cutsy.net Open in urlscan Pro
2606:4700:3032::ac43:c20f  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cuty.io/NDFkAmiS3q0 HTTP 302
   https://cutsy.net/NDFkAmiS3q0 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

• https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&rid=esp&cc=1

Request Chain 80

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutsy.net&sn=ChromeSyncframe&so=0&topUrl=cutsy.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=HknMBXxYVjB2anRsWWNPTW1hR2Fqb0xIbVpyTEFWT3dCOXF4RUFCT3Rzb2d2R0tRT21RcitScU1HZXdYOTYrS0JlcVZyb09JSDFZN3NyQTUvazdrN1BsZHQ5MTQzQlJTV2g4UXZIN0Jld21kTW94QUowcFN0VklKK0p3TjFRRGFkQ1Qrc0ZHdzV0OEZwM2xBcndoYW1tamQxNE5wVmZHc2NQSGluU2ZZSVowcWMydTZiZXFKc3VPZmd4aHEwQWlGdy94NzJybFRWcGpLY3preFNraGtZMk8wTXFWWU4rOWxWQzBjK240cnZNY3RWZ2Fvakw1RVE0MFVBNmtSeGdsMFdvL1BpY3E0ZVRNS3N0Mm44VjNnSHd5Y1pjQT09fA&cppv=2

Request Chain 131

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7642f3b9-65d5-4743-8df6-2c9901123f37&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=252ad86d-eaaa-4fc2-8a0f-7b574d6d4d34&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D0f9b7444480d489ba99aaf3e3c1471a0%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=5783860275795181031 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0f9b7444480d489ba99aaf3e3c1471a0&SNR=1&GV=2&med=10

Request Chain 141

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fb4c753e-08b7-412c-b25b-8917acdf224c&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=734c73b6-baa7-4944-a550-942835120913&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3Dd38c883ac3d94d97b6fe1090910cd8d4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=2193619619979227812 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d38c883ac3d94d97b6fe1090910cd8d4&SNR=1&GV=2&med=10

Request Chain 150

• https://securepubads.g.doubleclick.net/pagead/adview?ai=CL-siiJZKZbOMFcvwgAfLk5H4DL7Fp_Zzo43B-IkSZBABIJWbyiFglfrwgYwHoAHT_PbVA8gBCakCaoyXPL7nsT7gAgCoAwHIA8sEqgTdAk_Q5149p4IG0BC-LpCSL7Q8VpY4lwvSXULI9gE2WySFDYuiB5P-oYDiYYJfcujBj5p4HT2J-lMLONQZUdLNjpavHbkxWEIRbYbJ6UKw5XQk1M8CA8RjrSV2yrBYTMd5x5FFAsWc2H0DGrb835xLZ7twXPg4kwagG7RMVKSe1En1HaTikGqx4cYv6ZgrJ1eyP2hDGGDqDcAfX_BdtceryNLQhJpKB4JQVzG504Z-xmKMxrT2yshL7p2gqYQ8pbwg4ooUxHeXYE-nZ9o3K9nUjtDLmT_mCqy-JiOWff5KRlTctdagd9Mm528LFWXgOLU-Jhx9ZeQ4B7th-uArE9Of0uulVH9dJyYuSM7MMbb-uZnYgra5rbmAYgLp4U5nLZFafb7hu3OT6w3bcdqLorD27OBOzvssulYbxbHL4sBUFkMZXLfPCo6ttrwQ6906QkhpytXOx9ePq6rnEhPah5bABMjlhfHIBOAEAYgFwMOhrUySBQQIBBgBkgUECAUYBKAGLoAH0Kas5ASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC7hxXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglpaHR0cHM6Ly93d3cubmlrZS5jb20vZGUvcmV0YWlsP2NwPTY0MzE4MjM1MTMwX3NlYXJjaF8mTWFjcm89LS14LTIwNDI1ODQ3MTc4LS0tYy0tLS0tOTA2MTEzNiZnY2xzcmM9YXcuZHMmgAoDyAsBmAy9-OLFuQSiDAwqCgoI5LSxAu61sQLiDRMIiuHG-9WyggMVSzjgCh3LSQTPuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=wyEwMwIEBco&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNYAESRnseGXDYdMoHal8bC91BlgpRg9BYq7pT1ppo-wv-c6Wk2VtfOeSvPWOuCejIMTkLRLPNRfzmJedP195kqOb8PUl6YMvaaxgB&template_id=515&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217043716679983340046%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214789240067795128561%22}&andc=true

Request Chain 167

• https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPnhWvVIDPnhaslYhhwGtuQ&google_cver=1&google_push=AXcoOmRkI1__mJW4KJ6nO5SMXOADj2xzI8HQo0EjtrLmKnYNoXw5MdQ6AROCSdNkJYnLutoIayONjSKWobvhyGavOYu80uhQylVR HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRkI1__mJW4KJ6nO5SMXOADj2xzI8HQo0EjtrLmKnYNoXw5MdQ6AROCSdNkJYnLutoIayONjSKWobvhyGavOYu80uhQylVR

Request Chain 168

• https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSsv_hyOtS4guEBoAOWKkYFpM-YowAnd3JfGjgIpQbO8XISP_KAYgt97fodTmJXqL0touDsHF35yKrkX1xSOFe2DA8yHW10&google_gid=CAESEF5BOxyDjVacqxftJdjV4Js&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-2nIJuRNErOhOtiVOYKKBSCovachQ-sW4VOPC0w&google_push=AXcoOmSsv_hyOtS4guEBoAOWKkYFpM-YowAnd3JfGjgIpQbO8XISP_KAYgt97fodTmJXqL0touDsHF35yKrkX1xSOFe2DA8yHW10

Request Chain 169

• https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELOwBGIr5ljiXZnD2Ha3Cec&google_cver=1&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3NhIq-tppWcldH6Uv HTTP 302
• https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELOwBGIr5ljiXZnD2Ha3Cec&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3NhIq-tppWcldH6Uv&s=2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3NhIq-tppWcldH6Uv&google_hm=elZ1RjljeVRlQkdiRnRVeGtQRl8=

Request Chain 175

• https://a.tribalfusion.com/i.match?p=b6&u=CAESELamHU_BBOjhkWWayUG8jd8&google_cver=1&google_push=AXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELamHU_BBOjhkWWayUG8jd8&google_cver=1&google_push=AXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 176

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEOeXKWcyeLFxY1n4e7CiK1I&google_cver=1&google_push=AXcoOmSKbt_jw5dsPwgOs0MRbDfVkYFA8yFfxaK5dfjnNXGQNyahOiDg-pAVYgeMVxMe5IN8jgq4sn0EsIGI-zVcChbx-u9VPniZ HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nVrGOttiR74lkJLKmE33Rw&google_push=AXcoOmSKbt_jw5dsPwgOs0MRbDfVkYFA8yFfxaK5dfjnNXGQNyahOiDg-pAVYgeMVxMe5IN8jgq4sn0EsIGI-zVcChbx-u9VPniZ

Request Chain 177

• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMNEALOvCy97lHSbGFs8RjY&google_cver=1&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0_UobZUS0lI HTTP 307
• https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMNEALOvCy97lHSbGFs8RjY&google_cver=1&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0_UobZUS0lI&sovrn_retry=true HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0_UobZUS0lI&google_hm=HnjssGZHHwaMf6LPS-GGg4jC

Request Chain 178

• https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELJNhCjG_Hs-gy4RtEaLENs&google_cver=1&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQNW62VEN11fY9FGajigtJBBLH8fg_PLKWHJwgq_w24-DpD HTTP 302
• https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQNW62VEN11fY9FGajigtJBBLH8fg_PLKWHJwgq_w24-DpD&google_gid=CAESELJNhCjG_Hs-gy4RtEaLENs HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODAzNTgwOTk0OTExMTEzOTQwOQ%3D%3D&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQNW62VEN11fY9FGajigtJBBLH8fg_PLKWHJwgq_w24-DpD

Request Chain 179

• https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECt-yJwfztyR8IpgNXq--9Y&google_cver=1&google_push=AXcoOmSg01h2X8D8kO9-BhztzwGaPyQ3AnBRH_c5UpLAldVb-Xihu9BCYQZFQosN0ijrruhU4RdnLuyyW_S76XSacFgQn2ClWlimJA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSg01h2X8D8kO9-BhztzwGaPyQ3AnBRH_c5UpLAldVb-Xihu9BCYQZFQosN0ijrruhU4RdnLuyyW_S76XSacFgQn2ClWlimJA&google_hm=QlMuMWEzNC0wMjE0LTQ0ZTYtYWJhMA==

Request Chain 180

• https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDarSwL5NWS6oHcp1Q51uEo&google_cver=1&google_push=AXcoOmQreGEZLLKk42AuEBQ5r0uN_u-zexXsBl_4BSOxqJxzDk763_Yk9BBB4Ean45lYq_-dtMTn1FigqyYAQxGDTYKNJKRwVlo1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQreGEZLLKk42AuEBQ5r0uN_u-zexXsBl_4BSOxqJxzDk763_Yk9BBB4Ean45lYq_-dtMTn1FigqyYAQxGDTYKNJKRwVlo1 HTTP 302
• https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 181

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG2bd7-pPoMJQ8M4981gy38&google_cver=1&google_push=AXcoOmRcpRB-7BX33Ord1lWf7UCejxcPSD-9JP3WgsAZ7ULsIRfyXC854RLaIW1qB2ljKXEGAz2KQMHFDSsOaULbiRmOKZxrlOuWcw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRcpRB-7BX33Ord1lWf7UCejxcPSD-9JP3WgsAZ7ULsIRfyXC854RLaIW1qB2ljKXEGAz2KQMHFDSsOaULbiRmOKZxrlOuWcw HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 197

• https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENutKCeplJk67gb0kkTkjzY&google_cver=1&google_push=AXcoOmR6Vu-2qtGkj2WqptHEPUxJ_q6JTyalR0LmfSpDd8i58MW_sXWTK1FqrZSiTWPI58_2h9ihoOHCinlkLIF062lUx9n6rOnO HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6Vu-2qtGkj2WqptHEPUxJ_q6JTyalR0LmfSpDd8i58MW_sXWTK1FqrZSiTWPI58_2h9ihoOHCinlkLIF062lUx9n6rOnO

Request Chain 200

• https://cs.media.net/cksync?type=g&google_gid=CAESEI19eEk5a62EbUQ3Q49tQ0U&google_cver=1&google_push=AXcoOmRwBIHcKJqvB1DlVTQh7Foo8Kd56zYSnmL7qyDQQDChoYnnLr3uh7eOjqHCdsQHN-FG9gpyurDFg4YD7gCy96JBYOH43Pg3 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&mn_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRwBIHcKJqvB1DlVTQh7Foo8Kd56zYSnmL7qyDQQDChoYnnLr3uh7eOjqHCdsQHN-FG9gpyurDFg4YD7gCy96JBYOH43Pg3&gdpr=&gdpr_consent=

Request Chain 201

• https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELVAWy6Mh29TObEqSAfnUr4&google_cver=1&google_push=AXcoOmQ1DP3IwfkZH2CI-4vHQv5nl2gN2ceLMJGGtLJwLVgP7Z1irxJnTni8rZCBjy4rxL8TkVKBzL_5B_gqnOWWJJUsx7MnvNUC HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ1DP3IwfkZH2CI-4vHQv5nl2gN2ceLMJGGtLJwLVgP7Z1irxJnTni8rZCBjy4rxL8TkVKBzL_5B_gqnOWWJJUsx7MnvNUC&google_hm=QlMuNTQzMy0zM2M1LTRhMTEtOTFiNQ==

Request Chain 202

• https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDxw3EOd2xiJKc6_G6Jjxb8&google_cver=1&google_push=AXcoOmSYiU1Y7aPE99PPKWDYvL3QvLfMbEKN22NyRSF1e9__eHW88XMUmZ-MTWPy_CulFeebokVGINihmGRQyX6ICwokK4dI55Bz HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYiU1Y7aPE99PPKWDYvL3QvLfMbEKN22NyRSF1e9__eHW88XMUmZ-MTWPy_CulFeebokVGINihmGRQyX6ICwokK4dI55Bz HTTP 302
• https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 203

• https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENKSBMA2zXyZwtAcS3ccMmU&google_cver=1&google_push=AXcoOmQHsQAT2JnT4C0nceNXBMkq7EdQrYTg7CEssbDRBMP3PR2mSJlLOFs73YNyWKW5g6ww1LCeEOOQZYwshjaRgqV2rNEa_V1J6Q HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENKSBMA2zXyZwtAcS3ccMmU%26google_cver%3D1%26google_push%3DAXcoOmQHsQAT2JnT4C0nceNXBMkq7EdQrYTg7CEssbDRBMP3PR2mSJlLOFs73YNyWKW5g6ww1LCeEOOQZYwshjaRgqV2rNEa_V1J6Q HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU0NjAyMDk5MjM4NTkxNTI4MQ%3D%3D&google_gid=CAESENKSBMA2zXyZwtAcS3ccMmU&google_cver=1&google_push=AXcoOmQHsQAT2JnT4C0nceNXBMkq7EdQrYTg7CEssbDRBMP3PR2mSJlLOFs73YNyWKW5g6ww1LCeEOOQZYwshjaRgqV2rNEa_V1J6Q

Request Chain 207

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7642f3b9-65d5-4743-8df6-2c9901123f37&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=252ad86d-eaaa-4fc2-8a0f-7b574d6d4d34&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D0f9b7444480d489ba99aaf3e3c1471a0%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=5783860275795181031 HTTP 303
• https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0f9b7444480d489ba99aaf3e3c1471a0&tids=15000&med=10

Request Chain 208

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fb4c753e-08b7-412c-b25b-8917acdf224c&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=734c73b6-baa7-4944-a550-942835120913&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dd38c883ac3d94d97b6fe1090910cd8d4%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba&aid=2193619619979227812 HTTP 303
• https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d38c883ac3d94d97b6fe1090910cd8d4&tids=1&med=10

