	Script text/javascript	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 18:51:23 GMT content-encoding br x-content-type-options nosniff age 57218 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8785 x-xss-protection 0 server cafe etag 17726888854999048520 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 24 Nov 2023 18:51:23 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 1CEE	205 B 296 B	502ms 80ms	Image image/png	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:40:18 GMT x-content-type-options nosniff age 162283 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 08 Nov 2024 13:40:18 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 1CEE	604 B 921 B	498ms 76ms	Image image/png	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 13:30:38 GMT x-content-type-options nosniff age 162863 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 08 Nov 2024 13:30:38 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4363	15 KB 16 KB	50ms 49ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 06 Nov 2023 18:18:43 GMT x-content-type-options nosniff age 404778 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 05 Nov 2024 18:18:43 GMT
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4363	15 KB 15 KB	55ms 54ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 04 Nov 2023 14:58:03 GMT x-content-type-options nosniff age 589618 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 03 Nov 2024 14:58:03 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 4363	15 KB 15 KB	39ms 39ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 20:32:45 GMT x-content-type-options nosniff age 137536 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Nov 2024 20:32:45 GMT
GET H2	200	default.css as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B2A6	115 KB 14 KB	50ms 45ms	Stylesheet text/css	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1jt3tc89sgwd75crhdf87p23fpergz2pswv1t3kj6s8trzjqxsne40tkb2k09jccsf2etfrjb9epk2tsb25y2h54wsaq7jxaws8w6m40bks2ff2y6k9tag4apddrc3mf1pxjzpcfvn5t4bjbyt6sa5zf5vtcy2k9xnxck3q8fd9sskccng3jgt899avwz9j0ns7pnhzhygpkjag7pp41t0rqg43r1qrh0h2q8gv2k888gpgya6rmnnsegam3gmy1a64wpthnk2xg1aesjy4vncc5rz61qq59e3b3m9txz5bjz282r8sgf1d34axy8v77ytvnx2y33gz0tvwsvbtyck9zms3kjybb6e9k5p5pwph80f27ke3a4cccz9qvh62bwmwatqhb6w0dam19051ytkmwhfq5nvse41camej6a69x44ksm18c5n4v3sm35gz54czam7rzfea0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1jt3tc89sgwd75crhdf87p23fpergz2pswv1t3kj6s8trzjqxsne40tkb2k09jccsf2etfrjb9epk2tsb25y2h54wsaq7jxaws8w6m40bks2ff2y6k9tag4apddrc3mf1pxjzpcfvn5t4bjbyt6sa5zf5vtcy2k9xnxck3q8fd9sskccng3jgt899avwz9j0ns7pnhzhygpkjag7pp41t0rqg43r1qrh0h2q8gv2k888gpgya6rmnnsegam3gmy1a64wpthnk2xg1aesjy4vncc5rz61qq59e3b3m9txz5bjz282r8sgf1d34axy8v77ytvnx2y33gz0tvwsvbtyck9zms3kjybb6e9k5p5pwph80f27ke3a4cccz9qvh62bwmwatqhb6w0dam19051ytkmwhfq5nvse41camej6a69x44ksm18c5n4v3sm35gz54czam7rzfea0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%26client%3Dca-pub-3831894559014614%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 446626 cf-polished origSize=118430 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 02 Nov 2023 10:26:17 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwd9mEf%2BKp7TkRtb1C9WweTd%2BUtyVW8%2BTKY1emxR2QvF5SxEP3wt2ZTnMrwRhvytr%2BLtp3u%2B8eIrZe15SwSEYzxx7CRMFekKAOVJ9Duviqgx5ee1RREzJtjMk04%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=86400 cf-ray 8245f17d5a9b3808-FRA expires Sun, 12 Nov 2023 10:45:01 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame B2A6	25 KB 10 KB	52ms 44ms	Script application/javascript	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1jt3tc89sgwd75crhdf87p23fpergz2pswv1t3kj6s8trzjqxsne40tkb2k09jccsf2etfrjb9epk2tsb25y2h54wsaq7jxaws8w6m40bks2ff2y6k9tag4apddrc3mf1pxjzpcfvn5t4bjbyt6sa5zf5vtcy2k9xnxck3q8fd9sskccng3jgt899avwz9j0ns7pnhzhygpkjag7pp41t0rqg43r1qrh0h2q8gv2k888gpgya6rmnnsegam3gmy1a64wpthnk2xg1aesjy4vncc5rz61qq59e3b3m9txz5bjz282r8sgf1d34axy8v77ytvnx2y33gz0tvwsvbtyck9zms3kjybb6e9k5p5pwph80f27ke3a4cccz9qvh62bwmwatqhb6w0dam19051ytkmwhfq5nvse41camej6a69x44ksm18c5n4v3sm35gz54czam7rzfea0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%26client%3Dca-pub-3831894559014614%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT content-encoding br cf-cache-status HIT last-modified Tue, 11 Jul 2023 16:29:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 446626 etag W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjZUmApqdhtAETB4kMPKCO4UYTYhCeR5V6TaFG%2FovB5p7SdEVSMJKttsp0cYh4EsPs2ysoJxtZ4xAsF2YHd0BM0NhpGThPYTKZrWSVdq2rgpfcrO7W1Z1Dg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 8245f17d5aa23808-FRA alt-svc h3=":443"; ma=86400 expires Mon, 06 Nov 2023 06:41:15 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E5B	13 KB 5 KB	55ms 42ms	Document text/html	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3478 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 09:47:03 GMT expires Sun, 10 Nov 2024 09:47:03 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame C47A	829 B 944 B	41ms 41ms	Document text/html	142.250.186.68 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.68 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f4.1e100.net Software GSE / Resource Hash e0e7aa86fbe9527af70101f3142cbdba485b882965f3070829792641f2e72747 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2DVwFXG8xAvNtibLVcFTaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-2DVwFXG8xAvNtibLVcFTaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 10:45:01 GMT expires Sat, 11 Nov 2023 10:45:01 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	pixel cm.g.doubleclick.net/ Frame A18C