cutty.app Open in urlscan Pro
2606:4700:20::ac43:4621 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cuty.io/hSayON
Effective URL:
https://cutty.app/hSayON
Submission: On May 09 via manual (May 9th 2023, 8:12:14 pm UTC) from US — Scanned from DE

Summary HTTP 183 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 28 domains to perform 183 HTTP transactions. The main IP is 2606:4700:20::ac43:4621, located in United States and belongs to CLOUDFLARENET, US. The main domain is cutty.app. The Cisco Umbrella rank of the primary domain is 515779.
TLS certificate: Issued by GTS CA 1P5 on March 20th 2023. Valid for: 3 months.

This is the only time cutty.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2606:4700:303... 2606:4700:3031::6815:4bd0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700:20:... 2606:4700:20::ac43:4621	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	142.91.159.186 142.91.159.186	7979 (SERVERS-COM) (SERVERS-COM)
2	2606:4700:303... 2606:4700:3037::ac43:c9d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
23	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e0:... 2606:4700:e0::ac40:6d19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:3e00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.203.208.238 18.203.208.238	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	13.32.121.100 13.32.121.100	16509 (AMAZON-02) (AMAZON-02)
183	38

28 2606:4700:3031::6815:4bd0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cuty.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.cuty.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4621 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutty.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.91.159.186 (Netherlands)

ASN7979 (SERVERS-COM, US)

forbidcrenels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:c9d8 (United States)

ASN13335 (CLOUDFLARENET, US)

asacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6d19 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3e00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.208.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-208-238.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-100.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143	479 KB
28	cuty.io 1 redirects cuty.io — Cisco Umbrella Rank: 382236 cdn.cuty.io — Cisco Umbrella Rank: 468176	881 KB
23	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357	262 KB
23	demand.supply live.demand.supply — Cisco Umbrella Rank: 35050	39 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	242 KB
7	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	267 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 375	110 KB
5	cutty.app 1 redirects cutty.app — Cisco Umbrella Rank: 515779	31 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 429 mug.criteo.com — Cisco Umbrella Rank: 2429	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	158 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3521	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1008 id5-sync.com — Cisco Umbrella Rank: 444	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1195 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1013	12 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7680	696 B
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 21852	2 KB
2	asacdn.com asacdn.com — Cisco Umbrella Rank: 190459	61 KB
1	truste.com choices.truste.com — Cisco Umbrella Rank: 921	27 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3225	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 664	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2999	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2495	250 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	78 KB
1	forbidcrenels.com forbidcrenels.com — Cisco Umbrella Rank: 306057	1 KB
183	28

	Domain	Requested by
27	cdn.cuty.io	cutty.app cdn.cuty.io
23	live.demand.supply	cutty.app live.demand.supply client
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com cutty.app
20	pagead2.googlesyndication.com	cdn.cuty.io securepubads.g.doubleclick.net cutty.app tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com www.googletagservices.com
16	s0.2mdn.net	cutty.app s0.2mdn.net
12	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com cutty.app www.googletagservices.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	cutty.app 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	2 redirects cutty.app tpc.googlesyndication.com
5	cutty.app	1 redirects cutty.app
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.googleapis.com	cutty.app 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com cutty.app
2	googleads4.g.doubleclick.net	cutty.app
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	gum.criteo.com	1 redirects static.criteo.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	youradexchange.com	asacdn.com
2	asacdn.com	cutty.app asacdn.com
1	choices.truste.com	8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	cutty.app
1	forbidcrenels.com	cutty.app
1	cuty.io	1 redirects
183	39

This site contains links to these domains. Also see Links.

Domain
cuty.io
sulvo.com
youradexchange.com

Subject Issuer	Validity	Valid
*.cutty.app GTS CA 1P5	`2023-03-20` - `2023-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.cuty.io GTS CA 1P5	`2023-04-03` - `2023-07-02`	3 months	crt.sh
forbidcrenels.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-12` - `2023-06-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
youradexchange.com GTS CA 1P5	`2023-04-23` - `2023-07-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.truste.com Amazon RSA 2048 M02	`2023-02-28` - `2024-01-16`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://cutty.app/hSayON
Frame ID: 17BC8638CD3448702EA7344EF17429A0
Requests: 89 HTTP requests in this frame

Frame: https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
Frame ID: 6D99F6E489B34A5D2988C1813D5FCC84
Requests: 3 HTTP requests in this frame

Frame: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A25C53CF6A7B7DA68D0F9D2EB0047A61
Requests: 1 HTTP requests in this frame

Frame: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6CC528C691041CFAB1C20ADA51920855
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A9BA4A5641F016994A4FB3ACDB5F510
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 582672596762B07EB9CEBD72B0C1A379
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutty.app
Frame ID: 671FDD93A351E4D17353200075C73EA8
Requests: 2 HTTP requests in this frame