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request NDFkAmiS3q0 Show response cutsy.net/ Redirect Chain https://cuty.io/NDFkAmiS3q0 https://cutsy.net/NDFkAmiS3q0	62 KB 20 KB	236ms 179ms	Document text/html	2606:4700:3032::ac43:c20f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c20f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06719f558b7203b4fa48955585374b0db7e9e211bbdb618a07a02ad473c68d73 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control must-revalidate, no-cache, no-store, private cf-cache-status DYNAMIC cf-ray 8228246ccd610414-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 07 Nov 2023 19:56:55 GMT expires -1 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs1PXKb0LnPcQ4YDRopsOaP%2BO5OC%2ByrgnP8MCKUWirpw88AOiz6jF3%2FfgG1LIxBxbZrmTtfbtVYMftdZl72sSrvLJ9k0KeY5nVy58n1u1bzjodlejjcBZ1VWrqWoRwBpxd3EUlkvNok%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN SAMEORIGIN Redirect headers alt-svc h3=":443"; ma=86400 cache-control private, must-revalidate cf-cache-status DYNAMIC cf-ray 8228246bde204d88-FRA content-type text/html; charset=UTF-8 date Tue, 07 Nov 2023 19:56:55 GMT expires -1 location https://cutsy.net/NDFkAmiS3q0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6cgrRAYQwvhrXcnWvyLhkzQL577DAVSyvzimCmFZ9Kti1ttje0ravpgTyPCrynx80p6SsR0Q9c3E3PtoZSkrqYC13twcfwYE3giLZjzHYWGh56E4L%2FH8uEU1MvZePkEFtaZvA5V"}],"group":"cf-nel","max_age":604800} server cloudflare x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	css2 fonts.googleapis.com/	11 KB 1 KB	48ms 19ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a5a263756e794d5ad9a686025bb4174bd55dbbca9635748b247a8a527e89354c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 19:56:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Nov 2023 17:57:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 19:56:55 GMT
GET H2	200	public.css cdn.cuty.io/css/	51 KB 10 KB	66ms 46ms	Stylesheet text/css	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396381 cf-polished origSize=52548 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 28 Dec 2022 14:22:02 GMT server cloudflare etag W/"63ac510a-cd44" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mNlxgbWG1MF56D3Oh69MHjdFnbYbVYKfIZyZlZ0K704gzGeiyLfg4NRqVb7BqAh%2B8%2FyoNQsKla49Z1nYdXxyn%2Fijo%2BUyACb0SC6TyfNRVGNe397jYz5r5lzv2q9YyRPp8whudZlChxqBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 8228246e1a1c4d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	logo.svg cdn.cuty.io/images/shared/	6 KB 3 KB	44ms 25ms	Image image/svg+xml	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/logo.svg Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT last-modified Sun, 22 Oct 2023 15:40:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1396389 etag W/"65354269-175a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZC5wOIPCvDV7BljKgMpx0MnRIyi2xdHOpp0Dy0whS40QkTf5sankqB38ES45GjHpgOZlNQuJGGBx3%2B4mCQenIi1NNfUJqGK%2FGYi6keOwIhBho%2FfMNKL%2FultEtaMMxf5fbgIGg%2FRkKI%2B9w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8228246e1a1e4d88-FRA alt-svc h3=":443"; ma=86400 expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	locale-en.png cdn.cuty.io/images/shared/	24 KB 24 KB	71ms 52ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-en.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 24647 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-6047" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNztGmMKUjU%2BhtrKu8%2BFzUoETTuQX%2B%2B19y%2BAQgq144dP4w9B2Ml4mtlObJj6b7OyaatwujRWmuxiTZvSoZ3RVLjZKAPCJSF3ZD5kV94h%2Bsmt%2FYecbDxvBwYFaUOj65k%2BLkyffxBIOzz%2BHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e1a204d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	arrow-down.svg cdn.cuty.io/images/shared/	220 B 459 B	56ms 40ms	Image image/svg+xml	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/arrow-down.svg Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT last-modified Sun, 22 Oct 2023 15:40:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1396382 etag W/"65354269-dc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEyHeYUWCdEjs61y3GKqP3Gn163w8WcoxH6bHauj3xC3F3EdMgcrS1HSbN8CKdaH1zwOHEeWMlWSSE%2F0NVcEVImj3hNqAmGZp9nCw0TrLw%2FcP8qobxbg%2BSWfS3OGameLEPY%2BoyNl4oz3qg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8228246e4a744d88-FRA alt-svc h3=":443"; ma=86400 expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	locale-es.png cdn.cuty.io/images/shared/	12 KB 13 KB	46ms 30ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-es.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 12579 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-3123" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6X90LG3Lh1546k9vPmqhFIMHdAXTneD96vnMVJ6N9YYxO0d9R8mHjZs%2FZMEesN2JEwpudO4e87cyHDzCOgh0kB5HxuQ84wXwqXGqyh8ALxZNiW%2Fr75HSBUlfilZidGpYhIv5XUFqZn3ug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e4a784d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	locale-ar.png cdn.cuty.io/images/shared/	50 KB 50 KB	59ms 56ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-ar.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 51070 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-c77e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q23wGjaOlOtx78NBOGsEFiIgJkj2BVkf0D30B%2FM7hJxM2z9k8e2ngfXXYA8P0ZlRnZQsCcQmyaA93RrtIBIotk3yRXq7W%2BizIu2EsebmXQWOkAZktzPmLMjqyomSYKr3LdIDgzJLso8Obw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6ac94d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	locale-fr.png cdn.cuty.io/images/shared/	16 KB 16 KB	57ms 54ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/locale-fr.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 16411 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-401b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuJ4wOG6LN%2BHTRG2ReXVcGswRw%2B%2F20f1gwu3H%2BLdxbdFKnwO4f5Ko2ZyySrJbex5B15LvOplX74PwdNUqFubF8BNjwzAzbCThRCUqok5BLxrDKf%2Fma9fwt07K9ggkAMT4yBlKdAzvu%2F3Zg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6ace4d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	burger.svg cdn.cuty.io/images/shared/	207 B 483 B	58ms 55ms	Image image/svg+xml	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/burger.svg Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT last-modified Sun, 22 Oct 2023 15:40:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 485232 etag W/"65354269-cf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xq0ts1%2BFeDaElzlXgci6hFkA1dInZZxIb5PcRV5ldsEWJFKVK5qL6wdcRPd5xHYrvRwGsdQSox3Vr4tWFjyEyz2Gck6pkzT9M4WebZpFmTn%2FhDYfQ%2B7SDpnqFpu7v3UgDTaZ63Rjg6JOQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8228246e6acf4d88-FRA alt-svc h3=":443"; ma=86400 expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	x.svg cdn.cuty.io/images/shared/	209 B 469 B	57ms 54ms	Image image/svg+xml	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/x.svg Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT last-modified Sun, 22 Oct 2023 15:40:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1396382 etag W/"65354269-d1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb5x8nRL91DBXh38JqOQeH55O2E6En9ycrfEvXGrk7EQ3B7D%2F0m%2B5kNe1XK0vgeD%2BCh5wumD7H5JRoMv0FjJ5OJ5jK9BAXCBnnQkmyt0sbznxykhdyXKEFWVzzLSmKmHYVANvKBz8CzZHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8228246e6ad04d88-FRA alt-svc h3=":443"; ma=86400 expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	facebook-icon.png cdn.cuty.io/images/shared/	409 B 713 B	56ms 53ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/facebook-icon.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 576186 alt-svc h3=":443"; ma=86400 content-length 409 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-199" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVH8zXmBxQGO9s2f%2BDLCl8%2FEya3mD039d2hcNL7phbBYmtUxxbSMbCpwz4r%2BismBX0w6Whm48DWtAcMz4xqNLEf3pbz1eKn1Aj4UspmnZvirOvA0ffF0TVEn3IcWeT5YgorwpeR6ygXtkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6ad14d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	twitter-icon.png cdn.cuty.io/images/shared/	809 B 1 KB	56ms 54ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/twitter-icon.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 809 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-329" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyXPAOCBXR%2BfON2tKlNH2igSMMwJmwrzyQfIyCSVSJs%2Bp3rwYx1AcjjsH6LfRTDbxupLAii6T4qrYWPv6lo9eNoMwI7JS9qC1Ne6KTmCrVgjv3Pq8pbDcZlQuGmXpz4Pi9mZ0SPOKRyONQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6ad34d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	linkedin-icon.png cdn.cuty.io/images/shared/	222 KB 223 KB	56ms 53ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/shared/linkedin-icon.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 585931 alt-svc h3=":443"; ma=86400 content-length 227769 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-379b9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmuBYq9bg8aEMEtIZq8Wx6eSZf7oIP5bAvedwv1QhiJ%2BjQt6WHTjrW0oe9iVaoRzrKZ3jnT9OUYCzL5woBHgmeZpd3tR109kHhkaGTIKg97eUibEQMblfInZ0AH1U99wbcF1OG8PT1pMyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6ad64d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H/1.1	200 OK	60028 Show response forbidcrenels.com/1clkn/	6 B 1 KB	142ms 36ms	Script application/javascript	23.109.61.144 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://forbidcrenels.com/1clkn/60028 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 23.109.61.144 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Tue, 07 Nov 2023 19:56:55 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=1 Server nginx Accept-ch sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Connection keep-alive Keep-Alive timeout=20
GET H2	200	6534223 Show response glersakr.com/5/	70 KB 27 KB	121ms 54ms	Script application/javascript	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://glersakr.com/5/6534223 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ef9ff8aaa5cb014a72515f4fbac93a1b408c05af0412309cc3e357cedcfea9db Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding gzip x-trace-id b2679d99a5cbb10e0a7da188dfb34d78 pragma no-cache, no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	step-1.svg cdn.cuty.io/images/public/	2 KB 867 B	58ms 56ms	Image image/svg+xml	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/step-1.svg Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT last-modified Sun, 22 Oct 2023 15:40:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1396382 etag W/"65354269-658" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5Tr00MZSlwq%2FcoM8kU2tZsbIVJqzawsLkETY7HMzxMy260nEFV1MhQWloFuoEemdw27OrgWUknm6Hr5War1FQeQS627muOsdWHDXumky0g%2F5TOXaCM4LuflA9GwIPJ%2FjeQAQhAXTGLBNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8228246e6ad74d88-FRA alt-svc h3=":443"; ma=86400 expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	step-2.svg cdn.cuty.io/images/public/	2 KB 959 B	57ms 55ms	Image image/svg+xml	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/step-2.svg Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT last-modified Sun, 22 Oct 2023 15:40:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 498747 etag W/"65354269-607" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5VTHzMBSvGTUZkEeo9kRwCnJoqv5y90T%2FVNhcXpgdrT%2FS%2F9c0sls%2B2nP6IBNyjBYbOBcAtNSjMyW5YMD6ROHnlxiEmrxgiSMinbfcOKueY1J4A%2FOAmZrxH1W%2FLfl1mk6T5smPB%2B6vDZyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8228246e6ad84d88-FRA alt-svc h3=":443"; ma=86400 expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	step-3.svg cdn.cuty.io/images/public/	1 KB 788 B	68ms 66ms	Image image/svg+xml	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/step-3.svg Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT last-modified Sun, 22 Oct 2023 15:40:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 585762 etag W/"65354269-45b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pdQJYBB9d4Dw9cDQi0yTRpMi0GIJt3m5BqSb0dEKLKuyNbapZZzftiYMTeO6HYhq%2BV6JkvypxBr0oF%2FkVSknczIdxigC1hHFYfUr8KYgz93jT86XFC9IdcMm6lhH8pTC%2BmcZt0uBhMjXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=31536000 cf-ray 8228246e6ad94d88-FRA alt-svc h3=":443"; ma=86400 expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	money-tree.png cdn.cuty.io/images/public/	27 KB 27 KB	60ms 58ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/money-tree.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 27646 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-6bfe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAzWbKtnWEl7neyRosBVVjNXJIJcuZnuvG9RhoG7AkRGXe%2BU2UuZ9nlsacleYcSvQEZA8iKF77CpKvzo56vrX5a5KdKwg0iSPC9gqsjSgeqBDNbd5AjdIvLOhcOXNONT2Y7rNJaxpFRHcw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6adb4d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	bitcoin.png cdn.cuty.io/images/public/	30 KB 30 KB	81ms 79ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/bitcoin.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 30766 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-782e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mm5hnohlh7RFouiNZ8Bye5PFHFmcxRLogGsRKoEMuqy1ev1dBq4AlGK9yqwHoFSJ58blVzCEjiHRtReQggpWYGLo9gNphZMV8rJwsHM9NiF93GC6QidDa0CTicF9L%2BXqA1hX8nK%2F2P%2F5Cg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6adc4d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	payeer.png cdn.cuty.io/images/public/	1 KB 2 KB	63ms 61ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/payeer.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 1390 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-56e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVItdQkqprqHpywCG%2BbezlsAFKiswDYQyFwctdm6Em%2BByGTBS0vDxQIlDrS72eNznlvMdhYRAbyuBbebLwfBQkc816Y4pBMT5hoEeLiZLzMKXwDsQ1sfQ6PBN2iawdDnK4R8pY0bCJpFgA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e6ade4d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	paypal.png cdn.cuty.io/images/public/	24 KB 24 KB	48ms 40ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/paypal.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 24721 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-6091" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1hIWSQpEL3LjGzskJwvqlth%2BVp9LUHxuYdGHWeUQ9q2Jns%2F9zFWxAwk50A2M3YCqquPVAIGW%2BOmKlzqCvb81gobYG6yKwQi7iLTWkWbLUmQkrO6aj5HzJBhZHEyDu21EGCGdg7SID6v1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e4a7b4d88-FRA expires Mon, 21 Oct 2024 16:03:11 GMT
GET H2	200	perfectMoney.png cdn.cuty.io/images/public/	198 KB 198 KB	49ms 42ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/perfectMoney.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 654697 alt-svc h3=":443"; ma=86400 content-length 202386 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-31692" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlijXS2JdQrEF9u87u1BaMUWu9glwVWLDiOTYI0d7yibHUBDWBkb7AeY7rbpWQy6q%2BBpxMthTxEin9Jm4zoirf26e2k3t5vqYSGYT3cusljrOa2qs4nbIkHIED9GOqUapvfuauExGf%2BEtg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e4a7f4d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	advcash.png cdn.cuty.io/images/public/	8 KB 8 KB	54ms 48ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/advcash.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 8141 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-1fcd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tElQHDhHziHirRq%2BPahitI%2FlPSAAzodri7mYy35lFumpsr8GTGD0HxxRf7Wtd7yXjL81tI%2FwKV0aDjkKloPbefMOLBQnAkc25hDaLnaWHViH%2FhgT1rmjgXayn7hRBH55KqZ7MteaSwtFmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e4a804d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	airtm.png cdn.cuty.io/images/public/	2 KB 2 KB	52ms 47ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/airtm.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396382 alt-svc h3=":443"; ma=86400 content-length 1558 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-616" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0nnY0mYBFW94KKCpty0mK3NRSwzn7XV%2BZgBfVoqjVTnGCLPKpSn7bXuBahNLpLiba3p9iUomeWUAVCZKHIsc7gtkWUKxF1Lh%2FbakZb1Ni%2BxYB2ZnpsIOPksWrI%2FvHOUHnxQehgYrmK3tg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e4a824d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	base.js Show response cdn.cuty.io/js/layouts/	104 KB 38 KB	64ms 47ms	Script application/javascript	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/layouts/base.js?id=84550ec4f4e70c7a99352bb1508dc871 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d1a73cc450a1372b4b92561d9c0d5d74b3060fcc3610cb2c68ac73147590c2b Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1302181 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 23 Oct 2023 18:13:38 GMT server cloudflare etag W/"6536b7d2-19faf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQ9znLP6gFo1YCDxgrVN884NP763wXkAHrXn0u3dSLG7YUcUTlhZoh%2BW6Mbp19yy3i5%2Ffnp0DGBYSX1J6GGneHUR3E4Um1yySdD8jcQzG51Riv51W8R8azgF1BKsJbyMi7sWo6EQHJN0jQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8228246e4a7a4d88-FRA expires Tue, 22 Oct 2024 18:13:39 GMT
GET H2	200	first.js Show response cdn.cuty.io/js/public/links/	24 KB 8 KB	53ms 48ms	Script application/javascript	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/public/links/first.js?id=efa66657ba1b651fb250bb0925086539 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d799c106522380376acde320ec20b9e09c5b26e1b791b294d30743789b393a39 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 564018 cf-polished origSize=24447 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 23 Oct 2023 18:13:38 GMT server cloudflare etag W/"6536b7d2-5f7f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqpE2B5%2Blf8FRM0PowAk9tRvzrW4a%2FrKd%2BQfj4yhKB22kalfl9AR50dTJTv6yag5qWQqKMjjTtpsNv3ggwOXfEa5bna3Un5g%2FwUp4x5Vaj2YmExqFfYlcoRlI7kiUSglbgswlwpUKHqbWA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8228246e4a844d88-FRA expires Tue, 22 Oct 2024 18:13:39 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	81ms 22ms	Script text/javascript	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 43f5092a8a186c1c7ef5e43b54eb247eab4ce9e036ffcc52cc29f7de5aee0fd9 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 07 Nov 2023 19:56:55 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	243 KB 84 KB	68ms 21ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c38fc18a17655321cad85bea8519fcfc0a7a6c8171f23e03a2343e5c8b28b36d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 85782 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 07 Nov 2023 19:56:55 GMT