Redirect Chain https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIYDtEeXqfDbgXBrDsRcZFs&google_cver=1&google_push=AXcoOmSvQMZnq0kGmZYS_RMHuvVApt8GcK0qHUmYuZ6oLzC3q8AfvNh_Y2ifQ4D-6LNN2UQ23xqrXvNGPiQ... https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSvQMZnq0kGmZYS_RMHuvVApt8GcK0qHUmYuZ6oLzC3q8AfvNh_Y2ifQ4D-6LNN2UQ23xqrXvNGPiQv1IIUjixOEDeNmLb0JQ	170 B 232 B	77ms 76ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSvQMZnq0kGmZYS_RMHuvVApt8GcK0qHUmYuZ6oLzC3q8AfvNh_Y2ifQ4D-6LNN2UQ23xqrXvNGPiQv1IIUjixOEDeNmLb0JQ Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmSvQMZnq0kGmZYS_RMHuvVApt8GcK0qHUmYuZ6oLzC3q8AfvNh_Y2ifQ4D-6LNN2UQ23xqrXvNGPiQv1IIUjixOEDeNmLb0JQ Date Sat, 11 Nov 2023 10:45:02 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=3000 Content-Length 0 P3P policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
GET H2	200	pixel cm.g.doubleclick.net/ Frame A18C Redirect Chain https://d5p.de17a.com/cookies/google?google_gid=CAESEDr96BiuHrAQQP_Zln3qy6c&google_cver=1&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWjS4... https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDr96BiuHrAQQP_Zln3qy6c&google_cver=1&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWj... https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWjS4ZIWT_xQ	170 B 232 B	91ms 91ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWjS4ZIWT_xQ Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRKQGG6WgVIsAxG8K-Bl25ZhJPvnQeuA86XutH1IrnonKQIC4n-E4kvYsDtQhP-anBZ4Wg20bW7b0kNOnNMT0LWjS4ZIWT_xQ content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H2	200	pixel cm.g.doubleclick.net/ Frame A18C Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTDMs... https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-WSf-CVBfEQY7xwZuQPVCO3GGiNjF5mM_UR_A1w&google_push=AXcoOmTDMsP3rETJ-90uY-C-xnoNtENs2i6Dg7DLCELRptmKGywkZt-vJVN_P4Qf1CFxK1iqAiItHzNAoxel...	170 B 232 B	103ms 92ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-WSf-CVBfEQY7xwZuQPVCO3GGiNjF5mM_UR_A1w&google_push=AXcoOmTDMsP3rETJ-90uY-C-xnoNtENs2i6Dg7DLCELRptmKGywkZt-vJVN_P4Qf1CFxK1iqAiItHzNAoxelgNfIRqb4I6D8Ur4ZGg Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 11 Nov 2023 10:45:01 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-WSf-CVBfEQY7xwZuQPVCO3GGiNjF5mM_UR_A1w&google_push=AXcoOmTDMsP3rETJ-90uY-C-xnoNtENs2i6Dg7DLCELRptmKGywkZt-vJVN_P4Qf1CFxK1iqAiItHzNAoxelgNfIRqb4I6D8Ur4ZGg cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 746711 content-length 0 expires Sat, 11 Nov 2023 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame A18C Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP... https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw&redir=https%3A%2F%2Fcm.g.dou... https://sync.targeting.unrulymedia.com/csync/RX-45f2b3d4-3284-4aff-a54e-36dffbe2ec22-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQqIoZ0eQrzC7JdoSc_k... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw&google_hm=A0Xys9QyhEr_pU423_vi7CI	170 B 232 B	64ms 61ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw&google_hm=A0Xys9QyhEr_pU423_vi7CI Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQqIoZ0eQrzC7JdoSc_kvgo60NzNFyP8jhSj8GI1-0M2dQlOtLEyWMV8ZWw-5fIVTWDZHXQYeJejGpp_hq5jWzSF6VKzvdipw&google_hm=A0Xys9QyhEr_pU423_vi7CI date Sat, 11 Nov 2023 10:45:02 GMT p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RX45f2b3d432844affa54e36dffbe2ec22003 content-type text/html
GET H2	200	pixel cm.g.doubleclick.net/ Frame A18C Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPiQBf0kEmeDZK-gBOoo4wI&google_cver=1&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rOFi6zTMnjQSX4OAnZZY3SAI2lKkIw1F6YlG... https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rOFi6zTMnjQSX4OAnZZY3SAI2lKkIw1F6YlG5... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYxMjM2Njg4MTM2NjA1Nzg5MzQy&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rO...	170 B 232 B	86ms 83ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYxMjM2Njg4MTM2NjA1Nzg5MzQy&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rOFi6zTMnjQSX4OAnZZY3SAI2lKkIw1F6YlG5YhQ Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzYxMjM2Njg4MTM2NjA1Nzg5MzQy&google_push=AXcoOmR9aty_cDwvy-RakSav4lWg0EdFFuEx0noM6KWVs1mOPDIC1Lgnuay4y-rOFi6zTMnjQSX4OAnZZY3SAI2lKkIw1F6YlG5YhQ date Sat, 11 Nov 2023 10:45:01 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	report sync.teads.tv/um/ Frame A18C Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPZLOJjJkLyF... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWU4NjE3N2UtZTY2Mi00M2JjLWFkYmItNGI1ZjdlN2U4NjMy&google_push=AXcoOmRT2tZq9SHR7pUD5oguqlRA2uVu6fvHTccFgidrKNYBW8-y1CGpKUaYI0K-OmMA6... https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	67ms 64ms	Image image/gif	2.16.97.41 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-16-97-41.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers expires Sat, 11 Nov 2023 10:45:02 GMT pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame A18C Redirect Chain https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELDLR03w2MOh1qA6S6W7RV0&google_cver=1&google_push=AXcoOmROHOz3HuM1c... https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELDLR03w2MOh1qA6S6W7RV0%26goo... https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Nzg3MzY2NTI5Mjg2MTM5Mg%3D%3D&google_gid=CAESELDLR03w2MOh1qA6S6W7RV0&google_cver=1&google_push=AXcoOmROHOz3HuM1cUBdVy8rHb0qFrOr4b...	170 B 298 B	75ms 74ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Nzg3MzY2NTI5Mjg2MTM5Mg%3D%3D&google_gid=CAESELDLR03w2MOh1qA6S6W7RV0&google_cver=1&google_push=AXcoOmROHOz3HuM1cUBdVy8rHb0qFrOr4bVaSdwlG8oPm8BqWp-tCRjykZmtZvUjjMpgMVtn4Kbia9rCHyuUxZqmFQzAJFCXita5Tw Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 11 Nov 2023 10:45:01 GMT an-x-request-uuid 33cd56bb-a2d4-4e38-9951-9dc9bb617b29 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE2Nzg3MzY2NTI5Mjg2MTM5Mg%3D%3D&google_gid=CAESELDLR03w2MOh1qA6S6W7RV0&google_cver=1&google_push=AXcoOmROHOz3HuM1cUBdVy8rHb0qFrOr4bVaSdwlG8oPm8BqWp-tCRjykZmtZvUjjMpgMVtn4Kbia9rCHyuUxZqmFQzAJFCXita5Tw x-proxy-origin 176.115.237.101; 176.115.237.