Frame: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 215EA1CD701EA4D71E2E71C83A77E810
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVbqHDx_Z82eiPs3lzLmWOmsW6C-chxg20-9flwxHQCHlPBCn2lrcLUIvsygwqUGAno4428NZZXxGBpTyFwk4hoRHHvo1_jsMAd1LujW1lAQTk-eAvdAKItJcI29J6HxZvg66j-nRR1LzEg56gAA-0fYjfxWpM2yzcBka2T7J0ikaXIopR-4K4ST6lTLN5UELe7tl3DPVUJpl_9-T__b8F7TmF1Fg
Frame ID: 646D4555AFEBB5750AFA410BAA4D618B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3F2EA211858FCEF77EFE39EDBA5F674A
Requests: 19 HTTP requests in this frame

Frame: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B4AE4C54CEEA3A5FCCE548FD4EBFE8A4
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: 3926A4C9CCCB6B000C11C8D314E60EA0
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B174DD39A2400A402500F5CAEAD72270
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 7AB41FC5EA67A6AAE3E20EF59A91C489
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A72FF046172D4F0D38DBAA81AB45425B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
Frame ID: 89F7E55536833D7B2B97FFE960F7D928
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shorten Links And Earn Money | Cuty

Page URL History Show full URLs

https://cuty.io/hSayON HTTP 302
https://cutty.app/hSayON Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

183
Requests

96 %
HTTPS

68 %
IPv6

28
Domains

39
Subdomains

38
IPs

6
Countries

2698 kB
Transfer

5684 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://cuty.io/

Search URL Search Domain Scan URL

URL: https://cuty.io/payout-rates
Title: Payment Rates

Search URL Search Domain Scan URL

URL: https://cuty.io/register
Title: Earn Money

Search URL Search Domain Scan URL

URL: https://cuty.io/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cuty.io/terms
Title: Terms Of Use

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://cutty.app/hSayON&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cuty.io/hSayON HTTP 302
https://cutty.app/hSayON Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://cutty.app/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

Request Chain 99

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutty.app&sn=ChromeSyncframe&so=0&topUrl=cutty.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YnUDv3xSQmlObytBTy9MR0htSnFzR2ZTOEQ1a0h0MVBuK2NMWVVDUitWdThzQmYybTBsQUIrU0FwU1lsbGswSUVNMFJuZURibmd1ZFRzUkRaR0tockJnZDVxcU1aTERaMExUczZMUjg0cXQ1VFBJb0FCaUpEMlVudmNxb0JWZGJxZVFiMG9lenRvbmEzS2lQSWxaWFpFVmRLbDJsZy9DUjlFaHc4ejVKZUh3ZitzblpQVGRGb20vRDByOGdtdVVJTFRaNUk4dlU2RHkrS3VOUGpTQ2lod3BMZVE0dEpmK1JPOXNkMnRNeGJRR005empwblROWEViL1ZleWtscjUydytCRkNmWkJtZHRIUEUrSy9wSDIvelJhRjdYUT09fA&cppv=2

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFqpGdYJdM-RAdraPsaOXwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMSeei3wo50WFpZ5sEqlrBY&google_cver=1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MTMxMjQyNTAxMjczNzA4MA%3D%3D

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

183 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request hSayON Show response
cutty.app/
Redirect Chain

https://cuty.io/hSayON
https://cutty.app/hSayON

42 KB
15 KB

93ms
62ms

Document
text/html

2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0706adf5d4587ac6f4139e8889628b1b7a5e9cd320a3eeada00a46806f45a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 7c4c98749aba929b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 20:12:07 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEmCHnHYZMU8%2F%2BCnfUQLvU%2FxKLAqztB3gQI7lnZwmQkhRknBMqgUdYbWxeMLj5VOhVDAItAQFjroaLjc3yapkIrM1uynYTNorO1STDgfxy2E8XGSswHY6KIJ9APVIsI2VFDiiO408Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7c4c98743ca13602-FRA
content-type: text/html; charset=UTF-8
date: Tue, 09 May 2023 20:12:07 GMT
location: https://cutty.app/hSayON
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50gw9AehQ9JXzZhDotv50EO5VInCm34ujJq%2BU%2BMWu%2FufCQrEHVFDuOWr5D1dh%2FgPNJBN%2BKivlk3uKbmYocMWaaWMXzmRqe9BhDUI5Wtv%2ByjzLa9%2FPH7Sef%2FMjEEWanqPeN1Odznp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 136ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 18:14:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 20:12:07 GMT