GET H2	200	nav-links.js Show response cdn.cuty.io/js/public/layouts/_partials/	3 KB 1 KB	52ms 48ms	Script application/javascript	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=bf590aecad96e602232396e03c74a3c6 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fa37db7cac868f9dbfb8977f11862f6c35bc485496275dafaa578dc853ae3a0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1302181 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 23 Oct 2023 18:13:38 GMT server cloudflare etag W/"6536b7d2-c04" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSKeAI1nSdgOssGnp1WQG%2Fc%2FY7nx1Bi8wbOWX1lhecRD0lktG9tynVhhFewG2R8rbZ64zVNbv%2B2RsOfK4U8ICab4RwImUko%2Fd9X0PMZiWmGyN%2BMy4qB%2FZtRwLfSgU2QalqDDRHnA1GDyHQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8228246e4a864d88-FRA expires Tue, 22 Oct 2024 18:13:39 GMT
GET H2	200	app.js Show response cdn.cuty.io/js/public/layouts/	335 KB 99 KB	64ms 61ms	Script application/javascript	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cuty.io/js/public/layouts/app.js?id=35bc8302fb3f044d7b0776d36a8bce7b Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 404d8e8314bfcc7c63c834850ab66c691aefc29e7358ac37901522ecdd86d0cf Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1302181 cf-polished origSize=342934 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 23 Oct 2023 18:13:38 GMT server cloudflare etag W/"6536b7d2-53b96" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UDRzjTiRmhCcVvr8GEtb%2Fkx6TZS7cEb3gPlYNJHt3Y9CKb%2FX331ObEAER1UbieVgSwfDT%2BinOulvi7qNM2vi9VTewte34nPspwHw5%2F2ImjiIyj3YTkKxTetEsmzvO0619ClMy%2BBxs0rwA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 8228246e4a884d88-FRA expires Tue, 22 Oct 2024 18:13:39 GMT
GET H2	200	up.js Show response live.demand.supply/	5 KB 3 KB	418ms 358ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/up.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 831d1d48a87f956021d133d884bf610a2fd32f87605d50880234df8c7c24afa2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEKEMF3AZ4BS41PK9GKZG75J date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT age 37 cf-polished origSize=4581 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"f36f2d821b4d3ede7cd4ec9005fa1a34-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=1200,must-revalidate,stale-while-revalidate=3600 cf-ray 8228246e8f4e9bbc-FRA link <https://live.demand.supply/impl.v17.18.1.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/Y3V0c3kubmV0Lw==>; rel=preload; as=script timing-allow-origin *
GET H2	200	heading-background.png cdn.cuty.io/images/public/	105 KB 105 KB	34ms 34ms	Image image/png	2606:4700:3036::ac43:8be5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cuty.io/images/public/heading-background.png Requested by Host: cdn.cuty.io URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8be5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15e9a191aef4c2d8d504df2367c89aaf857ca48862b098746fa1f524e3c8fa00 Request headers accept-language de-DE,de;q=0.9 Referer https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1396381 alt-svc h3=":443"; ma=86400 content-length 107203 last-modified Sun, 22 Oct 2023 15:40:25 GMT server cloudflare etag "65354269-1a2c3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlEiuE6CQM0k3zSW3AwjPvj9f7fjJK50DH4geZsM05l5ALxgi3NDw2pEgJl3oo1kJTlJCl7eC59m6VTo81ptgPww%2BPTIAbjcnzMyCouxtxR1zoVZX26lDk%2BhCQIOcWXX4k8b6YqmbPZKUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 8228246e7ae04d88-FRA expires Mon, 21 Oct 2024 16:03:10 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	54ms 14ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 02 Nov 2023 18:19:49 GMT x-content-type-options nosniff age 437826 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 01 Nov 2024 18:19:49 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/	470 KB 189 KB	69ms 31ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a57a9f18c1cd1427deb1df65b1b059636ddb7b36aa32fe394f094203feb1f99e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:37:05 GMT content-encoding gzip x-content-type-options nosniff age 109190 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192400 x-xss-protection 0 last-modified Mon, 30 Oct 2023 02:02:02 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 13:37:05 GMT
HEAD H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0	249ms 180ms	Fetch text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: cdn.cuty.io URL: https://cdn.cuty.io/js/public/links/first.js?id=efa66657ba1b651fb250bb0925086539 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52069 x-xss-protection 0 server cafe etag 11834369850011868705 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 07 Nov 2023 19:56:55 GMT
GET H2	200	1 Show response cameesse.net/	42 KB 16 KB	323ms 154ms	Script text/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/1?z=6537682 Requested by Host: glersakr.com URL: https://glersakr.com/5/6534223 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 444aaf379e84d61a2c2809cafcdf2d3fe55ff8292fc3f2ce44057dd25875282c Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-trace-id e445cb6b83ff2acb8a4fe92cfbbc4b90 pragma no-cache date Tue, 07 Nov 2023 19:56:55 GMT content-encoding gzip x-sc QJAYdhn1Os_XRNxbN0T-cGnawgGuA-ZhfzegucK1JVfIU7s78hS8AVOiVgcOrT49TYVsMEVrs-KovcLNnDVQ6bI--p8= server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 541 B	256ms 106ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=e7d17de7e76f48c79335d0b1436ce124 Requested by Host: glersakr.com URL: https://glersakr.com/5/6534223 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 3696a2998606690b8cf5179d9e1735a770c16e5f6b339ea7763a94c0cc053940 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://cutsy.net access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
POST H2	204	collect region1.google-analytics.com/g/	0 250 B	252ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=45je3b60v869225560&_p=1699387015529&gcd=11l1l1l1l1&cid=704671228.1699387016&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699387015&sct=1&seg=0&dl=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20cuty.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=920 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:55 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cutsy.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	impl.v17.18.1.js Show response live.demand.supply/	83 KB 27 KB	160ms 153ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v17.18.1.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f60c0b876f7afd6667d9b1ace5532830d8a5ce6dcd61b70ae34897931756cf5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEKEKMRJ1APCS10D4Q5MD6GW date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT age 74591 cf-polished origSize=85391 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"9b99237eff049bef6880ffd284770f80-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 82282470da839bbc-FRA
GET H2	200	Y3V0c3kubmV0Lw== Show response live.demand.supply/p4/v17-10-0/	982 B 642 B	250ms 244ms	Script text/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v17-10-0/Y3V0c3kubmV0Lw== Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1ed60189abd7eba6046bc4d2a05766c9b1e555be5c963fd79a14442fb3af6c1 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 82282470da849bbc-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	163ms 50ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?e=ll&d=419&cs=c&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88327 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 822824718a4b3a3d-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 31 KB	263ms 99ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 956fbcf12fbff3d2c962cf354966ddb86906deaa4fcd75f2db373f5d654e6d9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31427 x-xss-protection 0 server cafe etag 801 / 19668 / m202311020101 / config-hash: 8736125912318047675 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 07 Nov 2023 19:56:56 GMT
GET H2	200	Y3V0c3kubmV0L05ERmtBbWlTM3Ew Show response live.demand.supply/p4/v17-10-0/	5 KB 1 KB	299ms 295ms	Script text/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v17-10-0/Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bff2285bb4ff4969297eb9f33b0520a7943251fdb37719d01c76854ab0a2389 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 82282470da879bbc-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ds.2.html Show response live.demand.supply/	413 B 622 B	161ms 50ms	XHR text/html	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/ds.2.html Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEK06MRT3SQWGTGTHX1KCZZG date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT server cloudflare age 1190 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 822824718a4d3a3d-FRA alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response glersakr.com/	2 KB 2 KB	48ms 48ms	Fetch application/json	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://glersakr.com/?rb=x4F_h90Q69z_gW9ylYUjwKIt8rLAH88kN_rwKF_JZUIeMLfgtUCI6M-jeN8vveB9Gc6YTulZ7YhlTFwCXwBjgtMbAWDGVpz0U2rk7aU5PvDan_CzMmc9VuUKxd-WYqwcrXoOpQMk3dLUf3R0hfzyhpYAl8ECWi1I4JCyqPulIwgocgwAMamX7sQjfDkskGAI28tjj2h8IqFL9w0y0FRBbZabebVT35_aEZ_rS4MWRm-D9P2cAWI6SE_uyNyU-6g-f4OQh7dF4rGZ4c2b&request_ab2=0&zoneid=6534223&js_build=iclick-v1.624.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.624.0&bs=5e1f38b3-e4f5-43d6-8bd3-70ccec5e9789&userId=e7d17de7e76f48c79335d0b1436ce124&m=link Requested by Host: glersakr.com URL: https://glersakr.com/5/6534223 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 1044e83d6dfb891a1d503ffd4652e6de2aab394ad88df1ed8d790c5f07f7dfde Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 2e67d321c6fa1be202be33bf44d27822 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://cutsy.net cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	34140bf7a9bfababc041a6dd34e08b17 Show response cameesse.net/27/	403 KB 128 KB	23ms 22ms	Script application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/27/34140bf7a9bfababc041a6dd34e08b17 Requested by Host: cameesse.net URL: https://cameesse.net/1?z=6537682 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash cbc0e6c0446c61080c87d5c5bdd7c4526cccd9671beeaf9312c090173f41f8bb Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-trace-id 3b3000083d1e934aa0f94301bf1e40b4 date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Tue, 07 Nov 2023 08:53:13 GMT server nginx content-encoding gzip access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control max-age:290304000, public access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Tue, 07 Dec 2083 08:53:13 GMT
GET H3	200	cutsy.net_fluid_lb_firstpagefirstbannerad1 Show response live.demand.supply/cp/	21 B 368 B	158ms 157ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagefirstbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 82282471eafc3a3d-FRA alt-svc h3=":443"; ma=86400 content-length 21
GET H3	200	cutsy.net_fluid_sq_firstpagemiddlebannerad1 Show response live.demand.supply/cp/	30 B 374 B	161ms 161ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_sq_firstpagemiddlebannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4813e5d03a765391137097d66659fdd5abeabd657b9e83cfc1b04c53fb73199 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 82282471eaff3a3d-FRA alt-svc h3=":443"; ma=86400 content-length 30
GET H3	200	cutsy.net_fluid_lb_firstpagelastbannerad1 Show response live.demand.supply/cp/	21 B 364 B	150ms 150ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 82282471eb013a3d-FRA alt-svc h3=":443"; ma=86400 content-length 21
HEAD H3	200	e.js Show response live.demand.supply/x/	0 482 B	136ms 135ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQCYAHPA1KJRJJDT24XJ0X date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 78219 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 82282471eb033a3d-FRA
OPTIONS H2	204	9 cameesse.net/ Frame	0 0	57ms 17ms	Preflight	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/9?z=6537682&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=e7d17de7e76f48c79335d0b1436ce124 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://cutsy.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://cutsy.net cache-control no-store, no-cache, must-revalidate, max-age=0 date Tue, 07 Nov 2023 19:56:56 GMT expires Mon, 26 Jul 1997 05:00:00 GMT pragma no-cache server nginx
POST H2	200	9 Show response cameesse.net/	7 B 614 B	21ms 20ms	XHR application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cameesse.net/9?z=6537682&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=e7d17de7e76f48c79335d0b1436ce124 Requested by Host: cameesse.net URL: https://cameesse.net/27/34140bf7a9bfababc041a6dd34e08b17 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Request headers Referer https://cutsy.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type application/json Response headers x-trace-id 11e5903e329802bf77e050322e310ab7 pragma no-cache date Tue, 07 Nov 2023 19:56:56 GMT server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript access-control-allow-origin https://cutsy.net access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace content-length 7 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/	426 KB 134 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 11:06:12 GMT content-encoding br x-content-type-options nosniff age 31844 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136626 x-xss-protection 0 server cafe etag 12374074705736737879 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 06 Nov 2024 11:06:12 GMT
GET H3	200	cutsy.net_auto_728x90_sticky_display_bottom Show response live.demand.supply/cp/	30 B 377 B	150ms 150ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d42996d51946226c83e66e963ef6b131db30b9c0d869af998a2c4f1557024c99 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 82282472bc313a3d-FRA alt-svc h3=":443"; ma=86400 content-length 30
GET H3	200	cutsy.net_fluid_lb_firstpagelastbannerad1 Show response live.demand.supply/cp/	21 B 367 B	183ms 183ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 82282472ec753a3d-FRA alt-svc h3=":443"; ma=86400 content-length 21
GET H3	200	cutsy.net_fluid_lb_firstpagefirstbannerad1 Show response live.demand.supply/cp/	21 B 365 B	255ms 254ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/cutsy.net_fluid_lb_firstpagefirstbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 82282472fc843a3d-FRA alt-svc h3=":443"; ma=86400 content-length 21
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	23ms 22ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_sq_firstpagemiddlebannerad1&pdc=0.31051220893859866&ucv=null&e=tcp&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 82282472fc8b3a3d-FRA
HEAD H3	200	e.js Show response live.demand.supply/e/	0 481 B	25ms 25ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 822824732cc33a3d-FRA
GET H2	200	ob.js Show response cdn-ima.33across.com/	11 KB 5 KB	51ms 19ms	Script application/javascript	172.64.152.89 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ima.33across.com/ob.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 30 Oct 2023 20:31:13 GMT server cloudflare age 79051 etag W/"65401291-2b7d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 822824738ebf9131-FRA expires Fri, 10 Nov 2023 19:56:56 GMT
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	28ms 8ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Thu, 26 Oct 2023 02:29:26 GMT content-encoding gzip age 1099650 x-guploader-uploadid ABPtcPqHbjqPhKh2g3rLNDONjQOKU61Px7tzqzBh7WkCYt0i0BsdHalj9-b0OPiPUoULQhA2lZHQGq8cBXCis3HntxktCwlYb4qI x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Fri, 25 Oct 2024 02:29:26 GMT
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	55ms 25ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 27 Oct 2023 06:43:26 GMT server nginx etag W/"653b5c0e-a9a7" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 08 Nov 2023 19:56:56 GMT
GET H2	200	connectId-gpt.js Show response connectid.analytics.yahoo.com/	9 KB 9 KB	112ms 18ms	Script application/javascript	2600:9000:2247:200:10:dd8:5e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://connectid.analytics.yahoo.com/connectId-gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2247:200:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a Security Headers Name Value Content-Security-Policy default-src 'self' Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:48:17 GMT via 1.1 be1eeba08198dafac1d1817f72d28b00.cloudfront.net (CloudFront) content-security-policy default-src 'self' x-amz-cf-pop MXP63-P2 age 520 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 8730 x-amz-expiration expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle" last-modified Tue, 17 Oct 2023 13:17:45 GMT server AmazonS3 etag "c46e30de24d0f12167e302e9e32ff4a5" content-type application/javascript cache-control max-age=3600 accept-ranges bytes x-amz-cf-id xz74twu6JgcfuHfR6npd8WQKgMiXV6g_ixSebq_0wzP1MRWcKqrVkg==
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 1 KB	38ms 20ms	Script application/javascript	2606:4700::6810:5614 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 10333 x-jsd-version master content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230058-FRA x-jsd-version-type branch server cloudflare etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZGQYGp4R03vk7hWrraD%2F5f6jgH%2BgKJ09EnoNI%2FIGXM5bOJUy%2Bvuq%2FQs87K9Z7D9FY6vz7erFylEbQ23umr22VEIYQpaInwcKzlo5IywWjNkX0liDZCKa3oj8AsliVFyYhQexOBNv0rSMCyQlvw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 822824737c9c0408-FRA
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	143 KB 31 KB	56ms 30ms	Script text/javascript	2606:4700:10::ac43:266a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af1a77e7360b28cb730e0f5e56566b51a4d620f2cc411f8e32e5581ddf546e09 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Mon, 06 Nov 2023 12:11:14 GMT server cloudflare x-amz-request-id 3KC4ZXK450A18Y6Z age 2529 etag W/"a8dc95d1ffeb5ca5c8e29b69dd9f17dd" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 82282473882865bc-FRA x-amz-id-2 D90AT/BKF/uIx7qcBswGPtLYmFmEz6NHJMkl6ZbXjM9mSLcrX9Nf8KxBOYHSyKFaWpWB8VYVg74=