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame A18C	0 78 B	168ms 92ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KnMuty8ug6yihwMR5AZ93klqSXtQNsyvk3Dli3am8cHfWVl0Wql9r-Ue0afFKm2YDurrUxDRk Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	pixel cm.g.doubleclick.net/ Frame C3A3 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECA2xdh06COpyIl3hjM4aEw&google_cver=1&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz_4n28... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECA2xdh06COpyIl3hjM4aEw&google_cver=1&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwMzMxNTIxNjE3MTg1Mzc2Ng&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz_4n...	170 B 232 B	85ms 84ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwMzMxNTIxNjE3MTg1Mzc2Ng&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz_4n28-qIVppnm8dPdR7Id_CNvBA Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sat, 11 Nov 2023 10:45:03 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjIwMzMxNTIxNjE3MTg1Mzc2Ng&google_push=AXcoOmRLxtdWst_aXQEmkq76LEe8goth2cg2aq-ZD5oPt_D3dqW5cHEbugtOpU-_6bgnXWYnhlz_4n28-qIVppnm8dPdR7Id_CNvBA access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	us sync.go.sonobi.com/ Frame C3A3	0 401 B	425ms 113ms	Image text/plain	69.166.1.35 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRml_FrhCe_pqDnd2Dn-fvHXlIHiQ4KmkvkRWzzGkBHsqA3eZrtOLmWROPS65YkY1Oq3tgyuEJcgHSGDZoMBGLIay6kPeExiQ%26google_hm%3D%5BUID%5D&google_gid=CAESEN-ZWKYzjuaVmrm2xv0aFEk&google_cver=1 Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.166.1.35 , United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server sonobi-go vary negotiate,Accept-Encoding x-go-server go-iad-2-5-146 content-type text/plain; charset=utf8 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store, private tcn Choice content-length 0 x-xss-protection 0 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame C3A3 Redirect Chain https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE... https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ&redir=https%3A%2F%2Fcm.g.dou... https://sync.targeting.unrulymedia.com/csync/RX-45f2b3d4-3284-4aff-a54e-36dffbe2ec22-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRTduMILTyRPfXcwqPvs... https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ&google_hm=A0Xys9QyhEr_pU423_vi7CI	170 B 232 B	64ms 62ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ&google_hm=A0Xys9QyhEr_pU423_vi7CI Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRTduMILTyRPfXcwqPvsmB7ahYxHd3ZPeZDe2yLd2ICL80uOQTdpS3FyYg_8vUEkSSrOTR5IvJeDC-1LS2hq2-HTI989hPEPQ&google_hm=A0Xys9QyhEr_pU423_vi7CI date Sat, 11 Nov 2023 10:45:02 GMT p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RX45f2b3d432844affa54e36dffbe2ec22003 content-type text/html
GET H2	200	pixel cm.g.doubleclick.net/ Frame C3A3 Redirect Chain https://cs.media.net/cksync?type=g&google_gid=CAESEAQgNjy9H8DMvwtECJtMyFU&google_cver=1&google_push=AXcoOmQSnrPcQSilj-kSCl7RwbCY2DwEFwYIsw5GCGd8cN8GMc6gN-PsG_fvPkfOC2hWa3Bect40Xps_l0bMd7HdHiupbKt5B... https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&mn_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQSnrPcQSilj-kSCl7RwbCY2Dw...	170 B 232 B	49ms 46ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&mn_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQSnrPcQSilj-kSCl7RwbCY2DwEFwYIsw5GCGd8cN8GMc6gN-PsG_fvPkfOC2hWa3Bect40Xps_l0bMd7HdHiupbKt5Bx3W9w&gdpr=&gdpr_consent= Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sat, 11 Nov 2023 10:45:02 GMT Server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Location https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&mn_hm=MzQyNzAxMTAyODc0Mjk4MjAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQSnrPcQSilj-kSCl7RwbCY2DwEFwYIsw5GCGd8cN8GMc6gN-PsG_fvPkfOC2hWa3Bect40Xps_l0bMd7HdHiupbKt5Bx3W9w&gdpr=&gdpr_consent= Content-Type text/html Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 154 x-mnet-hl2 E Expires Sat, 11 Nov 2023 10:45:02 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame C3A3 Redirect Chain https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEDVl8IYz0vPsJcSGrZHhbA0&google_cver=1&google_push=AXcoOmTiMzwB2FK4gVV_9GAPSDukC5PmYjD3-Ik6CNuyTHEsJB81C6T3xANFaOCYSPHS15L4IIpzm... https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTiMzwB2FK4gVV_9GAPSDukC5PmYjD3-Ik6CNuyTHEsJB81C6T3xANFaOCYSPHS15L4IIpzmWX2X34xSubIAAC0o1rcaLUegw&google_hm=WlU5YkxzQ...	170 B 232 B	36ms 35ms	Image image/png	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTiMzwB2FK4gVV_9GAPSDukC5PmYjD3-Ik6CNuyTHEsJB81C6T3xANFaOCYSPHS15L4IIpzmWX2X34xSubIAAC0o1rcaLUegw&google_hm=WlU5YkxzQ281dEVBQUs5dzUtTUFBQUFB Protocol H2 Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers X-SO-Cluster-ID 0 Date Sat, 11 Nov 2023 10:45:02 GMT X-SO-LB-Data {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEDVl8IYz0vPsJcSGrZHhbA0&google_push=AXcoOmTiMzwB2FK4gVV_9GAPSDukC5PmYjD3-Ik6CNuyTHEsJB81C6T3xANFaOCYSPHS15L4IIpzmWX2X34xSubIAAC0o1rcaLUegw&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZU9bLsCo5tEAAK9w5-MAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40332"} X-SO-Key ZU9bLsCo5tEAAK9w5-MAAAAA Server nginx X-SO-Upstream-ID a-ad40332 P3P CP="See also http://www.scaleout.jp/privacy/" Location https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTiMzwB2FK4gVV_9GAPSDukC5PmYjD3-Ik6CNuyTHEsJB81C6T3xANFaOCYSPHS15L4IIpzmWX2X34xSubIAAC0o1rcaLUegw&google_hm=WlU5YkxzQ281dEVBQUs5dzUtTUFBQUFB Cache-Control private X-SO-HostName a-ad40332.dc2p.scaleout.jp Connection keep-alive X-SO-Ads-Time 2 Content-Length 0 X-SO-LB-Hostname a-tgng40013.dc2p.scaleout.jp X-SO-IP 176.115.237.101