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 1 KB	49ms 32ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT via 1.1 google, 1.1 google last-modified Thu, 03 Aug 2023 03:28:51 GMT server Google Frontend etag fc4e6bfe266081c4873c6f08c8298e5c content-type text/javascript; charset=utf-8 x-cloud-trace-context 1ec6d39276108e0feb0c227ded5f6c05 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1207
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	3 KB 3 KB	42ms 11ms	Script text/javascript	2600:9000:2250:ce00:a:e047:753:a221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:ce00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-amz-version-id KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3 Date Tue, 07 Nov 2023 05:04:04 GMT Via 1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA60-P2 Age 53573 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront x-amz-replication-status COMPLETED Connection keep-alive Content-Length 2776 Last-Modified Thu, 19 Oct 2023 06:40:11 GMT Server AmazonS3 ETag "a3a9a9ee8e72db69d54e805f0586c651" Content-Type text/javascript Accept-Ranges bytes X-Amz-Cf-Id -BuheOLcIDyAG9ILTsQ71FLpqcv-KjgL-8di8t6HSU-nfacWh1-AaQ==
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	39 KB 12 KB	39ms 10ms	Script text/javascript	65.9.66.97 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.66.97 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-66-97.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 03:16:16 GMT content-encoding gzip via 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront) last-modified Wed, 06 Sep 2023 15:56:57 GMT server AmazonS3 x-amz-cf-pop FRA56-C1 age 60040 x-amz-server-side-encryption AES256 etag W/"e073e71ed7a44e6f9cdd72904fda5940" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id C65ZLVG6rsi6kR7PPgA1MBpxQvc0qfLFmIhaAuC4oVBS3uQ7-Np8zw==
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 727 B	569ms 569ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=702325153623017&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C63218209-e090-430f-a36f-1753fdfa71ca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699387016200&lmt=1699387016&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiEiPDaujFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiEiPDaujFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGISI8Nq6MUgAUgIIZBIZCgpwdWJjaWQub3JnGISI8Nq6MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYhIjw2roxSABSAghkEhQKBW9wZW54GISI8Nq6MUgAUgIIZBIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhIjw2roxSABSAghk&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26interstitials-bid%3D13%26bid-p%3Dgoogle%26bsc%3D96&adks=2892534720&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dbf28032ae504e0ac8a81e33cb1dae9fae0278edb89413ccb1cb061cc0076b0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 696 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	63 KB 15 KB	537ms 537ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=3680081558827313&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C7ce04be1-846c-41bb-ba5c-f2113256ed4e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280%7C750x300%7C750x200&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699387016210&lmt=1699387016&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiEiPDaujFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiEiPDaujFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGISI8Nq6MUgAUgIIZBIZCgpwdWJjaWQub3JnGISI8Nq6MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYhIjw2roxSABSAghkEhQKBW9wZW54GISI8Nq6MUgAUgIIZBIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhIjw2roxSABSAghk&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26chrand%3Dy%26pof%3D0%26bid%3D0.21%26bid-p%3Dgoogle%26bsc%3D96&adks=698818265&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5d6e0a14af97a16991feefba2bbed586241792196bec3262374b2a78ff31b087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15010 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E26	6 KB 3 KB	77ms 18ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:56:56 GMT expires Wed, 06 Nov 2024 19:56:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/	39 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 821b5ea3bad8371ee991b1347a507ca208deaca7cffa778fa1db64b8fc17f1b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 12:01:44 GMT content-encoding br x-content-type-options nosniff age 28512 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13760 x-xss-protection 0 server cafe etag 8051071232551270508 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 06 Nov 2024 12:01:44 GMT
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&rid=esp&cc=1	85 B 194 B	121ms 121ms	Fetch application/json	34.120.107.143 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&rid=esp&cc=1 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Server 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 143.107.120.34.bc.googleusercontent.com Software / Express Resource Hash 358c675e2c7fad414ffffddc3b904bcd9a94651d7b47f59190b072d91a073362 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT via 1.1 google x-powered-by Express etag W/"55-Mfl5porXJln+15MzfoKZ9yVie50" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://cutsy.net access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Tue, 07 Nov 2023 19:56:56 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://cutsy.net location /esp?url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 330 B	116ms 31ms	XHR application/json	34.241.138.233 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.138.233 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-138-233.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash aee6dac7897de110681fdb1480ded99eec3e73aea7133124ffa4df77b18c51ac Request headers Referer https://cutsy.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:56 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://cutsy.net cache-control no-cache x-server 10.45.11.35 access-control-allow-credentials true content-length 60 expires 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	126ms 126ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_728x90_sticky_display_bottom&pdc=0.34116077423095703&ucv=null&e=tcp&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 82282473edd23a3d-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	169 KB 48 KB	612ms 612ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=3979262826400372&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C6f402293-c386-46fe-8771-cca4c7835674&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&fas=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699387016308&lmt=1699387016&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRiEiPDaujFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBiEiPDaujFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGISI8Nq6MUgAUgIIZBIZCgpwdWJjaWQub3JnGMCI8Nq6MUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYhIjw2roxSABSAghkEhQKBW9wZW54GISI8Nq6MUgAUgIIZBIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhIjw2roxSABSAghk&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26chrand%3Dy%26pof%3D0%26bid%3D0.25%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D96&adks=2114445249&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ace793969360821827d18b7cdb18632c2155092852b34ab00d5c0d82eb97867b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49194 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame FB95	15 KB 6 KB	47ms 17ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutsy.net Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:56:55 GMT server Kestrel server-processing-duration-in-ticks 257821 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	204	increment Show response id5-sync.com/api/esp/	0 225 B	61ms 18ms	XHR text/plain	141.95.98.65 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.65 , France, ASN16276 (OVH, FR), Reverse DNS ns3216659.ip-141-95-98.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://cutsy.net/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://cutsy.net date Tue, 07 Nov 2023 19:56:55 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	fed Show response ups.analytics.yahoo.com/ups/58813/	2 B 199 B	58ms 19ms	XHR application/json	3.71.149.231 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0 Requested by Host: connectid.analytics.yahoo.com URL: https://connectid.analytics.yahoo.com/connectId-gpt.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-71-149-231.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.87 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 vary Origin p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV access-control-allow-origin https://cutsy.net content-type application/json access-control-allow-credentials true
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	661 B 343 B	339ms 338ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=2658015483775602&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C998c8701-9887-4441-9cd8-6e71c0aee253&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699387016372&lmt=1699387016&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRivifDaujFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBiEiPDaujFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGISI8Nq6MUgAUgIIZBIZCgpwdWJjaWQub3JnGMCI8Nq6MUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYjonw2roxSABSAghqEhQKBW9wZW54GISI8Nq6MUgAUgIIZBIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhIjw2roxSABSAghk&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26chrand%3Dn%26pof%3D1%26bsc%3D96&adks=597363914&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b424798014e17acd483c1e621353aff8aa9bff447c36363e4b739c2c392ac1b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 312 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame FB95 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutsy.net&sn=ChromeSyncframe&so=0&topUrl=cutsy.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=HknMBXxYVjB2anRsWWNPTW1hR2Fqb0xIbVpyTEFWT3dCOXF4RUFCT3Rzb2d2R0tRT21RcitScU1HZXdYOTYrS0JlcVZyb09JSDFZN3NyQTUvazdrN1BsZHQ5MTQzQlJTV2g4UXZIN0Jld21kTW94QUowcFN0VklKK0p3Tj...	443 B 656 B	24ms 22ms	Fetch application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=HknMBXxYVjB2anRsWWNPTW1hR2Fqb0xIbVpyTEFWT3dCOXF4RUFCT3Rzb2d2R0tRT21RcitScU1HZXdYOTYrS0JlcVZyb09JSDFZN3NyQTUvazdrN1BsZHQ5MTQzQlJTV2g4UXZIN0Jld21kTW94QUowcFN0VklKK0p3TjFRRGFkQ1Qrc0ZHdzV0OEZwM2xBcndoYW1tamQxNE5wVmZHc2NQSGluU2ZZSVowcWMydTZiZXFKc3VPZmd4aHEwQWlGdy94NzJybFRWcGpLY3preFNraGtZMk8wTXFWWU4rOWxWQzBjK240cnZNY3RWZ2Fvakw1RVE0MFVBNmtSeGdsMFdvL1BpY3E0ZVRNS3N0Mm44VjNnSHd5Y1pjQT09fA&cppv=2 Protocol H2 Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 46f34ff8816cfa7ed53f1e5709b466678a2fadcfee6058053d6aa846548ae535 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1056995 expires 0 Redirect headers pragma no-cache date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=HknMBXxYVjB2anRsWWNPTW1hR2Fqb0xIbVpyTEFWT3dCOXF4RUFCT3Rzb2d2R0tRT21RcitScU1HZXdYOTYrS0JlcVZyb09JSDFZN3NyQTUvazdrN1BsZHQ5MTQzQlJTV2g4UXZIN0Jld21kTW94QUowcFN0VklKK0p3TjFRRGFkQ1Qrc0ZHdzV0OEZwM2xBcndoYW1tamQxNE5wVmZHc2NQSGluU2ZZSVowcWMydTZiZXFKc3VPZmd4aHEwQWlGdy94NzJybFRWcGpLY3preFNraGtZMk8wTXFWWU4rOWxWQzBjK240cnZNY3RWZ2Fvakw1RVE0MFVBNmtSeGdsMFdvL1BpY3E0ZVRNS3N0Mm44VjNnSHd5Y1pjQT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 300093 content-length 0 expires 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	69ms 69ms	XHR application/json	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9e7c6d806e42d53f09f88b09cb771ef19525d3d83816c9dffc763c13d760a440 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12234 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	661 B 345 B	362ms 362ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=591860852591401&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C2652c909-ca8d-4dc0-94db-efbef098794e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699387016420&lmt=1699387016&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhIjw2roxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiEiPDaujFIAFICCGQSGQoKcHViY2lkLm9yZxjAiPDaujFIAFICCGoSGAoJeWFob28uY29tGK-J8Nq6MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYjonw2roxSABSAghqEhQKBW9wZW54GISI8Nq6MUgAUgIIZBIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhIjw2roxSABSAghk&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26chrand%3Dn%26pof%3D1%26bsc%3D96&adks=1089068539&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1274c855ca54d598911bce63ddca4ac419f839b5e513e0e3b2294f06e57db9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 314 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	166ms 87ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 07 Nov 2023 19:56:56 GMT
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame 5D2E	0 177 B	190ms 57ms	Document text/html	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Tue, 07 Nov 2023 19:56:56 GMT server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0F21	13 KB 5 KB	48ms 45ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1103 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:38:33 GMT expires Wed, 06 Nov 2024 19:38:33 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 99B6	829 B 945 B	53ms 52ms	Document text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d57be25d57db7f1294245c57c9d788257ff690c7ed15067bcf7645a8e20feeab Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ijeNQaeyvwZ0Khe9pqr0dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-ijeNQaeyvwZ0Khe9pqr0dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:56:56 GMT expires Tue, 07 Nov 2023 19:56:56 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
HEAD H3	200	e.js Show response live.demand.supply/e/	0 481 B	35ms 35ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_lb_firstpagelastbannerad1&e=nai&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8228247689dd3a3d-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	49 KB 20 KB	307ms 306ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=2927452157830387&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C1fb72239-77b7-4cf5-a2ae-33e6ebffe3e8&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df10ced1c18763432%3AT%3D1699387016%3ART%3D1699387016%3AS%3DALNI_MYXHnEAD7EF1pcAwX17mhE2fRfsJA&gpic=UID%3D00000cbc0e9dd664%3AT%3D1699387016%3ART%3D1699387016%3AS%3DALNI_Mak5tecyrX1n14wm0zDtwDKSVLYDQ&abxe=1&dt=1699387016726&lmt=1699387016&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhIjw2roxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiEiPDaujFIAFICCGQSGQoKcHViY2lkLm9yZxjAiPDaujFIAFICCGoSGAoJeWFob28uY29tGK-J8Nq6MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYjonw2roxSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREZHhWR0pTV2xaVGRtRjBkVUZaTDNCc04xRmhRVDA5SW4wPRjIivDaujFIABIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6Inw2roxSABSAghq&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D96&adks=1238458262&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5458f9f06f7cb9c8e9285ee59b6d389dc273c54e51e683ebc6c49b287020f6ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20089 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 99B6	0 0	112ms 67ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=2899011235350703&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H3	200	4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response pagead2.googlesyndication.com/bg/ Frame 0F21	38 KB 15 KB	63ms 18ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 15:47:49 GMT content-encoding br x-content-type-options nosniff age 14947 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15096 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 06 Nov 2024 15:47:49 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012310301456000/ Frame D40F	196 KB 56 KB	90ms 29ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 06 Nov 2023 18:07:47 GMT age 92949 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56081 x-xss-protection 0 server sffe etag "6a17d296884b026a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 05 Nov 2024 18:07:47 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame D40F	15 KB 5 KB	125ms 64ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 06 Nov 2023 18:07:47 GMT age 92949 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "0b7142e00666043e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 05 Nov 2024 18:07:47 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame D40F	95 KB 28 KB	129ms 68ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 06 Nov 2023 18:07:47 GMT age 92949 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29077 x-xss-protection 0 server sffe etag "7b1f1965b6cd6fda" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 05 Nov 2024 18:07:47 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame D40F	5 KB 2 KB	123ms 62ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 06 Nov 2023 18:07:47 GMT age 92949 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1911 x-xss-protection 0 server sffe etag "5b0a82507b260c6e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 05 Nov 2024 18:07:47 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame D40F	40 KB 13 KB	119ms 59ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 06 Nov 2023 18:07:48 GMT age 92948 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12952 x-xss-protection 0 server sffe etag "9817e561a46c70fa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 05 Nov 2024 18:07:48 GMT
GET H2	200	css fonts.googleapis.com/ Frame D40F	4 KB 753 B	31ms 30ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 19:56:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Nov 2023 19:03:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 19:56:56 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame D40F	2 KB 2 KB	23ms 22ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 21:19:17 GMT x-content-type-options nosniff server cafe age 81459 etag 14819457070020093239 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2502 x-xss-protection 0 expires Tue, 07 Nov 2023 21:19:17 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame D40F	295 B 319 B	24ms 24ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 21:19:17 GMT x-content-type-options nosniff server cafe age 81459 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Tue, 07 Nov 2023 21:19:17 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 483 B	28ms 28ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.21&b=2&r=cutsy.net_fluid_sq_firstpagemiddlebannerad1&sy=3675ec71-09a0-4d17-a5a8-3d610139c1da&ts=96&cd=2&pud=419&pus=c&pue=1009&pid=162&pis=c&pie=1172&ppd=252&pps=a&ppe=1261&pcl=788&ttc=1355&tti=1976&ttif=0&lca=1261&lcak=ppe&lct=1261&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=b3ae8d3a-7385-4abd-89e5-63198671f04f&e=lm&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 82282476ea653a3d-FRA
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/3980117109798635172/ Frame D40F	28 KB 28 KB	26ms 25ms	Image image/jpeg	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3980117109798635172/14763004658117789537?w=600&h=314&tw=1&q=75 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fdd34c9f0aefd4e9a580c09142d4532ee041a5a207f0fd4b39bad6db42a49376 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 08:10:04 GMT x-content-type-options nosniff age 42412 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28512 x-xss-protection 0 last-modified Wed, 16 Aug 2023 07:50:14 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 06 Nov 2024 08:10:04 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/17822024181240698237/ Frame D40F	2 KB 2 KB	39ms 39ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17822024181240698237/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5a684c395330e6cc8c64457e1ba945012e94e095352e41adcb88bbdbe263ebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 02:04:13 GMT x-content-type-options nosniff age 409963 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2372 x-xss-protection 0 last-modified Wed, 18 Jan 2023 09:19:57 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 02 Nov 2024 02:04:13 GMT
GET DATA	200 OK	truncated / Frame D40F	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4b9d7c93199186e9b224b261b1b98f46e1363cdebc790cbee97a8d5d0c14f19a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
HEAD H3	200	e.js Show response live.demand.supply/e/	0 483 B	27ms 26ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_fluid_lb_firstpagefirstbannerad1&e=nai&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 822824770aa83a3d-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	45 KB 18 KB	329ms 329ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=3602069535480108&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2C5c8f82c4-d477-4295-bf4d-fd8c877d312c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x100%7C600x100%7C728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D95ad7ef61c67ca09%3AT%3D1699387016%3ART%3D1699387016%3AS%3DALNI_MZtIZo5i2cQqo9qaw87-u-conNMrA&gpic=UID%3D00000cbc0f630363%3AT%3D1699387016%3ART%3D1699387016%3AS%3DALNI_Mb85IArOVcSdRTpZUvUOrZfBecwXw&abxe=1&dt=1699387016808&lmt=1699387016&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhIjw2roxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiEiPDaujFIAFICCGQSGQoKcHViY2lkLm9yZxjAiPDaujFIAFICCGoSGAoJeWFob28uY29tGK-J8Nq6MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYjonw2roxSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREZHhWR0pTV2xaVGRtRjBkVUZaTDNCc04xRmhRVDA5SW4wPRjIivDaujFIABIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6Inw2roxSABSAghq&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26chrand%3Dnbs%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D96&adks=3552869000&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3333f094abb2262781a79d3b71876de097047f1754f0390b7f4f866fc305eaaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18596 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	329ms 329ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_interstitial_desktop&e=nai&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:57 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 822824771acd3a3d-FRA
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	45ms 45ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:56 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88328 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 822824771ad23a3d-FRA
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	181 KB 53 KB	960ms 960ms	Fetch text/plain	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2899011235350703&correlator=599378532418475&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=44890869%3A23003244797%2Cca-pub-3831894559014614-tag%2Cc41e85da-628b-4b91-810a-859baca50f0a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D0023801bc33c3ec8%3AT%3D1699387016%3ART%3D1699387016%3AS%3DALNI_MYHPEsP1U1ast6AKY7tjMCmLnqK_A&gpic=UID%3D00000cbc0e00d5d5%3AT%3D1699387016%3ART%3D1699387016%3AS%3DALNI_MatohX7C44AezZIWilTNsAF7FivnQ&abxe=1&dt=1699387016818&lmt=1699387016&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=704671228.1699387016&ga_sid=1699387016&ga_hid=1257550392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYhIjw2roxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiEiPDaujFIAFICCGQSGQoKcHViY2lkLm9yZxjAiPDaujFIAFICCGoSGAoJeWFob28uY29tGK-J8Nq6MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRiEiPDaujFIAFICCGQSFwoIcnRiaG91c2UYjonw2roxSABSAghqEj4KBW9wZW54EixleUpwSWpvaWREZHhWR0pTV2xaVGRtRjBkVUZaTDNCc04xRmhRVDA5SW4wPRjIivDaujFIABIZCgp1aWRhcGkuY29tGISI8Nq6MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y6Inw2roxSABSAghq&dlt=1699387015350&idt=817&prev_scp=ti%3Db3ae8d3a-7385-4abd-89e5-63198671f04f%26interstitials-bid%3D4%26bid-p%3Dgoogle%26bsc%3D96&adks=2223602015&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 16555085b469861f1b12211606249466f911b02f3ee96424b7288f44da7104cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54056 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cutsy.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame D40F	16 KB 16 KB	36ms 27ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 15:18:02 GMT x-content-type-options nosniff age 362334 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 02 Nov 2024 15:18:02 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame D40F	15 KB 15 KB	36ms 28ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cutsy.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 04:06:52 GMT x-content-type-options nosniff age 402604 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 02 Nov 2024 04:06:52 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 0F21	0 10 B	22ms 22ms	Image text/plain	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?bWLn6w Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:56 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	container.html Show response dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A86	6 KB 3 KB	22ms 20ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:56:56 GMT expires Wed, 06 Nov 2024 19:56:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 483 B	68ms 68ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.25&b=2&r=cutsy.net_auto_728x90_sticky_display_bottom&sy=3675ec71-09a0-4d17-a5a8-3d610139c1da&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=0&mlsi=1x1&mlbw=4g&mlcs=NaN&mltp=b3ae8d3a-7385-4abd-89e5-63198671f04f&e=lm&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:57 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88329 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 82282478ad353a3d-FRA
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame D40F	0 0	80ms 79ms	Image text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=COWY-iJZKZbajD97-x_APz5iVyAqdpvDTcYm4oaaLEeiqtpWLAxABIJWbyiFglfrwgYwHoAGc74DCAsgBCakCEVdCG0nKST7gAgCoAwHIAwqqBNcCT9ANM8ALqwS1HNwUyg_sbdcfqbbHVPWimIGeF9OCL_AmYvPdN3CVPtA7p1uDrYnoyt-NS6qPSyhqTS1V18aPC7HBAlPNRfBunEw1sZnVd9Sw9WDOjcpqwDg9ztBrLEPZvpG3MfXU6uNOarZlQMHfqZ5qWguWv07ImRHgiLePMExn7Zm-eM00wj83NzSrz3MmZIJo53Jvtlrchz_IDWo9omnmJ1AYI2bz98CnlKj5mj-c3xlXn_K0SE_W3MkDwIFo0iaS-ub7gb0edNo4_DFosdJvbwJ64BNMOXvXJS7ybnR3s1GZbsD4KjUmhcvzWo67Zjkps9qluQK_xdMhitYXR-0zcB9Wanh2z8FQ9AZEmHMSISmmOi8x0M4LuYSufMqd00qLJfgBJ3t1R-Y7t3zaLTVqiSVXtltrDqRXLJSBCKjeVDxfwBpBf9t4c-apmB2L6LHlor6tNcAEqImGscQE4AQBiAXO3p_4SpIFBAgEGAGSBQQIBRgEoAYugAfMkP-9AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPiAFtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCXZodHRwczovL3d3dy5tYW5hZ2VlbmdpbmUuY29tL3Byb2R1Y3RzL2FjdGl2ZS1kaXJlY3RvcnktYXVkaXQvc2VtL3dpbmRvd3MtYWQtdXNlci1hY2NvdW50LWtlZXBzLWdldHRpbmctbG9ja2VkLW91dC5odG1sgAoDyAsB4g0TCL2JwfvVsoIDFV7_EQgdT0wFqbgT5APYEwKIFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=TU55mM_nfA8&uach_m=[]&ase=2&nis=5&cid=CAQSTgDICaaN0UKhMUxe2G9LaE5bPGeFR4fg5aDXcbQBpKBD-ZnbIYlCpIfuFB84QO46YksjOgYtcMbw9Cc2wtCTC3pIFM5al79lQmx1em2j6BgB&template_id=484&cbvp=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H2	200	container.html Show response dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2DB	6 KB 3 KB	64ms 64ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:56:56 GMT expires Wed, 06 Nov 2024 19:56:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	95ms 95ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutsy.net_fluid_lb_firstpagelastbannerad1&sy=3675ec71-09a0-4d17-a5a8-3d610139c1da&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=0&mlsi=770x100&mlbw=4g&mlcs=NaN&mltp=b3ae8d3a-7385-4abd-89e5-63198671f04f&e=lm&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:57 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88329 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 82282478fdd93a3d-FRA
GET H3	200	css fonts.googleapis.com/ Frame 2A86	14 KB 1 KB	84ms 83ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 19:56:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Nov 2023 18:36:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 19:56:57 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 2A86	2 KB 822 B	52ms 51ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 14:05:39 GMT content-encoding br x-content-type-options nosniff age 21078 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 14:05:39 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 2A86	23 KB 9 KB	71ms 71ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 13:53:59 GMT content-encoding br x-content-type-options nosniff age 21778 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9286 x-xss-protection 0 server cafe etag 5170786266788330719 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 13:53:59 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 2A86	3 KB 1 KB	71ms 71ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 12:43:17 GMT content-encoding br x-content-type-options nosniff age 26020 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 12:43:17 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 2A86	20 KB 8 KB	69ms 69ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 13:56:36 GMT content-encoding br x-content-type-options nosniff age 21621 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 13:56:36 GMT
GET H3	200	nessie_icon_tiamat_white.png tpc.googlesyndication.com/pagead/images/ Frame 2A86	225 B 249 B	69ms 68ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 09:44:05 GMT x-content-type-options nosniff server cafe age 36772 etag 14085932017949564970 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 225 x-xss-protection 0 expires Wed, 08 Nov 2023 09:44:05 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2A86	190 KB 60 KB	163ms 59ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 19:56:57 GMT
GET H3	200	ac1dbca482530a26bafc7a8c1241173a.js Show response www.gstatic.com/mysidia/ Frame 2A86	36 KB 15 KB	83ms 10ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 06:26:06 GMT content-encoding gzip x-content-type-options nosniff age 135051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15099 x-xss-protection 0 last-modified Wed, 01 Nov 2023 17:23:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 04 Feb 2024 06:26:06 GMT
GET H3	200	15816987513938567288 tpc.googlesyndication.com/simgad/ Frame 2A86	955 B 982 B	53ms 52ms	Image image/png	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15816987513938567288?w=100&h=100&tw=1&q=75 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdab8b90273fae15c79d462b4cc359570a587b64ef17e06dae8fdee202e4a5b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 07:27:02 GMT x-content-type-options nosniff age 44995 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 955 x-xss-protection 0 last-modified Mon, 07 Aug 2023 10:27:45 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 06 Nov 2024 07:27:02 GMT
GET DATA	200 OK	truncated / Frame 2A86	195 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 2A86	246 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 2A86	336 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	container.html Show response dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49ED	6 KB 3 KB	15ms 13ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:56:56 GMT expires Wed, 06 Nov 2024 19:56:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 483 B	27ms 27ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutsy.net_fluid_lb_firstpagefirstbannerad1&sy=3675ec71-09a0-4d17-a5a8-3d610139c1da&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=0&mlsi=770x100&mlbw=4g&mlcs=NaN&mltp=b3ae8d3a-7385-4abd-89e5-63198671f04f&e=lm&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:57 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88329 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 822824794e5d3a3d-FRA
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame B2DB	91 KB 36 KB	128ms 24ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 882b0276c78312143b52c67c7bf0c6d335efc5ab5613b9f83ac35fc3e28a1dbb Request headers Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ Origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 07 Nov 2023 19:56:57 GMT content-encoding br last-modified Thu, 02 Nov 2023 22:53:11 GMT vary Accept-Encoding x-azure-ref 20231107T195657Z-daprw16rx57g9b358rp2vfdu9400000000hg00000003bsdt content-type application/javascript access-control-allow-origin * x-ms-request-id 3cb67edf-601e-010d-38a3-10ea79000000 cache-control private, max-age=3600 x-cache TCP_HIT x-ms-version 2009-09-19
GET H2	200	c.gif www.bing.com/aes/ Frame B2DB Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7642f3b9-65d5-4743-8df6-2c9901123f37&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=252ad86d-eaaa-4fc2... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0f9b7444480d489ba99aaf3e3c1471a0&SNR=1&GV=2&med=10	0 549 B	58ms 57ms	Image text/plain	2a02:26f0:f500:c::1726:7b84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0f9b7444480d489ba99aaf3e3c1471a0&SNR=1&GV=2&med=10 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2a02:26f0:f500:c::1726:7b84 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D8610F6E42F14BCB9F6058109C616DFC Ref B: FRA31EDGE0107 Ref C: 2023-11-07T19:56:57Z x-cdn-traceid 0.047a2617.1699387017.1e9990a vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Tue, 07 Nov 2023 19:56:57 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 24E1E2DCE2D247ED9B5FB9BB3056ECEB Ref B: FRAEDGE1414 Ref C: 2023-11-07T19:56:57Z x-cdn-traceid 0.047a2617.1699387017.1e998d1 vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=0f9b7444480d489ba99aaf3e3c1471a0&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 154 expires 0
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/239/ Frame B2DB	80 KB 28 KB	102ms 27ms	Script application/x-javascript	151.101.1.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/239/trk.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Expires Wed, 10 Jul 2024 11:56:20 GMT Date Tue, 07 Nov 2023 19:56:57 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 10310439 X-Cache HIT, HIT Connection keep-alive Content-Length 27646 X-Served-By cache-lga21944-LGA, cache-fra-etou8220025-FRA Last-Modified Tue, 11 Jul 2023 11:56:12 GMT Server AkamaiNetStorage X-Timer S1699387017.277041,VS0,VE0 ETag "615fd4ad24a409f4de5416b603f042c1:1689076572.555276" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 5, 560459