GET H2	204	/ cc.adingo.jp/adx/push/ Frame C3A3	0 44 B	835ms 260ms	Image text/plain	13.230.249.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cc.adingo.jp/adx/push/?google_gid=CAESEGqryU2APb7iYYsZaZsPAqY&google_cver=1&google_push=AXcoOmTYFdFbpqekhDWi6MyMgRb43lNmTqIk_0GLU6mDlUzWx99EmO2kG_zuhjh7OSiwXEalHdjQouy1BHZB9lOk_Yamh3eifaAUaA Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.230.249.13 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-230-249-13.ap-northeast-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT server awselb/2.0
GET H2	200	0.gif id5-sync.com/i/495/ Frame C3A3 Redirect Chain https://sync.inmobi.com/gob?google_gid=CAESEFGRMANi53bd2__POikZnWg&google_cver=1&google_push=AXcoOmSO6fzs6DPAdqsZ1d1GUPen5VFtt_L-wnCQ8mQf1R4PNrBPzYEzGj3m3bOW-8UTJJqCQX-1aDyCsmR4JvPG9kdcu4EdsIvp3VE https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSO6fzs6DPAdqsZ1d1GUPen5VFtt_L-wnCQ8mQf1R4P...	43 B 921 B	221ms 36ms	Image image/gif	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSO6fzs6DPAdqsZ1d1GUPen5VFtt_L-wnCQ8mQf1R4PNrBPzYEzGj3m3bOW-8UTJJqCQX-1aDyCsmR4JvPG9kdcu4EdsIvp3VE Protocol H2 Server 162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Sat, 11 Nov 2023 10:45:02 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers p3p CP="CAO PSA OUR" Redirect headers date Sat, 11 Nov 2023 10:45:02 GMT content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=15552000; includeSubDomains x-permitted-cross-domain-policies none referrer-policy no-referrer expect-ct max-age=0 x-dns-prefetch-control off x-frame-options SAMEORIGIN content-type text/plain; charset=utf-8 location https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSO6fzs6DPAdqsZ1d1GUPen5VFtt_L-wnCQ8mQf1R4PNrBPzYEzGj3m3bOW-8UTJJqCQX-1aDyCsmR4JvPG9kdcu4EdsIvp3VE x-download-options noopen vary Accept content-length 274 x-xss-protection 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame C3A3	0 49 B	155ms 93ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LnjRbIsN6TAc2hWs9l1kJGQ0NfrQHoyWkSgVV-gzCNPez3RS1z4BMoi6kZ3I9lC9oTbnkpAw Requested by Host: 11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com URL: https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:01 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	frame.html Show response ad4m.at/ Frame E73A	2 KB 1 KB	145ms 95ms	Document text/html	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 109797 alt-svc h3=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 8245f17ecc5a3808-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Sat, 11 Nov 2023 10:45:01 GMT expires Fri, 10 Nov 2023 05:08:36 GMT last-modified Tue, 17 Oct 2023 09:43:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMGH7j7w1Xfh4drS8rlvMUJ57pNz3Ks7L1c1TNH7I4a%2BJWEuyKnDnKc9EJZ8cg4bGN3194M4b7CpEL0y2rElfcOoyJfgRqGvhrEKb1BJCnvSAVPgNzxfAIA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame C47A	0 0	121ms 92ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311080101&jk=611254877376519&rc= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers
GET H2	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame 9E5B	39 KB 15 KB	76ms 63ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 09:51:41 GMT content-encoding br x-content-type-options nosniff age 3201 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 10 Nov 2024 09:51:41 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4363	2 KB 3 KB	13ms 13ms	Image image/png	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 03:23:34 GMT x-content-type-options nosniff server cafe age 26488 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Sun, 12 Nov 2023 03:23:34 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4363	295 B 359 B	14ms 14ms	Image image/png	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 03:23:34 GMT x-content-type-options nosniff server cafe age 26488 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Sun, 12 Nov 2023 03:23:34 GMT
GET DATA	200 OK	truncated / Frame F118	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c7e062bede3985d8e99614e017bef127e933ea597d1c17769f50e1de0137419 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Type image/png
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B2A6	3 KB 4 KB	416ms 46ms	Image image/png	104.26.6.27 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.6.27 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 808 x-guploader-uploadid ABPtcPodZKH-eCrpKrkM9CRigtF5KPQfx6wQnoNrHaQME4eVQOq4TWvO3WSVAzjivYu6mbCctK0 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 content-length 3262 last-modified Tue, 21 Jun 2022 12:31:17 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" vary Accept-Encoding x-goog-generation 1655814677405990 content-type image/png content-language en x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== cache-control public, max-age=7200 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNe2mEwR5b8YYjq%2FKBdk8r0UaVMUzJ7sbXR2wkvTaYbNlPAUhIg6WWYu56e1kBs6tSxga1dCE3rMbT69x53ThKR%2FNMqrDtF%2BaHvNAWHKfSvLPMD%2FdjnwZTR%2FJiNXe6ir2jfNovN9"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 