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame B2DB	3 KB 1 KB	14ms 8ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 12:43:17 GMT content-encoding br x-content-type-options nosniff age 26020 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 12:43:17 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame B2DB	20 KB 8 KB	16ms 9ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 13:56:36 GMT content-encoding br x-content-type-options nosniff age 21621 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 13:56:36 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame B2DB	0 0	34ms 29ms	Image text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSFReiZQ9yXoSKPyw5_hti_G92slqKfmLFAF6cpa1Ldo0EnCYcwx4lTTejv3ZrXR9YmDhdDLztql_xhct4gUgo_Jqx1A Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H3	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B2DB	24 KB 6 KB	15ms 9ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 09:13:59 GMT content-encoding br x-content-type-options nosniff age 124978 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 05 Nov 2024 09:13:59 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B2DB	190 KB 60 KB	114ms 77ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 19:56:57 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 49ED	0 0	77ms 76ms	Fetch text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CiU9fiJZKZZKFNIeQ1PIPv4SxsA3S4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgTDAk_QMiY08oWoYKT5WjxA0LNFq2NEUp07fGEBq76aEhEG17BGwdsU65O-svgnZWKKoVVH9sau4legZUhK_60kPhMc88x2GJ_NuL9QRznVtHUfGH3fwutMZnbi5YN8E6f7P1ZIVribi-vGuxr41GHXcyN6DlVLelBPwdyer0dn8W7KvytqCr1h56oPrYvwNB1rjNnwNfen_IdycqskYiOcdHBfaTCYu_pYMcWUo3Vav48NP4DIUcunxRm3xpzd6kKBsTrkjP47RO5LtcNU0MQmAPK9bwSafRlCMKHQQ-ZCvf-d7PXQ2E7P_xfC8fIixzJZ370-kWxf4Xy1s31Y57SXH0HhTn3iZGr7ilwiaWPEVnBAtw0Sda6EHNHHQANlNe4jfIbuOj4DMP3rAifw3UmdmwmI-wNAEGafZ_JWy4UBqEHxdLZr4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=VFmH-g9PhC0&uach_m=[UACH]&cid=CAQSPADICaaNgQMdEwlZXDzv5njz_CoIt6Ra5ZPQqZKGUoXb1V10km1deR5Ym5_g27Z6MYqwyg36wS1jTMXJOBgB Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H2	200	it ams3-ib.adnxs.com/ Frame 49ED	0 0	359ms 42ms	Fetch text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QKWB-iWAwAAAwDWAAUBCIitqqoGEKTlwenArdO4HhgAKjYJyuKIrM2_yz8Rt5Y-ndcCyz8ZAAAAwMzM9D8htw0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiK9gWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIdaHR0cHM6Ly9jdXRzeS5uZXQvTkRGa0FtaVMzcTCAAwCIAwGQAwCYAwmgAwGqA6UDCr8CaA0z8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NzM0YzczYjYtYmFhNy00OTQ0LWE1NTAtOTQyODM1MTIwOTEzJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJWCBwdWJsaXNoZXIBNCA2MjY0NTMzMCYBDgA3jm0AuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8ExfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMTkzNjE5NjE5OTc5MjI3ODEyIgkzODE4NDY3MTQqBCFc8KQ6NFUyVmhjbU5vUVdRak56RTFNemN5TWprM01UVXlPRGdqTnpRNE16VTNPREkxT0RjeE16RT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFg_u5p-CGo6YfwAUAyQUAAAAAAADwP9IFCQkAAAAFDyzYBQHgBQHwBQj6BQQBWiiQBgCYBgC4BgDBBgUgMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivYF0gcNCREoASYI2gcGAV6wGADgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0d760f83016bd050c8cd10f28f0343e18eeced2f&pp=ZUqWiAANApIIVQgHAAxCP-RBmVCD6aEhJOX2tA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIeHXiJZKZZKFNIeQ1PIPv4SxsA3S4Nfgbo-ktpOTCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgTGAk_QMiY08oWoYKT5WjxA0LNFq2NEUp07fGEBq76aEhEG17BGwdsU65O-svgnZWKKoVVH9sau4legZUhK_60kPhMc88x2GJ_NuL9QRznVtHUfGH3fwutMZnbi5YN8E6f7P1ZIVribi-vGuxr41GHXcyN6DlVLelBPwdyer0dn8W7KvytqCr1h56oPrYvwNB1rjNnwNfen_IdycqskYiOcdHBfaTCYu_pYMcWUo3Vav48NP4DIUcunxRm3xpzd6kKBsTrkjP47RO5LtcNU0MQmAPK9bwSafRlCMKHQQ-ZCvf-d7PXQ2E7P_xfC8fIixzJZ370-kWxf4Xy1s31Y57SXH0HhTn3iZGr7ilwiaWPEVnBAtw0Sda6EHNHHQANlNawhXRQsnsRupAeft7mpWf-ZuAMM8i1YycQZPnbqS68tsIFwltv_KR-D4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_2LxqWZa95EfpRNIRo6DlE-9_nQ%26client%3Dca-pub-3831894559014614%26adurl%3D Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT an-x-request-uuid 377e24cb-c202-46e4-ba92-a5e691a74f24 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame 49ED	91 KB 36 KB	105ms 24ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 882b0276c78312143b52c67c7bf0c6d335efc5ab5613b9f83ac35fc3e28a1dbb Request headers Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ Origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Tue, 07 Nov 2023 19:56:57 GMT content-encoding br last-modified Thu, 02 Nov 2023 22:53:11 GMT vary Accept-Encoding x-azure-ref 20231107T195657Z-daprw16rx57g9b358rp2vfdu9400000000hg00000003bsdu content-type application/javascript access-control-allow-origin * x-ms-request-id 3cb67edf-601e-010d-38a3-10ea79000000 cache-control private, max-age=3600 x-cache TCP_HIT x-ms-version 2009-09-19
GET H2	200	c.gif www.bing.com/aes/ Frame 49ED Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fb4c753e-08b7-412c-b25b-8917acdf224c&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=734c73b6-baa7-4944-a55... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d38c883ac3d94d97b6fe1090910cd8d4&SNR=1&GV=2&med=10	0 548 B	62ms 61ms	Image text/plain	2a02:26f0:f500:c::1726:7b84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d38c883ac3d94d97b6fe1090910cd8d4&SNR=1&GV=2&med=10 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2a02:26f0:f500:c::1726:7b84 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: B19CDC2DCB8E45DEA4D824CCD132C516 Ref B: DUS30EDGE0810 Ref C: 2023-11-07T19:56:57Z x-cdn-traceid 0.047a2617.1699387017.1e99909 vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Tue, 07 Nov 2023 19:56:57 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: D174779855E64666B19BC3140C93934C Ref B: DUS30EDGE0810 Ref C: 2023-11-07T19:56:57Z x-cdn-traceid 0.047a2617.1699387017.1e998d2 vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=d38c883ac3d94d97b6fe1090910cd8d4&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 150 expires 0
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/239/ Frame 49ED	80 KB 28 KB	93ms 11ms	Script application/x-javascript	151.101.1.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/239/trk.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Expires Wed, 10 Jul 2024 11:56:20 GMT Date Tue, 07 Nov 2023 19:56:57 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 10310439 X-Cache HIT, HIT Connection keep-alive Content-Length 27646 X-Served-By cache-lga21944-LGA, cache-fra-etou8220025-FRA Last-Modified Tue, 11 Jul 2023 11:56:12 GMT Server AkamaiNetStorage X-Timer S1699387017.291473,VS0,VE0 ETag "615fd4ad24a409f4de5416b603f042c1:1689076572.555276" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 5, 560460
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 49ED	3 KB 1 KB	26ms 24ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 12:43:17 GMT content-encoding br x-content-type-options nosniff age 26020 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 12:43:17 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 49ED	20 KB 8 KB	27ms 25ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 13:56:36 GMT content-encoding br x-content-type-options nosniff age 21621 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 13:56:36 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 49ED	0 0	35ms 34ms	Image text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpmYqYV1ekX79fh2-t_t0vUJLEn0qSQe4NvdIQP1ZMyj-qVSJstbmXJRQJV8gnN7dkDExrbs4dAnXpDW9dEMrjP056ww Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H3	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 49ED	24 KB 6 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 09:13:59 GMT content-encoding br x-content-type-options nosniff age 124978 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 05 Nov 2024 09:13:59 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 49ED	190 KB 60 KB	177ms 162ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 19:56:57 GMT
GET DATA	200 OK	truncated / Frame 2A86	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5cc3bd4c0c7d6e51e7dcb93aea6215abf56155f67f5507f0accce3f19a8c8c20 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
OPTIONS H3	204	adview securepubads.g.doubleclick.net/pagead/ Frame	0 0	136ms 89ms	Preflight text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CL-siiJZKZbOMFcvwgAfLk5H4DL7Fp_Zzo43B-IkSZBABIJWbyiFglfrwgYwHoAHT_PbVA8gBCakCaoyXPL7nsT7gAgCoAwHIA8sEqgTdAk_Q5149p4IG0BC-LpCSL7Q8VpY4lwvSXULI9gE2WySFDYuiB5P-oYDiYYJfcujBj5p4HT2J-lMLONQZUdLNjpavHbkxWEIRbYbJ6UKw5XQk1M8CA8RjrSV2yrBYTMd5x5FFAsWc2H0DGrb835xLZ7twXPg4kwagG7RMVKSe1En1HaTikGqx4cYv6ZgrJ1eyP2hDGGDqDcAfX_BdtceryNLQhJpKB4JQVzG504Z-xmKMxrT2yshL7p2gqYQ8pbwg4ooUxHeXYE-nZ9o3K9nUjtDLmT_mCqy-JiOWff5KRlTctdagd9Mm528LFWXgOLU-Jhx9ZeQ4B7th-uArE9Of0uulVH9dJyYuSM7MMbb-uZnYgra5rbmAYgLp4U5nLZFafb7hu3OT6w3bcdqLorD27OBOzvssulYbxbHL4sBUFkMZXLfPCo6ttrwQ6906QkhpytXOx9ePq6rnEhPah5bABMjlhfHIBOAEAYgFwMOhrUySBQQIBBgBkgUECAUYBKAGLoAH0Kas5ASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC7hxXSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mglpaHR0cHM6Ly93d3cubmlrZS5jb20vZGUvcmV0YWlsP2NwPTY0MzE4MjM1MTMwX3NlYXJjaF8mTWFjcm89LS14LTIwNDI1ODQ3MTc4LS0tYy0tLS0tOTA2MTEzNiZnY2xzcmM9YXcuZHMmgAoDyAsBmAy9-OLFuQSiDAwqCgoI5LSxAu61sQLiDRMIiuHG-9WyggMVSzjgCh3LSQTPuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=wyEwMwIEBco&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaNYAESRnseGXDYdMoHal8bC91BlgpRg9BYq7pT1ppo-wv-c6Wk2VtfOeSvPWOuCejIMTkLRLPNRfzmJedP195kqOb8PUl6YMvaaxgB&template_id=515&cbvp=2&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Tue, 07 Nov 2023 19:56:57 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 2A86 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=CL-siiJZKZbOMFcvwgAfLk5H4DL7Fp_Zzo43B-IkSZBABIJWbyiFglfrwgYwHoAHT_PbVA8gBCakCaoyXPL7nsT7gAgCoAwHIA8sEqgTdAk_Q5149p4IG0BC-LpCSL7Q8VpY4lwvSXULI... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217043716679983340046%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%222...	0 0	82ms 49ms	Fetch text/css	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217043716679983340046%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214789240067795128561%22}&andc=true Protocol H3 Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"17043716679983340046","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["11-07"],"6":["true"]},"priority":"500","source_event_id":"14789240067795128561"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin null p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 07 Nov 2023 19:56:57 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Tue, 07 Nov 2023 19:56:57 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17043716679983340046","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["11-07"],"6":["true"]},"priority":"500","source_event_id":"14789240067795128561"}&andc=true access-control-allow-origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	th www.bing.com/ Frame B2DB	8 KB 8 KB	21ms 19ms	Image image/jpeg	2a02:26f0:f500:c::1726:7b84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OADD2.10239328756924_1GPW6JROZCILZCISC&pid=21.2&c=3&w=200&h=105&qlt=90 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_256_GCM Server 2a02:26f0:f500:c::1726:7b84 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash b99813b811ef67eeb829850af94ab2d77f8213dfc9bd2e3df2c481bacda9e61c Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} x-cdn-traceid 0.047a2617.1699387017.1e99931 report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 8241 alt-svc h3=":443"; ma=93600 quic-version 0x00000001
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 2A86	33 KB 33 KB	16ms 16ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sat, 04 Nov 2023 05:04:01 GMT x-content-type-options nosniff age 312776 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 03 Nov 2024 05:04:01 GMT
GET H3	200	th www.bing.com/ Frame 49ED	7 KB 7 KB	33ms 33ms	Image image/jpeg	2a02:26f0:f500:c::1726:7b84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OAIP.2bcd67c411edf695170624585e210347&pid=AdsNative&c=3&w=200&h=105&qlt=90 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_256_GCM Server 2a02:26f0:f500:c::1726:7b84 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 237706a382cdef70988ada56f2c64548ae3424df0ac6037135b36e002be5548f Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} x-cdn-traceid 0.047a2617.1699387017.1e99940 report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 6841 alt-svc h3=":443"; ma=93600 quic-version 0x00000001
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame 49ED	0 528 B	98ms 41ms	Script text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QLuA-juAQAAAwDWAAUBCIitqqoGEKTlwenArdO4HhgAKjYJyuKIrM2_yz8Rt5Y-ndcCyz8ZAAAAwMzM9D8htw0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiK9gWAAQGKAQNVU0SSAQEG8O2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCHWh0dHBzOi8vY3V0c3kubmV0L05ERmtBbWlTM3EwgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYP7uafghqOmH8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYABSQs8D_QBsKNBNoGFgoQBREdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB4r2BdIHDQkRKQEmDNoHBggFCZzgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=fba505aba0d09a99a00ff387ca6515af16f7105e&bdref=https%3A%2F%2Fcutsy.net%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fcutsy.net%2F,https%3A%2F%2Fdfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html& Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT an-x-request-uuid 39196527-86bf-4b08-9ae6-0bd18a1d2692 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame B2DB	0 529 B	90ms 40ms	Script text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QLwA-jwAQAAAwDWAAUBCIitqqoGEOf7jortyJmiUBgAKjYJSILv7ppa1z8Rafz3BZO71j8ZAAAAwMzM9D8haQ0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXio8QWAAQGKAQNVU0SSAQEG9AUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKjwDHqAh1odHRwczovL2N1dHN5Lm5ldC9OREZrQW1pUzNxMIADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXPmsny1O-74VfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX52kv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAABE8gAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHqPEF0gcNCQEiAQEBJgzaBwYIBQmc4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=bded179520e93c61eb437cb35f87c06bde628db7&bdref=https%3A%2F%2Fcutsy.net%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fcutsy.net%2F,https%3A%2F%2Fdfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html& Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT an-x-request-uuid 50ecaa78-143f-4102-bbf0-98c5672a80ad server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response pagead2.googlesyndication.com/bg/ Frame 193D	50 KB 19 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 06:26:12 GMT content-encoding br x-content-type-options nosniff age 135045 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19628 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 06:26:12 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 3511	1 KB 643 B	10ms 9ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 48592 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 06:27:05 GMT etag 48472445140208031 expires Wed, 08 Nov 2023 06:27:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame B2DB	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89a41959a6585c26845885e4a0663259ab22d8245cfbd71c1a48fd782362f5ad Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FB8C	1 KB 643 B	10ms 9ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 48592 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 06:27:05 GMT etag 48472445140208031 expires Wed, 08 Nov 2023 06:27:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 49ED	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e2e3c47c9d9603d6084c7fb67097fdf6f22b00f29332363617693c8e15069d86 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Content-Type image/png
POST H2	200	vevent ams3-ib.adnxs.com/ Frame B2DB	0 579 B	21ms 21ms	Ping text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QKNB-iNAwAAAwDWAAUBCIitqqoGEOf7jortyJmiUBgAKjYJSILv7ppa1z8Rafz3BZO71j8ZAAAAwMzM9D8haQ0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXio8QWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIdaHR0cHM6Ly9jdXRzeS5uZXQvTkRGa0FtaVMzcTCAAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0z8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MjUyYWQ4NmQtZWFhYS00ZmMyLThhMGYtN2I1NzRkNmQ0ZDM0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgAyjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0KgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTc4Mzg2MDI3NTc5NTE4MTAzMSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFF6TVRrek5EQXlOamMwTWpVak1qTXpOakV4T0RZeE1qRTBOVEF3T1E9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXPmsny1O-74VfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX52kv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAk9fAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeo8QXSBw0JLiYADNoHBggJL6QHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=fd3ebeaa2cf86a8f175fa4d7348ff5a9aa340034&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=3129163051245979442&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT an-x-request-uuid 66d43985-6f03-425c-b498-16921fc36497 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	122ms 59ms	Preflight text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217043716679983340046%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214789240067795128561%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin null alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Tue, 07 Nov 2023 19:56:57 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 49ED	0 578 B	19ms 19ms	Ping text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QKWB-iWAwAAAwDWAAUBCIitqqoGEKTlwenArdO4HhgAKjYJyuKIrM2_yz8Rt5Y-ndcCyz8ZAAAAwMzM9D8htw0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiK9gWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIdaHR0cHM6Ly9jdXRzeS5uZXQvTkRGa0FtaVMzcTCAAwCIAwGQAwCYAwmgAwGqA6UDCr8CaA0z8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NzM0YzczYjYtYmFhNy00OTQ0LWE1NTAtOTQyODM1MTIwOTEzJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJWCBwdWJsaXNoZXIBNCA2MjY0NTMzMCYBDgA3jm0AuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8ExfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMTkzNjE5NjE5OTc5MjI3ODEyIgkzODE4NDY3MTQqBCFc8KQ6NFUyVmhjbU5vUVdRak56RTFNemN5TWprM01UVXlPRGdqTnpRNE16VTNPREkxT0RjeE16RT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFg_u5p-CGo6YfwAUAyQUAAAAAAADwP9IFCQkAAAAFDyzYBQHgBQHwBQj6BQQBWiiQBgCYBgC4BgDBBgUgMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivYF0gcNCREoASYI2gcGAV6wGADgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0d760f83016bd050c8cd10f28f0343e18eeced2f&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=3129163051245979442&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT an-x-request-uuid 0714db27-042e-4f82-87e8-e3d4e10b958a server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame B2DB	0 0	74ms 73ms	Image text/html	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C-u4xiJZKZd2kL-yI1PIPyfSs-AXS4Nfgbo-ktpOTCsCNtwEQASAAYJUCggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwHIAwKqBMMCT9C02I70czliHdsL5wAst0wMR6tg5Im93m54_7kUh4nqJT8Yq01PY1hVZ0jqweJBLlZNk42EQf53SSfEL4hoC3z3DLmoUfPabjM4LBe0Cgt8LZznQb1qH9gFGCxbG5XLRIOj3kI9L4kNPFT3qPZ4ptt7EqwWqhunbwgABrI3-7NuVhzE4jG7qM0Gb374wFtMoDqyMX1Z4MWOQPpWXdoCanA5-PI3drHhE1dOE6EFiyVL9jIqv_SWIvPdoLLZjoGUP26ELeVUGPj9-oDSg69RX25HarZdGG7s586FnTI6SB8rWSUq_pFgYg9oDU4BphFyMJKSVf_aXKzbVV4I7lG_n9Z4t4r2SSQC7ocwN7vyPybaraSbbpPUxSkwRWrOoPNS7yQrCHmsZSyfYVPfmDvTeUgWEW6arXUEzGvDM4hHAhBuFO7gBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=8E5PqdnPR_w&uach_m=[UACH]&cid=CAQSPADICaaN3Pb9AVndKgIoXL-9oEVtDtFkrSCVKk3qTD6uD_rUPTmfGubxs2yqq-r4WcB8NpvV3yjhbwT2sRgB&cbvp=2&vis=1 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H2	200	it ams3-ib.adnxs.com/ Frame B2DB	0 528 B	57ms 56ms	Image text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QKNB-iNAwAAAwDWAAUBCIitqqoGEOf7jortyJmiUBgAKjYJSILv7ppa1z8Rafz3BZO71j8ZAAAAwMzM9D8haQ0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXio8QWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIdaHR0cHM6Ly9jdXRzeS5uZXQvTkRGa0FtaVMzcTCAAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0z8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MjUyYWQ4NmQtZWFhYS00ZmMyLThhMGYtN2I1NzRkNmQ0ZDM0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgAyjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0KgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTc4Mzg2MDI3NTc5NTE4MTAzMSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFF6TVRrek5EQXlOamMwTWpVak1qTXpOakV4T0RZeE1qRTBOVEF3T1E9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXPmsny1O-74VfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX52kv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAk9fAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeo8QXSBw0JLiYADNoHBggJL6QHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=fd3ebeaa2cf86a8f175fa4d7348ff5a9aa340034&pp=ZUqWiAAL0l0IVQRsAAs6ScAPIG1j6Tzm5knbKQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsRbSiJZKZd2kL-yI1PIPyfSs-AXS4Nfgbo-ktpOTCsCNtwEQASAAYJUCggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQngAgCoAwHIAwKqBMYCT9C02I70czliHdsL5wAst0wMR6tg5Im93m54_7kUh4nqJT8Yq01PY1hVZ0jqweJBLlZNk42EQf53SSfEL4hoC3z3DLmoUfPabjM4LBe0Cgt8LZznQb1qH9gFGCxbG5XLRIOj3kI9L4kNPFT3qPZ4ptt7EqwWqhunbwgABrI3-7NuVhzE4jG7qM0Gb374wFtMoDqyMX1Z4MWOQPpWXdoCanA5-PI3drHhE1dOE6EFiyVL9jIqv_SWIvPdoLLZjoGUP26ELeVUGPj9-oDSg69RX25HarZdGG7s586FnTI6SB8rWSUq_pFgYg9oDU4BphFyMJKSVf_aXKzbVV4I7lG_n9Z4t4r2SSQC7ocwN7vyPybaraSbbpPUxSkwRWrO4vFzfeaP8hQ4n1gq_wpbLj_wc8wfP3ZDD_NdSNdDGaRfwpGMeXpyZQHgBAGABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Y8YUq7Y8A6_4JqadqMpo3wMhCbg%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT an-x-request-uuid cf0275e4-31c4-4645-9dbe-078e3b5c9a13 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	AdxPixel tr.blismedia.com/v1/api/sync/ Frame 3511	0 174 B	106ms 20ms	Image text/plain	34.96.105.