8245f1837bdd39ce-FRA expires Sat, 11 Nov 2023 11:31:34 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame F118	0 0	131ms 130ms	Image text/html	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C77Z3LFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMUCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo2VJXUB9RJ6qO5G7Kjj6itN1dFTlrQ0g0JYNjvtTNhZqtJc6jJWROAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=FAXEXmsy-Xk&uach_m=[UACH]&cid=CAQSPADICaaNeHh1WoHDArDr-4oOwbr45ukTJwHm8RlcaPQlh9M1w7rQkVlTkm4ypl0JT3iuuSI-SyYPrGy8DhgB&cbvp=2&vis=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame F118	0 103 B	395ms 19ms	Image image/gif	34.95.89.54 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://prod-rtb.ad4mat.net/winResponse?a=1hssr2j6tq8tmm5kkx3bb5d9c44s91nenfxapsmjaf16wck44cbjnpvpwxsf08qa8cbs0mw7xbzdn1x9sw49h4j1wwbvq0sr0pfv3h9q9w931k9w6c1yrbjnm4emwvfdtcxx67pvz64vamphd6e9c5rq28hwz9gk5cn3e4ght4jehya9xcqvrhg64swmq37h1n059s33mnhthx2kqva8k0v161ejw2ne7dwr8adsc6t44wzbq5hq84dg2ycpj8fesfyy8xxycyq4b3vdywnefpdqx43s7w85m9d6th9d9hqmvhr445a53b80wn3vt9e17j0212fyn52eejycebgab2tefw9kw1mks1x8kwxpt96bpcddwkge85xzrcqpn3p786yb3rh77f1ek01t&b=ZU9bLAAMS-wIVQnWAAKDoh1TD27PsDmrLxC0Hw&cbvp=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 54.89.95.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers access-control-allow-origin * date Sat, 11 Nov 2023 10:45:02 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response pagead2.googlesyndication.com/bg/ Frame 31B3	39 KB 15 KB	110ms 110ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Requested by Host: cutsy.net URL: https://cutsy.net/XCvBJyPvB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 00:36:09 GMT content-encoding br x-content-type-options nosniff age 122933 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15097 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 09 Nov 2024 00:36:09 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4363	0 0	81ms 81ms	Image text/html	216.58.206.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C9EvRLFtPZZT-OsbAgQf2u4KwD-fu4o906eew5ZcSub3V765BEAEglZvKIWCVAqABsvOl_gPIAQmpAtJLWfee7bE-4AIAqAMByAMKqgTWAk_QuaizqTGvfTh4OiLhPxRNRbRIFD30GRDMxOKicTQvru-uJUA1GjEU-tlra9SNC2kDYh8YlcnS3ZCBCO0JKcMKlqRGIgzimbPOYvg7qR_aiQfDsdoepivQYCHoUc3bjjtbTut9hcOZmpqPycX91mMmPxDY0rcchfXLo_krFcDVIevuEalw9KKhoobKte4Pg8pxd-nFT08Mo1J7ogv9vAR24ReC2NPAaEcMKpq47fJkUBQOZSFzbMSG9PzCxgPC_ynm-cDpZe4OSICM2i1E-mdjzpXHPVjF43tWzM6ExXqKu8A3kaJNZjZcoJUNBwhKtUuxo8IIo0BhFYZOJyRKU7hEA8SGjaMb4ZJbc-49Ndicj0f-tHOJSwNjzYpukSy3pm2PJoJmdIdJGjpZpzZNL3CKORmf2WuvNK0PsKJif1mzCpG4Yn_cLYDr9ikUyThWbWlqFvwZn8AE0_eems4E4AQBiAWuvK-rTaAGLoAHtozaAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKW0BdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCXFodHRwczovL2RlLnRyb3RlYy5jb20vc2hvcC9vdXRsZXQtc2hvcC5odG1sP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj0mdXRtX2NvbnRlbnQ9JnV0bV90ZXJtPYAKA8gLAaIMDCoKCgjktLEC7rWxAuINEwiOzeqH4ruCAxVGYOAKHfadAPa4E-QD2BMDiBQC0BUBmBYBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=Ii8YBFw6S6E&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNj0YB_xm4kbNpgcXppIk32GAvWG2V8GtFTKXNGD2VRrjZShmC7B-QC62J9BhvRfItaaKFwFfRGAE&template_id=484&cbvp=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers
OPTIONS H2	200	rs ad4m.at/ Frame	0 0	458ms 52ms	Preflight text/plain	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8245f1849b3f19ab-FRA content-length 24 content-type text/plain date Sat, 11 Nov 2023 10:45:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8znK2xCR%2FpVdsRVd5JRc33Aspf13rltgaciA2eIpdhWhVkHeAgDkftUl%2BCw4L4IzyugYAdrF4ipxEygu3qn%2Btej1szCw2T%2FUcm8lifNGSJ3YlGQFzQM9KOU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-db8p
POST H2	200	rs Show response ad4m.at/ Frame B2A6	2 KB 2 KB	58ms 58ms	XHR text/plain	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ee1a7831f5662e56312495511e92d19e48cc26b24560780906eb7d61b17de2a Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type application/json Response headers date Sat, 11 Nov 2023 10:45:02 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxfPwRDMcLd%2FJEewc6tGt0w6Hp2aFxNQETyBEhW9V9Wt0LeIgfrvK4nSxR9ijHsepoC5GdafXPrEPZ0NLa12ESVlnpu9lJHZ2YsuYd5BTHjghAajbD5Lijo%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 8245f184eb9419ab-FRA x-backend-server aa-reachservice-group-europe-west1-db8p alt-svc h3=":443"; ma=86400
GET H2	204	generate_204 tpc.googlesyndication.com/ Frame 9E5B	0 41 B	23ms 22ms	Image text/plain	142.250.185.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?LnW63A Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	11 Show response cameesse.net/	0 729 B	48ms 47ms	XHR image/jpeg	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/11?rnd=3991878700&z=6537682&b=19530686&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=RY1Kqj4Xk8Ez0aQZ4IuMDt0VXLoBBG_IZPK3OkX_oe_VWTn-LHUZFez_nXpRhqTL5urcxeYKx3VtkA9-KugS-98HooYDqS7fwUdnhsZMhoMgcu8ax5XDfiAKyFuxhZwu-lRIMmzpYwyQlaWOnxrxkTc-hcYgdbz_6oLWhlqpTReECPnRcNvtGHk03irvB9HBrD2TzY3AMLDcRzTBuhStgC5s4LT8xj0l0dsRMpunD9SoFilpoccHTyhYv7l7sJM3ph5WGRT5k61rusmqAoIMmuiHXmrKpf-R1lQ_WJELTX0tnvb1z749qd8q9rSDbl8ntfNvVUS55-bbOaK4B3f7dgMyvkvLihLlE9qqWeI2BF8YbeRQ8oC-7yAudxC5WjMZ67Yd03AD868wtcOIeIt1OLHZMjrMOUNxumy_ksFWNo0UsarCNSSqCsjFHXlwKWB4kHNbSYaDlkE3MVlMFlLxvNhgveOkMkVuTVx7F-Filbs_dyw8vhyg1LpuShlxwhIJLkeBYAeEy4W7k1CBJtK7HXLQxhubQEWNjocbkFdOJjcpAmLIG2Io0J_NoP0N3UBzbHPV07fshHVsg2x_Xp6usj6bIvonyTyfsgm3iTyJqrKS-Ov19fTsxzMut6SH449KKBglJyVi8MQXLRdSGDvdccYpQ88ndQPnPgFooNenEMI5ZULxohq8yPDolwY9Xq8SfuHz_LDA1md2dGsr7tNjO-kEqeRCUc42lewUHPGeJbuEKM8lKoxvz51klGL3hfnJENAInk0oDr_JzhqJL4sBDXMToQx9pboc70aRt9Mtp4RvoolBGSFiMXPsIBVHczD-hjejB3bR9J2wodnI2CIxMHj4Av91P9hY00n1R8xguT_oIroBVrKqccxD1vq_NiqT9Z65VXAlIKfp5c-8LnEV6chyyuSR_WbOUyeyIaFHaJw=&ruid=55e8893a-4d9d-4ea2-a317-a465d62c4d1f&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutsy.net%2FXCvBJyPvB&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 Requested by Host: cameesse.net URL: https://cameesse.net/27/34140bf7a9bfababc041a6dd34e08b17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-trace-id f6407be39661618bccb5969de6231572 pragma no-cache date Sat, 11 Nov 2023 10:45:02 GMT server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type image/jpeg access-control-allow-origin https://cutsy.net access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace content-length 0 expires Mon, 26 Jul 1997 05:00:00 GMT