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJEIzZkj6_0D2kMGyQwCNOo&google_cver=1&google_push=AXcoOmSTKzjpDs8mTxqV2iRui0k-MchpaqHRDKjmMEyzpz0lCCNR4BsTBPFm4kzg-GIOuA1nob5cnHb4slMba5tjDxaclSweMRI Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.105.96.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	pixel cm.g.doubleclick.net/ Frame 3511 Redirect Chain https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEPnhWvVIDPnhaslYhhwGtuQ&google_cver=1&google_push=AXcoOmRkI1__mJW4KJ6nO5SMXOADj2xzI8HQo0EjtrLmKnYNoXw5MdQ6AROCSdNkJYnLutoIayONjSKWobv... https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRkI1__mJW4KJ6nO5SMXOADj2xzI8HQo0EjtrLmKnYNoXw5MdQ6AROCSdNkJYnLutoIayONjSKWobvhyGavOYu80uhQylVR	170 B 233 B	28ms 27ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRkI1__mJW4KJ6nO5SMXOADj2xzI8HQo0EjtrLmKnYNoXw5MdQ6AROCSdNkJYnLutoIayONjSKWobvhyGavOYu80uhQylVR Protocol H2 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmRkI1__mJW4KJ6nO5SMXOADj2xzI8HQo0EjtrLmKnYNoXw5MdQ6AROCSdNkJYnLutoIayONjSKWobvhyGavOYu80uhQylVR Date Tue, 07 Nov 2023 19:56:57 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=3000 Content-Length 0 P3P policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 3511 Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSsv_... https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-2nIJuRNErOhOtiVOYKKBSCovachQ-sW4VOPC0w&google_push=AXcoOmSsv_hyOtS4guEBoAOWKkYFpM-YowAnd3JfGjgIpQbO8XISP_KAYgt97fodTmJXqL0touDsHF35yKrk...	170 B 233 B	27ms 26ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-2nIJuRNErOhOtiVOYKKBSCovachQ-sW4VOPC0w&google_push=AXcoOmSsv_hyOtS4guEBoAOWKkYFpM-YowAnd3JfGjgIpQbO8XISP_KAYgt97fodTmJXqL0touDsHF35yKrkX1xSOFe2DA8yHW10 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-2nIJuRNErOhOtiVOYKKBSCovachQ-sW4VOPC0w&google_push=AXcoOmSsv_hyOtS4guEBoAOWKkYFpM-YowAnd3JfGjgIpQbO8XISP_KAYgt97fodTmJXqL0touDsHF35yKrkX1xSOFe2DA8yHW10 cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1020494 content-length 0 expires Tue, 07 Nov 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 3511 Redirect Chain https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELOwBGIr5ljiXZnD2Ha3Cec&google_cver=1&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3N... https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELOwBGIr5ljiXZnD2Ha3Cec&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3N... https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3NhIq-tppWcldH6Uv&google_hm=elZ1RjljeVRlQkdiRnRV...	170 B 188 B	27ms 27ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3NhIq-tppWcldH6Uv&google_hm=elZ1RjljeVRlQkdiRnRVeGtQRl8= Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 07 Nov 2023 19:56:58 GMT Content-Type text/html; charset=utf-8 Location https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTb9cEaZSPdIThge6RRwCrVzjNPKXffsTDQFpmAjFEUkZaXKkvyzBtrdEN6ao9sAbrODIee-I3WJCt3NhIq-tppWcldH6Uv&google_hm=elZ1RjljeVRlQkdiRnRVeGtQRl8= P3p CP="We do not support P3P header." Cache-Control no-cache, no-store, must-revalidate Content-Length 236 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame 3511	0 411 B	682ms 165ms	Image text/plain	72.34.250.75 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSUEBrLXKnkOuPn-VQOO4Q-p3rrojZaw79plGc3eLjoNOQL1ivnGwp572mhlEX8-VzS7I-auUoyQ71GxaFbUAwMrkNVkeo%26google_hm%3D%5BUID%5D&google_gid=CAESEIbX6BYY4WsWc9Pstz7_W7A&google_cver=1 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Pragma no-cache Date Tue, 07 Nov 2023 19:56:58 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-lax-1-5-82 Content-Type text/plain; charset=utf8 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	204	/ cc.adingo.jp/adx/push/ Frame 3511	0 45 B	1806ms 240ms	Image text/plain	35.73.229.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cc.adingo.jp/adx/push/?google_gid=CAESECxIZ9iUr3zXtRTNS3NTh0o&google_cver=1&google_push=AXcoOmQ-J6yqjYpLpgVNC0jBYhyybjmHtcFKqHBqhEdage5Az7nCVYxQRdiUoe03pQMp0XcyQtDZxzaMDK3R6IBnqysbrEtLZoc0 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.73.229.47 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-73-229-47.ap-northeast-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:59 GMT server awselb/2.0
GET H2	204	v1 match.sharethrough.com/E4rooAtA/ Frame 3511	0 36 B	126ms 10ms	Image text/plain	18.195.255.178 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEO8mNClTpWfP9o2x1Jl18Ao&google_cver=1&google_push=AXcoOmTlIO5mONvzXLgEgggw3mBqf_9BteA2cy0Ut-6Ck3r0ayyjHV6i2NJioP6JpYgpjOeZNbmizVDsjnidXxt_xFANbN_IiIcY9Q Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.255.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-255-178.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 3511	0 140 B	117ms 21ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwpYi8jZkE0_cs35OKGDWPNQeAQ_FbKK8CjgcVnWuaAgRVKM24EW0I7gS22wcDOnyWNHBvQw Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	67ms 62ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=2899011235350703&bg=!GhmlGVbNAAb4oU7C2KE7ADQBe5WfOPimlxG2EJhzRt1MTtu8M5KDMD5MnrxDUY7XKuiTAAA9Insb0B9qum4Iqtn1Xs03AgAAAOdSAAAAB2gBB5kC4mESF_qmZIbB3Xw4ngRLKRhTdhgm3JTtlMcCWIC4Lpkdwlr_1o3AMh0QJXCFuBOxeCU-EWyq41G_O9suPuCydiLG85y2AfqEjZ_hmvviZ_XrttJ4m3--nz5rZ5PIFQrSAVkgfe6mFMgsITcx6xoXUiHmBKtLUNaMr9mOsBnu7YfR0nj8mH1FVlPXmA_sTOzfejL56fcR2ikiGoUDYhX2g_KiEvJ2om_7EgUZNt8i3eIhAAXhbOM_sb7B4PlJleIfpUS4WZMnCNo5XvS4TbxgV6tI0gMAtEN50vPu90vMl9Ptp9kcdcKWT0SapGFN3z4cTP8RRHWo8NIcUvHcdJ_c7DUoqu-D7rDv9jRbjfTi-J3eInR0WF7SCCFEQmvgWQXoAkM_QdIiVj8aRvAaf4vN_NDxgtIm7Z-bMTkZW5ZPD6cuU0ldiY3yvdsjHRTP_k6XO4u9a0AqhEL2WMkKFg7ANy-_iX2l0gaAcOhFD49vUtblrxJDVTc0OroAu5YDNEg-kIS-ThRyhOXp3_2LK69m78lovW_eU3MNi_drht8soyUvrVpWWMLgu3jaMjvFxFNq8qc4jfo7kQpKsu0xX4xlFChqQ3hCDUdpEaTMS5WTCcocma9chyb-SLZHi--G2Kw6cEgWkT8NcpP4VNC03mR5x4XM1RaDYjkq9dXebLri3Me98Qw2Hqu4A1xmWmL9tBheUmT4Y7C9phNOFYM7yrNLZb3DxnmNMhJUHLiwbvKykzFgZp-QA06UjAGUrhM6iFkC0-Qw8tiJI4RGAo9ypFUq0aCpJ9t5q2ojhz_FtFlSfZcqIf4cBUvXcduJxhhQPOfgW3ekHCjc1cY58uG8HvbKA2UbJT7ab75Hh8cYcq4LCTp8VwfI1wcXEJ3QQE9kxWPtNII51ykA_NeCHABQIStuPCQTi_xlBueKW4Jq2I--N8lfcXLs_EMrJ_lHHFkuzq7eGVmo1-Oi6f6gLcq927tsfEHv9g Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H2	200	i.match s.tribalfusion.com/z/ Frame FB8C Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESELamHU_BBOjhkWWayUG8jd8&google_cver=1&google_push=AXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE&r... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELamHU_BBOjhkWWayUG8jd8&google_cver=1&google_push=AXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE...	43 B 456 B	206ms 186ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELamHU_BBOjhkWWayUG8jd8&google_cver=1&google_push=AXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8228247f1e175c62-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 264 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELamHU_BBOjhkWWayUG8jd8&google_cver=1&google_push=AXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqkic-kep4wvx6nzXp9bE0KApoij1idVFbdv8pldJuL-HEcWhBs90oLHSJrdPVaXA1lUPALvNk_0-f7hPQUPxF6JBuVPE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 8228247d5b905c62-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame FB8C Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEOeXKWcyeLFxY1n4e7CiK1I&google_cver=1&google_push=AXcoOmSKbt_jw5dsPwgOs0MRbDfVkYFA8yFfxaK5dfjnNXGQNyahOiDg-pAVYgeMVxMe5IN8jgq4sn0EsIGI-zVc... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nVrGOttiR74lkJLKmE33Rw&google_push=AXcoOmSKbt_jw5dsPwgOs0MRbDfVkYFA8yFfxaK5dfjnNXGQNyahOiDg-pAVYgeMVxMe5IN8jgq4sn0EsIGI-zVcChbx-u9VPniZ	170 B 244 B	24ms 24ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nVrGOttiR74lkJLKmE33Rw&google_push=AXcoOmSKbt_jw5dsPwgOs0MRbDfVkYFA8yFfxaK5dfjnNXGQNyahOiDg-pAVYgeMVxMe5IN8jgq4sn0EsIGI-zVcChbx-u9VPniZ Protocol H2 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 07 Nov 2023 19:56:57 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=nVrGOttiR74lkJLKmE33Rw&google_push=AXcoOmSKbt_jw5dsPwgOs0MRbDfVkYFA8yFfxaK5dfjnNXGQNyahOiDg-pAVYgeMVxMe5IN8jgq4sn0EsIGI-zVcChbx-u9VPniZ x-host tde-deliveryengine-production-bb588bf9-v7qsq alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame FB8C Redirect Chain https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMNEALOvCy97lHSbGFs8RjY&google_cver=1&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0... https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMNEALOvCy97lHSbGFs8RjY&google_cver=1&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0... https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0_UobZUS0lI&google_hm=HnjssGZHHwaMf6LPS-GGg4jC	170 B 188 B	37ms 36ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0_UobZUS0lI&google_hm=HnjssGZHHwaMf6LPS-GGg4jC Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 07 Nov 2023 19:56:57 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS3UEwLLG9ZbLt9xib7qeNs0M2bHS4P5NLM0iszS2RD3hDlyPWu65RBBPhbJfVrttACk6bYkfetqJG8K0Fn0_UobZUS0lI&google_hm=HnjssGZHHwaMf6LPS-GGg4jC Access-Control-Allow-Origin * Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame FB8C Redirect Chain https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELJNhCjG_Hs-gy4RtEaLENs&google_cver=1&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQNW62VEN11fY9FGajigtJBBLH8fg_PLKWHJwgq_w24-DpD https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQNW62VEN11fY9FGajigtJBBLH8fg_PLKWHJwgq_w24-Dp... https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODAzNTgwOTk0OTExMTEzOTQwOQ%3D%3D&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQN...	170 B 233 B	28ms 26ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODAzNTgwOTk0OTExMTEzOTQwOQ%3D%3D&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQNW62VEN11fY9FGajigtJBBLH8fg_PLKWHJwgq_w24-DpD Protocol H2 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUyODAzNTgwOTk0OTExMTEzOTQwOQ%3D%3D&google_push=AXcoOmRAMY44qwJ2dHHG78zNUxKsjOvQzE4k-NnkTxw-qmKs0L-ZwWQNW62VEN11fY9FGajigtJBBLH8fg_PLKWHJwgq_w24-DpD date Tue, 07 Nov 2023 19:56:57 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H3	200	pixel cm.g.doubleclick.net/ Frame FB8C Redirect Chain https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECt-yJwfztyR8IpgNXq--9Y&google_cver=1&google_push=AXcoOmSg01h2X8D8kO9-BhztzwGaPyQ3AnBRH_c5UpLAldVb-Xihu9BCY... https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSg01h2X8D8kO9-BhztzwGaPyQ3AnBRH_c5UpLAldVb-Xihu9BCYQZFQosN0ijrruhU4RdnLuyyW_S76XSacFgQn2ClWlimJA&google_hm=QlMuMWEzNC0wMjE0...	170 B 188 B	20ms 20ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSg01h2X8D8kO9-BhztzwGaPyQ3AnBRH_c5UpLAldVb-Xihu9BCYQZFQosN0ijrruhU4RdnLuyyW_S76XSacFgQn2ClWlimJA&google_hm=QlMuMWEzNC0wMjE0LTQ0ZTYtYWJhMA== Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSg01h2X8D8kO9-BhztzwGaPyQ3AnBRH_c5UpLAldVb-Xihu9BCYQZFQosN0ijrruhU4RdnLuyyW_S76XSacFgQn2ClWlimJA&google_hm=QlMuMWEzNC0wMjE0LTQ0ZTYtYWJhMA== Date Tue, 07 Nov 2023 19:56:58 GMT Server openresty Connection close Content-Length 142 Content-Type text/html
GET H2	200	/ onetag-sys.com/match/ Frame FB8C Redirect Chain https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDarSwL5NWS6oHcp1Q51uEo&google_cver=1&google_push=AXcoOmQreGEZLLKk42AuEBQ5r0uN_u-zexXsBl_4BSOxqJxzDk763_Yk9BBB4Ean45lYq_-dtMTn1FigqyY... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQreGEZLLKk42AuEBQ5r0uN_u-zexXsBl_4BSOxqJxzDk763_Yk9BBB4Ean45lYq_-dtMTn1FigqyYAQxGDTYKNJKRwVlo1 https://onetag-sys.com/match/?int_id=19&google_error=5	0 200 B	21ms 18ms	Image text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=19&google_error=5 Protocol H2 Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://onetag-sys.com/match/?int_id=19&google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 255 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	report sync.teads.tv/um/ Frame FB8C Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEG2bd7-pPoMJ... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRcpRB-7BX33Ord1lWf7UCejxcPSD-9JP3WgsAZ7ULsIRfyXC854RLaIW1qB2ljKXEGAz2KQMHFDSsOaULbiRmOKZxrlOuWcw https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 165 B	44ms 39ms	Image image/gif	23.43.61.33 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Protocol H2 Server 23.43.61.33 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-43-61-33.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers expires Tue, 07 Nov 2023 19:56:58 GMT pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame FB8C	0 50 B	113ms 22ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4ay5i4QqNvmLMbQfhaQ9mThfoNoduM1TTdEX1BY_kigV_xfAjAx5I04wmZkfi5qz-IZaArcxC Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	container.html Show response dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2179	6 KB 3 KB	16ms 13ms	Document text/html	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://cutsy.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 19:56:56 GMT expires Wed, 06 Nov 2024 19:56:56 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 481 B	29ms 28ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=4.82&b=2&r=cutsy.net_auto_interstitial_desktop&sy=3675ec71-09a0-4d17-a5a8-3d610139c1da&ts=96&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutsy.net&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=b3ae8d3a-7385-4abd-89e5-63198671f04f&e=lm&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:56:57 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88329 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 8228247d7d503a3d-FRA
GET H3	200	css2 fonts.googleapis.com/ Frame 2179	4 KB 671 B	37ms 37ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 07 Nov 2023 19:56:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 07 Nov 2023 19:46:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Nov 2023 19:56:57 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 1A60	2 KB 822 B	16ms 15ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 14:05:39 GMT content-encoding br x-content-type-options nosniff age 21078 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 14:05:39 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/ Frame 1A60	23 KB 9 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/abg_lite_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b1cd2613a5b066023f3aee22ea0cd501c2fb10eccaece8de94114f659c0d61f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 13:53:59 GMT content-encoding br x-content-type-options nosniff age 21778 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9286 x-xss-protection 0 server cafe etag 5170786266788330719 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 13:53:59 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 1A60	3 KB 1 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/window_focus_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 12:43:17 GMT content-encoding br x-content-type-options nosniff age 26020 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 12:43:17 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame A653	1 KB 643 B	32ms 30ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 48592 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 07 Nov 2023 06:27:05 GMT etag 48472445140208031 expires Wed, 08 Nov 2023 06:27:05 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/ Frame 1A60	20 KB 8 KB	14ms 11ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/client/qs_click_protection_fy2021.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 13:56:36 GMT content-encoding br x-content-type-options nosniff age 21621 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8543 x-xss-protection 0 server cafe etag 18034338113832500900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 13:56:36 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 1A60	0 0	40ms 37ms	Image text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTE4k9lvzcXgi9fHNPVLUEnlhbpwP8mYxxhCKrUbQT9Pw_uvaMU2J0NE8K_Uz_ZD6bdIWrn8VqYvW2a3V0WtsDWHAXSaA Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1A60	190 KB 60 KB	33ms 27ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61127 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1699274420466708" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Nov 2023 19:56:57 GMT
GET H3	200	ac1dbca482530a26bafc7a8c1241173a.js Show response www.gstatic.com/mysidia/ Frame 1A60	36 KB 15 KB	19ms 16ms	Script text/javascript	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 06:26:06 GMT content-encoding gzip x-content-type-options nosniff age 135051 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15099 x-xss-protection 0 last-modified Wed, 01 Nov 2023 17:23:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 04 Feb 2024 06:26:06 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/ Frame 2179	21 KB 9 KB	30ms 29ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231102/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 18:59:05 GMT content-encoding br x-content-type-options nosniff age 3472 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8785 x-xss-protection 0 server cafe etag 17726888854999048520 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 21 Nov 2023 18:59:05 GMT