GET DATA	200 OK	truncated /	152 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Content-Type image/png
GET H2	200	rar Show response as.ad4m.at/ad/ Frame 845A	11 KB 5 KB	37ms 37ms	Document text/html	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fed3828894ad78de1ddeaa9818a1a5fd451519412616788ad3beee8d05bd110f Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1jt3tc89sgwd75crhdf87p23fpergz2pswv1t3kj6s8trzjqxsne40tkb2k09jccsf2etfrjb9epk2tsb25y2h54wsaq7jxaws8w6m40bks2ff2y6k9tag4apddrc3mf1pxjzpcfvn5t4bjbyt6sa5zf5vtcy2k9xnxck3q8fd9sskccng3jgt899avwz9j0ns7pnhzhygpkjag7pp41t0rqg43r1qrh0h2q8gv2k888gpgya6rmnnsegam3gmy1a64wpthnk2xg1aesjy4vncc5rz61qq59e3b3m9txz5bjz282r8sgf1d34axy8v77ytvnx2y33gz0tvwsvbtyck9zms3kjybb6e9k5p5pwph80f27ke3a4cccz9qvh62bwmwatqhb6w0dam19051ytkmwhfq5nvse41camej6a69x44ksm18c5n4v3sm35gz54czam7rzfea0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%26client%3Dca-pub-3831894559014614%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 8245f1854c023808-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Sat, 11 Nov 2023 10:45:02 GMT expires 0 nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} permissions-policy accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=() pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	default.css as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 845A	115 KB 14 KB	27ms 26ms	Stylesheet text/css	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 446627 cf-polished origSize=118430 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Thu, 02 Nov 2023 10:26:17 GMT server cloudflare etag W/"486507ccce9ac587d11c0ef3f32a109a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SETCgAFjA0QZ5r9yaWZC4KCaCSoV6W8NwDir8R9hNpP1QeXP8tUdqEBLDxcmkFBoWEjLJG8aIoQBLxE95YZWzlGKjADFLHEFlk6TYTv7lTmm73Dpmksvd4%2FMRI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=86400 cf-ray 8245f1858c433808-FRA expires Sun, 12 Nov 2023 10:45:02 GMT
GET H2	200	D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 assets.ad4m.at/logo/ Frame 845A	8 KB 8 KB	36ms 25ms	Image image/webp	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 61862 cf-polished qual=85, origFmt=jpeg, origSize=12951 alt-svc h3=":443"; ma=86400 content-length 7758 cf-bgj imgq:85,h2pri last-modified Fri, 20 Oct 2023 22:22:01 GMT server cloudflare etag "12e3523b35b31c7ddfe7c77dcdb14a34" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egIn%2BwJu6O5N5IJ1qLJju5ODB7%2BCWmVtRwM2NKFtzsOWgtU%2FHWRSvL4kX8WyENiQWROZn172GYU74fVjh%2FLLxwgyFW4IrgelLu%2F%2FbokL0wesWQoTPo2eYhRPp7tdFOi%2B"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8245f1859c543808-FRA
GET H2	200	0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D assets.ad4m.at/ Frame 845A	20 KB 21 KB	38ms 27ms	Image image/webp	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 22073 cf-polished qual=85, origFmt=jpeg, origSize=29026 alt-svc h3=":443"; ma=86400 content-length 20740 cf-bgj imgq:85,h2pri last-modified Sat, 21 Oct 2023 21:22:49 GMT server cloudflare etag "9e8c0f685f08676e3b6bec8849b76e69" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PuwAHzPU7TegEmcdHWUJQr7iRqdfYignsU5NawjFBa6NNwA4WTbPZoZTYRyqHaI7WOqKy88ts%2FCEP9OfGUKHaSYYMtPdr9HV6ySFetUYIBY0ifIKVfw7kwQUUFDQ6Om"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8245f1859c503808-FRA
GET H/1.1	200 OK	/ partner.o2online.de/a/ Frame 845A Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t... https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJ_664jiu4IDFWuW_Qcd2eUCSA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=... https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023111111450390459072117X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202311...	49 B 1 KB	86ms 30ms	Image image/gif	167.233.13.224 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023111111450390459072117X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023111111450390459072117X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Server 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.224.13.233.167.clients.your-server.de Software nginx/1.14.0 (Ubuntu) / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Sat, 11 Nov 2023 10:45:03 GMT X-NODEIP 78.46.85.162 Server nginx/1.14.0 (Ubuntu) RM-PrivacyPolicy https://www.nonstoppartner.net/ Content-Type image/gif P3P policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP" Connection keep-alive Keep-Alive timeout=10 Content-Length 49 Redirect headers location https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023111111450390459072117X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023111111450390459072117X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218 date Sat, 11 Nov 2023 10:45:03 GMT x-content-type-options nosniff server nginx x-xss-protection 1; mode=block content-type text/html; charset=UTF-8
GET H2	200	90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 assets.ad4m.at/logo/ Frame 845A	4 KB 5 KB	30ms 20ms	Image image/webp	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 58288 cf-polished qual=85, origFmt=jpeg, origSize=7258 alt-svc h3=":443"; ma=86400 content-length 4294 cf-bgj imgq:85,h2pri last-modified Wed, 01 Nov 2023 09:56:16 GMT server cloudflare etag "679602b08629bcaaabfcfad4e68fe53a" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UikMtUbO1Y5h54yN77vwbVYx%2BLQJ8%2BfADOB4uUbg7%2Fu4tviwDVfDk9g3BTgOe16kYWTsAIE46Ug96WmqdGw76zgCC3RyymyK19A1%2B33eVEsSwAwQXPS8wlAWdn%2B4HaQE"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8245f1859c4e3808-FRA
GET H2	200	287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 assets.ad4m.at/ Frame 845A	15 KB 16 KB	32ms 23ms	Image image/jpeg	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 103298 cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 15521 cf-bgj imgq:85,h2pri last-modified Thu, 09 Nov 2023 08:09:52 GMT server cloudflare etag "269bd58060bc660c3aec98b388bae571" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7n2fkWSpGzHzSf%2Bd94qvj58ycqxhmNeH57xW3pzmZuE03LAJOx%2BhW96oOTHwjap%2FIHRoxGEH%2FlEWLFlaxA9uDQHuyL8gd845kygWQzVeG1JivWT25CcS6laNwX9679b"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8245f1859c533808-FRA
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 845A	43 B 702 B	157ms 73ms	Image image/gif	23.56.205.163 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkroneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-205-163.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Pragma no-cache Date Sat, 11 Nov 2023 10:45:03 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H2	200	DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8 assets.ad4m.at/logo/ Frame 845A	8 KB 8 KB	30ms 21ms	Image image/webp	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/DD95FF88FA3D93F6F44D3AC31E55B69E88B3B4546FE4BC6F8B33238666415C0B819A6AF1FC78B5EC7D26C7715A6F49E85CEDA62985F3A5877BCD8483DC0580F8 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcc6530c9c1c1fcc11b094042bcfaab45eceb5ccde516cfe368423386f88ff2a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 147804 cf-polished origFmt=png, origSize=9280 alt-svc h3=":443"; ma=86400 content-length 8188 cf-bgj imgq:85,h2pri last-modified Thu, 09 Nov 2023 10:13:10 GMT server cloudflare etag "6bf5ee77c591cc80fb26a3d52c76bb31" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mtjVHVZNJv5598Yv99flrgEun0CJYVSOjmZnoHAWhHXw7NJrqfLwBr5cCTFyKnNTt5rapxiBahtwy5SWU3jlhk4gYYRQEXTdd9%2B%2F5tnR94K9BrNB6o8v8WfbgOwPVyD"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8245f1859c513808-FRA
GET H2	200	0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD assets.ad4m.at/product_image/ Frame 845A	17 KB 17 KB	74ms 66ms	Image image/webp	104.26.10.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/0E5BFA76C26FC73E55AB6D68B83E55550C792CB830C69D31D329CEBDC2E4AB9165A435BB4F9054A5789B03CA381227A36BCB33A334DD00ADA2F66E01950FC2DD Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.10.209 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fca03d6fe758b356e252239d5df33ca869ae17137f7ae3953aa9e73753e42c45 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 57898 cf-polished qual=85, origFmt=jpeg, origSize=20720 alt-svc h3=":443"; ma=86400 content-length 17384 cf-bgj imgq:85,h2pri last-modified Thu, 02 Nov 2023 08:23:23 GMT server cloudflare etag "c7cc041935738d6548626f5d4721fa6b" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSeeOjRek4YG3lhaGSTo3BhoLkJF6a7nT7gnF76GQ4HfFEnmfpcmlfEHYkYq3kplMdC2yDJ7pPaQULXfHQ0q92WQHaeFcPWm7pEo8zBVuJyZYgbt4PIMHkrO93knhng7"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=315360000, immutable accept-ranges bytes cf-ray 8245f185ac563808-FRA
GET H2	429	link.html track.webgains.com/ Frame 845A	0 0	212ms 82ms	Script text/html	13.42.240.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=2100065&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hgjsab4rag4nm7p1wz0a7rd7atavvws6ajgfbpx7dxve0dv792nb6yta5cgygqn88g7p8bpractyhndc09hgr9garycbwn0qnf9a6gfp4f2ettaj9vyqyx6jzfrb8kbqyqpfkx1c2qx2hab5a4xg4aqw23w7190n9kn09ye0mq6vwqjg24z6fkg59sasbqmcvmja1akb1b56ncepry3fskbsckarncfbckm49fnx7yfnd2z5hkd60jb509cq34nvfqg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%252526client%25253Dca-pub-3831894559014614%252526adurl%25253D&clickref=oneidP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdYoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY&viewref=oneidrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYMoneid__suite_Netmix_Reach128_WEBGAINSMOSTLY Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=195016%2C19769%2C46427&b=dqeSEfkfpDPVfEHjHwtEtbbrfeS4T5gVSJAqR%2CppXa1fgfpAwfkH4HmtztQJjt9SRT8WwUAQkr%2CrWbTQf9fGq1tAH7HjtqtGReuYS8TgJka1JYM&f=KgDFRfZfGe9mf5HMHktzCBB4C7SAT8QKUPeX3%2CJgKFzf5fqjZhBH6H7tqCpKbTxSgT4MetAmKM%2CP6AhBfbfeYET9HjHbtgCwJ2CJS9TDpQcjqdY&c=160&d=600&e=&g=1454fdd3bcdcc48bbb35c80c6cfe9046%2F15239931132239924479&i=20774%2C21630%2C22481&j=14%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach128_WEBGAINSMOSTLY&r=1699699502851&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0chwk73246jkjy87p77ep4b6q52ntwh3zk1ecb9drdv9f7hga1epf8c7ya2f108mzry4k18jcg15sy84stjrs28vm568a8vtez14r3jsnh6wyaxjgyr5exprmdf7z1apk6c1yb6bfsafvg74qgae0jhnm8p0knpsmhx9eqyx4czmx91nwqzz5hzyjcw0qh77dyc1kj8pq9g8ky5jb2m5h4myxaw7xrd4randyfmw5c83ejs7hv5bzzepqzwnabqh5q3tsx56zp2fyker0w5s0rs4%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCb6YHLFtPZeyXMdaT1PIPooeKSJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzgzMTg5NDU1OTAxNDYxNMgBCakC0ktZ957tsT7gAgCoAwHIAwKqBMgCT9AD1PE5KoCoTsKyQvWcaSxK9NP-c2O04tZmWD_YcCuHcaa5z1eOu8UjKkHQy-Gi-bdbp_RkyCyQ0SvW4Ry-om9PVhwUKOxLhy3Wk7aC2YX4OfUJjm962NoUJVsYqZ7buV5YROwjUKYrBFvabb_qlYjw-8C_eCh36PZ_khR4KKjUsxwPXos3RDG18TcruRuZr6mIQQ1s71J_8GS8GetT8uVlYdeARE5OhfSyFzUj6DLjnhhU7nU5pxKBFkpKkpGgseqK9pj06VWZkqV3Az4qKz-xwVd42eQvdBTVJ5vYIktdE-_UOnQKdb3gS21fxwQ3X2nP_IhoBXbbPVIKaC-Zz07JPe8Nl0Pc4sKQvzOIOYj8vmNjtPltkAaQarUtTo3XJ1STIuv96CbBpD45o7m_7MVZO74am5_Y9HJ_tExHhsqJNq0WjDEg5uAEAYAGoabjpcfgmqHmAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1za7MiBMpYLSx28jvXAfLIabnOYw%2526client%253Dca-pub-3831894559014614%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.42.240.154 