GET H3	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 2179	205 B 229 B	29ms 27ms	Image image/png	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Sun, 05 Nov 2023 15:16:22 GMT x-content-type-options nosniff age 189635 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 04 Nov 2024 15:16:22 GMT
GET H3	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 2179	604 B 628 B	32ms 30ms	Image image/png	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 12:18:27 GMT x-content-type-options nosniff age 373110 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 02 Nov 2024 12:18:27 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A653 Redirect Chain https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESENutKCeplJk67gb0kkTkjzY&google_cver=1&google_push=AXcoOmR6Vu-2qtGkj2WqptHEPUxJ_q6JTyalR0LmfSpDd8i58MW_sXWTK1FqrZSiTWPI58_2h9iho... https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6Vu-2qtGkj2WqptHEPUxJ_q6JTyalR0LmfSpDd8i58MW_sXWTK1FqrZSiTWPI58_2h9ihoOHCinlkLIF062lUx9n6rOnO	170 B 188 B	31ms 31ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6Vu-2qtGkj2WqptHEPUxJ_q6JTyalR0LmfSpDd8i58MW_sXWTK1FqrZSiTWPI58_2h9ihoOHCinlkLIF062lUx9n6rOnO Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 07 Nov 2023 19:56:58 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: F32D4C68C70C49B4A17A8C0FC3E3E9A5 Ref B: FRAEDGE1805 Ref C: 2023-11-07T19:56:58Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmR6Vu-2qtGkj2WqptHEPUxJ_q6JTyalR0LmfSpDd8i58MW_sXWTK1FqrZSiTWPI58_2h9ihoOHCinlkLIF062lUx9n6rOnO x-li-proto http/2 content-length 0 x-li-uuid AAYJlV+NdtWZeIAHvkcTAw==
GET H2	200	UCookieSetPug image6.pubmatic.com/AdServer/ Frame A653	0 167 B	376ms 25ms	Image text/html	185.64.190.78 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG4LIW-2jYADMtNETgWDVEc&google_cver=1&google_push=AXcoOmQnSBu5zws5u8JM7VJ_mgZib2nbnUYeLjVC3s0KCA6_9BoWZmO4iV-eLYtrN9xkHFeqpix268aQBf1uFkhmM5GYA_8HmqzG Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Tue, 07 Nov 2023 19:56:57 GMT content-length 0 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame A653	0 411 B	510ms 161ms	Image text/plain	72.34.250.75 AS-XFERNET
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQMpd5h_qTeNO9pxznRj2bZT2Ed6pQXQ9-BjK1bV4xiKZvuMiiof_xAkndPPhuNpJob6VG6Xc1bMX6WeCSS75Ji3M5_IAv4%26google_hm%3D%5BUID%5D&google_gid=CAESEHHvPka49AvlY8oa6FVDrIY&google_cver=1 Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 72.34.250.75 Hemet, United States, ASN27630 (AS-XFERNET, US), Reverse DNS Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Pragma no-cache Date Tue, 07 Nov 2023 19:56:58 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server go-lax-1-5-93 Content-Type text/plain; charset=utf8 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A653 Redirect Chain https://cs.media.net/cksync?type=g&google_gid=CAESEI19eEk5a62EbUQ3Q49tQ0U&google_cver=1&google_push=AXcoOmRwBIHcKJqvB1DlVTQh7Foo8Kd56zYSnmL7qyDQQDChoYnnLr3uh7eOjqHCdsQHN-FG9gpyurDFg4YD7gCy96JBYOH43Pg3 https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&mn_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRwBIHcKJqvB1DlVTQh7Foo8Kd...	170 B 188 B	67ms 67ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&mn_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRwBIHcKJqvB1DlVTQh7Foo8Kd56zYSnmL7qyDQQDChoYnnLr3uh7eOjqHCdsQHN-FG9gpyurDFg4YD7gCy96JBYOH43Pg3&gdpr=&gdpr_consent= Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 07 Nov 2023 19:56:58 GMT Server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Location https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&mn_hm=MzQyMzg4NjE4ODE3MzI4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRwBIHcKJqvB1DlVTQh7Foo8Kd56zYSnmL7qyDQQDChoYnnLr3uh7eOjqHCdsQHN-FG9gpyurDFg4YD7gCy96JBYOH43Pg3&gdpr=&gdpr_consent= Content-Type text/html Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 154 x-mnet-hl2 E Expires Tue, 07 Nov 2023 19:56:58 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A653 Redirect Chain https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELVAWy6Mh29TObEqSAfnUr4&google_cver=1&google_push=AXcoOmQ1DP3IwfkZH2CI-4vHQv5nl2gN2ceLMJGGtLJwLVgP7Z1irxJnT... https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ1DP3IwfkZH2CI-4vHQv5nl2gN2ceLMJGGtLJwLVgP7Z1irxJnTni8rZCBjy4rxL8TkVKBzL_5B_gqnOWWJJUsx7MnvNUC&google_hm=QlMuNTQzMy0zM2M1LT...	170 B 188 B	24ms 23ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ1DP3IwfkZH2CI-4vHQv5nl2gN2ceLMJGGtLJwLVgP7Z1irxJnTni8rZCBjy4rxL8TkVKBzL_5B_gqnOWWJJUsx7MnvNUC&google_hm=QlMuNTQzMy0zM2M1LTRhMTEtOTFiNQ== Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ1DP3IwfkZH2CI-4vHQv5nl2gN2ceLMJGGtLJwLVgP7Z1irxJnTni8rZCBjy4rxL8TkVKBzL_5B_gqnOWWJJUsx7MnvNUC&google_hm=QlMuNTQzMy0zM2M1LTRhMTEtOTFiNQ== Date Tue, 07 Nov 2023 19:56:58 GMT Server openresty Connection close Content-Length 142 Content-Type text/html
GET H2	200	/ onetag-sys.com/match/ Frame A653 Redirect Chain https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDxw3EOd2xiJKc6_G6Jjxb8&google_cver=1&google_push=AXcoOmSYiU1Y7aPE99PPKWDYvL3QvLfMbEKN22NyRSF1e9__eHW88XMUmZ-MTWPy_CulFeebokVGINihmGR... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSYiU1Y7aPE99PPKWDYvL3QvLfMbEKN22NyRSF1e9__eHW88XMUmZ-MTWPy_CulFeebokVGINihmGRQyX6ICwokK4dI55Bz https://onetag-sys.com/match/?int_id=19&google_error=5	0 200 B	8ms 7ms	Image text/plain	51.38.120.206 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=19&google_error=5 Protocol H2 Server 51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR), Reverse DNS ip206.ip-51-38-120.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://onetag-sys.com/match/?int_id=19&google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 255 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A653 Redirect Chain https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENKSBMA2zXyZwtAcS3ccMmU&google_cver=1&google_push=AXcoOmQHsQAT2JnT4... https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENKSBMA2zXyZwtAcS3ccMmU%26goo... https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU0NjAyMDk5MjM4NTkxNTI4MQ%3D%3D&google_gid=CAESENKSBMA2zXyZwtAcS3ccMmU&google_cver=1&google_push=AXcoOmQHsQAT2JnT4C0nceNXBMkq7EdQrY...	170 B 188 B	25ms 24ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU0NjAyMDk5MjM4NTkxNTI4MQ%3D%3D&google_gid=CAESENKSBMA2zXyZwtAcS3ccMmU&google_cver=1&google_push=AXcoOmQHsQAT2JnT4C0nceNXBMkq7EdQrYTg7CEssbDRBMP3PR2mSJlLOFs73YNyWKW5g6ww1LCeEOOQZYwshjaRgqV2rNEa_V1J6Q Protocol H3 Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT an-x-request-uuid d167d49a-c8e1-4262-ba99-16a45e26d3a5 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU0NjAyMDk5MjM4NTkxNTI4MQ%3D%3D&google_gid=CAESENKSBMA2zXyZwtAcS3ccMmU&google_cver=1&google_push=AXcoOmQHsQAT2JnT4C0nceNXBMkq7EdQrYTg7CEssbDRBMP3PR2mSJlLOFs73YNyWKW5g6ww1LCeEOOQZYwshjaRgqV2rNEa_V1J6Q x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame A653	0 12 B	23ms 18ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiYozbRJpHgvPmsYZ1kd8qZAJL3G3LzhU01iSrOB5pWrAofbHeNDtgKlCJ5Q81G74xnWUwplCL Requested by Host: dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com URL: https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Tue, 07 Nov 2023 19:56:58 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Show response pagead2.googlesyndication.com/bg/ Frame A545	50 KB 19 KB	11ms 9ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js Requested by Host: cutsy.net URL: https://cutsy.net/NDFkAmiS3q0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 06:26:12 GMT content-encoding br x-content-type-options nosniff age 135046 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19628 x-xss-protection 0 last-modified Tue, 31 Oct 2023 13:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 05 Nov 2024 06:26:12 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame D40F	42 B 64 B	54ms 54ms	Image image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsts6QMJnLuuXec2Al5EfAeisA22wdBMdLbK4WYxrxsZjSNvy9oDYO1-sppL0gTc1rb5Gg4Nc8AZiVHzOxLlDQWFAhrCzL0dBLL4PORpoTWhhLvILJ0hyU4vcC3rw70SAXkQ3y-1CXmSod2m9EdSyY3oWi6mQ4gaPJ0_f6q58DZY&sai=AMfl-YSYknbXzzj34Wtq4aLqJsF0q163UbXIAY-WjtgDB6lNGYiphkAdC6cttExxjH7mPv5YikYMnLARIqcedPaPvXXiLVZMNPMwJGpksQgoMvGD4bSTvsKXE-Eg1XSB2YbfcYncAPhuoguxRpu2CAUa&sig=Cg0ArKJSzHuH8B0B1Z4TEAE&cid=CAQSTgDICaaN0UKhMUxe2G9LaE5bPGeFR4fg5aDXcbQBpKBD-ZnbIYlCpIfuFB84QO46YksjOgYtcMbw9Cc2wtCTC3pIFM5al79lQmx1em2j6BgB&id=ampim&o=415,434&d=770,300&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=307&tls=1310&g=100&h=100&tt=1310&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	c.gif www.bing.com/aes/ Frame B2DB Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7642f3b9-65d5-4743-8df6-2c9901123f37&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=252ad86d-eaaa-4fc2... https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0f9b7444480d489ba99aaf3e3c1471a0&tids=15000&med=10	0 18 B	55ms 54ms	Image text/plain	2a02:26f0:f500:c::1726:7b84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0f9b7444480d489ba99aaf3e3c1471a0&tids=15000&med=10 Protocol H3 Server 2a02:26f0:f500:c::1726:7b84 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1C5A8038FE324C9EB6A1D9FEAA1E5FD6 Ref B: FRA31EDGE0211 Ref C: 2023-11-07T19:56:58Z x-cdn-traceid 0.047a2617.1699387018.1e99bdd vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 quic-version 0x00000001 Redirect headers expires 0 pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Tue, 07 Nov 2023 19:56:58 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 559B98A3F68748ACA09A9D107E7F9A15 Ref B: FRAEDGE1218 Ref C: 2023-11-07T19:56:58Z x-cdn-traceid 0.047a2617.1699387018.1e99bc0 vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=0f9b7444480d489ba99aaf3e3c1471a0&tids=15000&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 146 quic-version 0x00000001
GET H3	200	c.gif www.bing.com/aes/ Frame 49ED Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fb4c753e-08b7-412c-b25b-8917acdf224c&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=734c73b6-baa7-4944-a55... https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d38c883ac3d94d97b6fe1090910cd8d4&tids=1&med=10	0 18 B	54ms 54ms	Image text/plain	2a02:26f0:f500:c::1726:7b84 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d38c883ac3d94d97b6fe1090910cd8d4&tids=1&med=10 Protocol H3 Server 2a02:26f0:f500:c::1726:7b84 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0F03F3FD7D04483FAB703F0EFD1E0553 Ref B: FRAEDGE1218 Ref C: 2023-11-07T19:56:58Z x-cdn-traceid 0.047a2617.1699387018.1e99be0 vary Origin p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store alt-svc h3=":443"; ma=93600 content-length 0 quic-version 0x00000001 Redirect headers expires 0 pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Tue, 07 Nov 2023 19:56:58 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 9681E478C3494485AA9AD8D3D302B8B9 Ref B: FRA31EDGE0211 Ref C: 2023-11-07T19:56:58Z x-cdn-traceid 0.047a2617.1699387018.1e99bc4 vary Origin content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d38c883ac3d94d97b6fe1090910cd8d4&tids=1&med=10 cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=93600 content-length 142 quic-version 0x00000001
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2A86	42 B 64 B	51ms 50ms	Fetch image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuradx293BcwTpYI1FofhNWm0EgWkDGHE-u7_lRCRCJN32OXP1b1FdFaBBVIghtcxivzl2kWp4IK5BVq5ouUIi4jOPuy_HY-8wW47gm11AEU8JCIDsQGj9vVPLx3SkjjUzZIFj-3cneKymKig1lvbuJ2VR_C-fB_V1tOyBh3Qu354HzIAnzJaiPopkkIvtYDk-wlYLKFNK4PMtu1CmUlQ9u3dPmSDfVkVftE1R_nGXZC_TjBvDivSSXWc_-mKGFiMGJQ9OozVAQswHEGaFFdhkf7bQ9b5p04qRGHdNBgVXBe-MMAhqdlz1weDI1k59Q8beeDIvjo7hJhu2iWhKshl-yOXR_2DF1SfZE9GLmILf8sVZ2_GH5KfxHOKGeun9yPoTFLj93yfy17Up90yNbFvsT6EyDkUZLMPwImAFK_RgBDuEr31kbK9o6DLRpNkZ0k7RN1AZMQsjwldhzHLO2LOV7HL7tOq3rx4c74_INh2YlesiKLobBlDVqDwk1eN86ym7z9qYjqIuDLaWEwuntu98yuAjKIBgyNZTaskXP5Il9amWdLA-MNufPuWukY5yCTmZS-FnCW2kNhiEsMvZWsCya7N_D7DQTR-aJxz_E6W67MA9FWz8dJOUjtofG_84ELNPf0ht1NT-Y89hXXAtEWqiuBIueWGnLqHtscDux5bY31ogqXyD1S6CyabjI7Y-4ELEdItBDLzeWVhdhdJMegkkaT4e2KYN-tb1L3UCzWsIzGhQBwRWQT22e_Nn5SnLPj-O4Zbf_VMba5KOViC-HCV574fcWXrSMsf24hCziSZciYbP2N-h9t2eZp4SMerMsksdfQOLE5X5OFLHMCLcygCjbrQg_JSwiXgBnGvpXz9UZIPg5FAoYcYB_bZfLHHnJirOmlyACg1x2NLf0ieKlzhtV8pGo02Ic3bo45sDSJXoOrSXpQ5ps5UpvvWXd-PTT2MQQgZH9IwUKG4HO8HX2PpiZHyz9PMloD6RJfGQWnb7z0RAUAYRo70OjwTrZTfSfG6ku1TY40OZVwK2a-thLFVHV2g_M-dv7EkKydgYHm0F544RaY-us_nNuGfa-yJolm_hnPvwV10TaTxwvD9OXmhlyiKSPC4jeEnMM-lUiT9skM8riQIigJaTsWOz2q0y3DJSTE4DVBZfI_mwfogszuvXCKAJcm-H18LH38xEBObrOg6egtma8IugE4TjMCRTXudZ0KrXWMgeeUVXWFgw2YT0AggOIz6YJGkuLszwyv_GDlvYczDi6iEOU8gAHYQms7YWRLqyqrRKZwEQSvHWT4Ge1KSFhLOE5AVRNqXijM2HiSyUJBxI7P--FFuOW4eBRVEksNzap0rzz1ZfSfoFxaAAgbBlRERjb2pWoN_jVOoE1C0tsKDG0z7CrxsVAhoRlBH-RGCB3W9Vh2tMjWJwzTUhPBnnZeNjzUTwfQEEZ443lcbL46RxjfBQ7Pfp__Yml5fQYOstZuqIQMT2YVmoFBIY2tGCVMx1RDc_6pKx7yxD_1-PlrXBd4imQT1_6vmCGWYUH47_kyX4Db55JaWaewuWcbLSqNqlEEQpQY08RSlmZQk6iWo3m-EtrNiG8y4O7&sai=AMfl-YRHAL5D_4z7yGvs3X7ome6o6FeM-FJSC5hMFt3EZn-SdHfnsoYflbFs7KyKBB0o8ixXfMZeBi5iw0TNnvU-FLtJozJx3af1OPbCyV9yfhVENOQ00ugH5w6USNHtp411hllRVojNH39ZUI1eWl4YUEimENQBce7pxNFDkg&sig=Cg0ArKJSzFvgNlK1zx33EAE&cid=CAQSTgDICaaNYAESRnseGXDYdMoHal8bC91BlgpRg9BYq7pT1ppo-wv-c6Wk2VtfOeSvPWOuCejIMTkLRLPNRfzmJedP195kqOb8PUl6YMvaaxgB&id=lidar2&mcvt=1000&p=1141,297,1265,1302&mtos=147,771,1000,1016,1016&tos=147,624,229,16,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2114445249&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699387017039&rpt=413&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B2DB	42 B 64 B	48ms 47ms	Fetch image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUn0t2xcSnyAyKtlW3F_4LYzHC0OdhMzQJ0thn8Zl1uumRmnSQCW05G9vLrJ0CoAvL1mRbhUTreJYYJ_EzTGa40qQvj9nDY3-wHncHx8kW61_MvqVVzQ&sig=Cg0ArKJSzHaSU4Q4VirSEAE&id=lidar2&mcvt=1000&p=802,436,892,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1238458262&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699387017099&rpt=504&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 49ED	42 B 64 B	45ms 45ms	Fetch image/gif	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6oQs32MkbeiAJWe1xBclU06AGcKG4Mc4GXSYV42MX7cR__Ay_4wkMthCLctfw023mwaMuGWSF5YOpQGlxrGL6XNJ7wqqaMV7Et3elRRCxcXCpZdsY5w&sig=Cg0ArKJSzOHIj9cyZAaiEAE&id=lidar2&mcvt=1002&p=275,436,365,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3552869000&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699387017158&rpt=471&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame B2DB	0 693 B	96ms 96ms	Ping text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QKNB-iNAwAAAwDWAAUBCIitqqoGEOf7jortyJmiUBgAKjYJSILv7ppa1z8Rafz3BZO71j8ZAAAAwMzM9D8haQ0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXio8QWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIdaHR0cHM6Ly9jdXRzeS5uZXQvTkRGa0FtaVMzcTCAAwCIAwGQAwCYAwmgAwGqA5oDCrACaA0z8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MjUyYWQ4NmQtZWFhYS00ZmMyLThhMGYtN2I1NzRkNmQ0ZDM0JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgAyjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRn0KgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTc4Mzg2MDI3NTc5NTE4MTAzMSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRFF6TVRrek5EQXlOamMwTWpVak1qTXpOakV4T0RZeE1qRTBOVEF3T1E9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXPmsny1O-74VfABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX52kv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAk9fAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeo8QXSBw0JLiYADNoHBggJL6QHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=fd3ebeaa2cf86a8f175fa4d7348ff5a9aa340034&type=pv&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sf=1&sid=3129163051245979442&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT an-x-request-uuid 4670b380-8916-41c1-b677-5c2405532949 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 49ED	0 693 B	16ms 16ms	Ping text/html	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcutsy.net%2FNDFkAmiS3q0&e=wqT_3QKWB-iWAwAAAwDWAAUBCIitqqoGEKTlwenArdO4HhgAKjYJyuKIrM2_yz8Rt5Y-ndcCyz8ZAAAAwMzM9D8htw0SACkRJNAxAAAAgOtR2D8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXiK9gWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIdaHR0cHM6Ly9jdXRzeS5uZXQvTkRGa0FtaVMzcTCAAwCIAwGQAwCYAwmgAwGqA6UDCr8CaA0z8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NzM0YzczYjYtYmFhNy00OTQ0LWE1NTAtOTQyODM1MTIwOTEzJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTMJWCBwdWJsaXNoZXIBNCA2MjY0NTMzMCYBDgA3jm0AuHJ0eXBlPW51cmwmdGFnSWQ9NjkzMjU5NCZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViNhkA8ExfcHl2cHhwYmFzdmV6bmd2YmEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMyMTkzNjE5NjE5OTc5MjI3ODEyIgkzODE4NDY3MTQqBCFc8KQ6NFUyVmhjbU5vUVdRak56RTFNemN5TWprM01UVXlPRGdqTnpRNE16VTNPREkxT0RjeE16RT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFg_u5p-CGo6YfwAUAyQUAAAAAAADwP9IFCQkAAAAFDyzYBQHgBQHwBQj6BQQBWiiQBgCYBgC4BgDBBgUgMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivYF0gcNCREoASYI2gcGAV6wGADgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=0d760f83016bd050c8cd10f28f0343e18eeced2f&type=pv&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sf=1&sid=3129163051245979442&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/239/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers pragma no-cache date Tue, 07 Nov 2023 19:56:58 GMT an-x-request-uuid 13eae9e8-71c7-49f6-861a-edee6b178797 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://dfd5fb4b06410421cee99bf8b96bb3ce.safeframe.googlesyndication.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 81.95.5.36; 81.95.5.36; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	136ms 135ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=cutsy.net_auto_728x90_sticky_display_bottom&e=ufp&dsReferer=Y3V0c3kubmV0L05ERmtBbWlTM3Ew Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.18.1.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://cutsy.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers x-nf-request-id 01HEJQ19G0N6J6MRE5ZJVMCNNZ date Tue, 07 Nov 2023 19:57:02 GMT strict-transport-security max-age=31536000 cf-cache-status HIT age 88334 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "ccc4768c44898d287fe4a0c2f708d3c5-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 822824977be23a3d-FRA