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-42-240-154.eu-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 10:45:03 GMT server awselb/2.0 content-length 45 content-type text/html
GET H2	204	sodar pagead2.googlesyndication.com/pagead/	0 0	122ms 121ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311080101&jk=611254877376519&bg=!ra6lruHNAAZxrfrxUa07ADQBe5WfOFl8E4dJjoZ3DCXiSc-I02jvvxdLj47dB7am0p1U1BadkPM-pXY1TVFx7WOTwotRAgAAAP5SAAAAFWgBBwoAMiDjxzWQvGRvQeD3bzvUFW-jJKaqlkt7ZmrBe_vfJ1f32cG1Ea9zfT8PyeLIKa7phEyWmQKssR-hY8JHOzdilAlAQyfty1PjeJC0zFI7q7KluIfRTosx2bzrB7evslo-tk8TyXd6UvsNBsVhxxR8XxXa0NCr5MfwIURsizwEtCiqX1ipnGUgnwNHjKsmbdxsKJYBeH3pVV-QNpXjvinwmAcnY4Ht4XOw_4wx_I2xWPuTRdq2ixC1kfDnlG5HyvXWTL8_0KxuV7eXS6PxeW8E4JTEalrq_DvrlL8Maxprc_1RLLXQ0mY9QH0Y0R_oVgARYhSUH1JwxfNnO4aM9C4SKK9jvx8sgz9j-zF5kX3B5VXfN8fGuICa2SJb13NAIlfQ86FCbJoFsGbNJKUcoGp7FfVTGIOiymXbWHhCMP7tFEvMTUKQedzOw6eGcdc4CDdjJgxqcJSaITPkwfl30G-xN72qLKLbenCyLvkJOy9C_dge1H6Z3mXsJb99s4mnACtZ0IRjTVGhgGXlbB0DqhKXUOI5OZ-vsO_Mt0M33_e4mPFSHlrbEWCuZmUBmw73PxDnvd3OzQxLuZskiDvoHjzcqbvrsEzGQCU-83kCrcBvShhIDXXJNW-s8gHX_ql4LroXoRiuVZANayteE8-GBMVZpOdX4Q_unrI-foISm9QEKvwAE6hFB-0AnID_Ek3m-MA4vj-207NeN0tX7ntqf9N7ul4BEQIs_wGgh2Rn8pR9zWNgB6CTwxcwzfL5C8DBZhZWMWO5YCqk9Mg5tGUJG8yrKysM3g9z0t78MnEoTGvFjUMBgHlEyO7gZ_kocmUD4enijYCxNJpacD41-qsP9k-TqJKfstvnZ0RcNxSrNboYktgPVJxE6CQJN572WCoScqFxYZgBfx1ratj8ViYzFj75xdK93rpXW-cQHSmafw_n5aEF8yEnY11q9Sj1aOlV5htyW0s4u95jaTyX9CAXt7srMY-B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F118	42 B 174 B	58ms 58ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQHyePjaNoBsSyMEtOY3M70C7febHgzcToeyucxzmoluzXzHDDzDcreAHvD5ntyOedUdnjhpEd7K7WZBtCL7EWn-_qjJU3CZYpfKYT8o1tu8u_EEMRpg&sig=Cg0ArKJSzF3C4zePmwNNEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231109&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1413887851&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699699501146&rpt=803&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://11a55f3c10c328cd72e0ca01fed28150.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:03 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4363	42 B 121 B	72ms 72ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFuNQDCj-FXxp0Hy9Y5e2cGst3s77jfQE-WfF-0JKbRdWkzb76MJsEqNPS94sLxrJ-QWE4K5UBrEApgx_P05JH4cc0oU0bKRPYdrWq-zB2a-YMLlmcCBs4ibCQzkTZU-tO9XHcZWJxRcCgU_Zzzyz0VK8v4oOsPUhPkZtCzuNZBbzzbANvVprlMKFHQHKMd6nt388Dpga6e-luF2zbMr7CmMOvKG7DYRliFuMX2-JsvFrjTvRxjvhFsdibH8sfdycdUDGy9ikhjrhx_BCX1DXJPWGZzIEC9kxyAoMlg-8_o_5pA59aa2haLaJawt4pREv5Uz5HJsqq0tr8YkI6hd-ITh3RAB5gdhzOTjjzWH_f2o5jUkrD6K1mcYw3k8ew1oWoIUB7e_Q6zXvL4oIeLwrs9rfyfEsPIveNs4Ge0p6xiinnJQ0LiR1TvOhNjMQrIQKp0qFKRwvpJEFg-Ey-Oe1hZF2EKQait0z-jzQxc8ea3uMSRKPyQGbe4SjB6Q_lNCx-UOs0lgW9T5mhHFV-IwNstErWGHXF6McGFUcVD-SOyY2Xh-L1WMGd97aafwpNa1j-x66NIK4XmJ_qNZrJHP0u8fhbsc1h8eV3DR-vdIvHIjt4mYf4jzxUI7Rwlrv74jfTfuQtcap3sSbY6ngsTWzlOAxc0zNAveikZeYzQ8z4PdfXfPcyMtaAQDWDg7wgintFU1RWNxkS5XrkMKJ_t21cLKS0c2wCTH0R2nMDlPLUmeRyLncoEKQUHVEvnd1VSs1xz7Fdbe35Im8pHWe-p8pp5qChywpshiUXKtJxaZEpcnFn4M_A83-vTL6YrwIB1p6NdmK5O8pNpyTcYADlX8CYZuOaeuCQXezUpwAvSs-kQiGg-c4GiZeQtukABT_k3JkbGgHZriVC8Ok2WmFue-qkNToU6S1g3gJhdKruNFcJUBcgoVDl5YQQZo2FkcxXk5n67JiC56zOZ1P28aubkED81kx2C0DEVGoUzDhkw5tfV5s_bcPv25LdGv5P6-AnkquXJU6LjdfAF3e6EfC0h3R7SQMf2Hlb4dsw0yxe2UswANKz48ZdjD4-9qem768FLYqnC-SkdOSKbfOAfzg0KguvlhVTtqWUHpXjJYrqLg_L362wCd3wif7P1TmObaZIVeUH7cqHRatObcoK1GPM_ewm2WZpK-vXwksJCbA9QtpsYvnHeOzGFzT-BIgop1HiQs7j__sZes1w6QebnMw3BbFL6cmSdmBo33c9Ekp_CHckEj4pvR5Rf7cKZpNoRjO2jd-YU5dKC5DzJT4HLYa7twiJi8Hx1CCdrU1QdFAe5E73Qv4daD2-kaVYt31H9Rw4ch--6hzRdUxfgwzfGLFSFGhCE9Cy18VmUvpYBTeYDvcnEssCfg7T-6rR7Br2KlRoxQJnuxSVUiU5fru-OnIx_rlIu3hdsXxIWsfHjLT1qH9-P56v6CO15VSYtIR7XTauWZZn3UIrzFFigaxWNI8gb4DmEnFt1g8JGBt48Jc0Sv3lUy8&sai=AMfl-YSuxZuNbJs-dEITlwi8WP7d3jzRSQjo_brE73Ho_m-b-sQR1S1rlteg38PKUCC0XlEP51X0PoeNPu6Wx2UlOSis5xx3czmf5q1dg1C4nWakYX4amtBouwu6P3DEnMqOkyWE49yO6JsH&sig=Cg0ArKJSzKSLlP-irg_bEAE&cid=CAQSOwDICaaNj0YB_xm4kbNpgcXppIk32GAvWG2V8GtFTKXNGD2VRrjZShmC7B-QC62J9BhvRfItaaKFwFfRGAE&id=ampim&o=415,798&d=770,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=989&tls=1989&g=100&h=100&tt=1989&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sat, 11 Nov 2023 10:45:03 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H2	200	e.js Show response live.demand.supply/e/	0 276 B	22ms 22ms	XHR application/javascript	104.16.133.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=Y3V0c3kubmV0L1hDdkJKeVB2Qg== Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.19.2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.133.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers x-nf-request-id 01HC5F3PFM4Q44PRAX32JM2B1J date Sat, 11 Nov 2023 10:45:05 GMT cf-cache-status HIT age 895625 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "21c8841ebef55ccccd0fc71b96dfbd5f-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8245f197d9b02c4d-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914