GET
H2 200 public.css
cdn.cuty.io/css/ 51 KB
10 KB 34ms
16ms Stylesheet
text/css 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1173609
cf-polished: origSize=52548
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Dec 2022 14:22:02 GMT
server: cloudflare
etag: W/"63ac510a-cd44"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TszSqWQMG0za3lXUEyenDXh005%2FlX%2B8x3H3RAhlBdkHcJyhe6LONli696SeZloCD5lWkwa9MEysqvoXLeO%2F2bHyfua7iw9j359cB7yIU2B1PE0z%2B7nP%2FDt4LogNbf3fgzzp%2FgtZ9lVSZzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7c4c98752de33602-FRA
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 logo.svg
cdn.cuty.io/images/shared/ 6 KB
3 KB 19ms
17ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/logo.svg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1173608
etag: W/"63b16742-175a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xE6D7CAoaSCVY59T%2BDmB2ulo9yWiP7RP0vPKXO3oZ5FIMQxHsbhNbzhkGdNH1SDx42OAEAawxGyMbgWqi6jjWDFFTgQxpOG%2FQnXo8Bi1jaSMXkG3eV7Qpo7iNK3bS5fY52sgbjTvRl%2BDEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c4c98753e003602-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 locale-en.png
cdn.cuty.io/images/shared/ 24 KB
24 KB 20ms
18ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-en.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6460463
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24647
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-6047"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqAVIfvIzrIpjMeWnFx75AFJvjmmAqbgIhvoMuHrXQg8x7GkP2oqnQJAPzIkVYLr72JbvgGGtwZGwLkEJJvI3QR2%2BNHfG8tbYLdYkgWP9IXdGkMgb1VtYPexJdACXLheWSlSfudb1tEL3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98753e043602-FRA
expires: Thu, 22 Feb 2024 07:01:03 GMT

GET
H2 200 arrow-down.svg
cdn.cuty.io/images/shared/ 220 B
486 B 21ms
18ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/arrow-down.svg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8434449
etag: W/"63b16742-dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg%2F3TUZCoXQdZDBY4YOnR6gRNbJ7QIEzYf5edoxRx5vGW2wQPUWqa1uA11lQJID1z6piSYfbB8Z2pV7rMnArBx4b9jJT1p1M87o2CUqoSbWzFF9BCaKSu8Tqs%2BlvMdZnTibUPw7ObGW2CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c4c98753e053602-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 locale-es.png
cdn.cuty.io/images/shared/ 12 KB
13 KB 27ms
25ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-es.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1173607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12579
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-3123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51zfN4q%2BKk0IBcNxQe0lYScyu%2BgbM8XOaj%2Fg8mj%2F4vniKCJmx%2B0wIlHNRc3MV15r6X%2F3K88ZQCu1zQnr8qvdRskNcSFTPcWJ5jntq8q1lNXWhbH8kh9UKWsk1gLFUc8WmPjtQ%2B%2F3fdb5bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98753e073602-FRA
expires: Fri, 16 Feb 2024 21:24:25 GMT

GET
H2 200 locale-ar.png
cdn.cuty.io/images/shared/ 50 KB
50 KB 30ms
26ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-ar.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6460192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51070
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-c77e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bv3%2Bm0ek6xvbiy9SSnfZUGita%2F%2FqOrxGv%2BaPP2vKN6JHI%2FQu76a3WF3Vih4eBeO6XoojXo2qCzmcbPaZt2RXl0hpP4VgbGFYLHv0%2Ba0yHyanpU2jmCNuJbYhRRJaI1dKVI8JYBRaN5lSWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98753e163602-FRA
expires: Wed, 14 Feb 2024 21:05:04 GMT

GET
H2 200 locale-fr.png
cdn.cuty.io/images/shared/ 16 KB
16 KB 21ms
18ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/locale-fr.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6462026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16411
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
server: cloudflare
etag: "63b4a820-401b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66wgip5pZ23yMaouUeJOs9Jqq6IO62CIwlWVZbpJgK16uabMh6JJo9yhs4WxkPcbzRHGCB2mo9JSePAL1%2Bi4Z6stO8CatdfEFWo5thjJpgarH9C%2Bk%2B2EmTPfs3z638ZyNjCIp3AkLYhH3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98753e173602-FRA
expires: Fri, 12 Jan 2024 18:04:16 GMT

GET
H2 200 burger.svg
cdn.cuty.io/images/shared/ 207 B
486 B 23ms
19ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/burger.svg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8434525
etag: W/"63b16742-cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AJh1ouL2fCfOKCUvwkWf%2FSZLXBEDg5qSrSBW2AIRXP%2FN3YEz7JZWyAggSGlN3dbUy7nsUsC8ndkoepEA%2BO7OPIa29NYnmzDd8O%2FOiAo9L22j%2BdTMAlfuLwqceFiDASBgGm%2FMpKV94f5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c4c98753e183602-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 x.svg
cdn.cuty.io/images/shared/ 209 B
495 B 26ms
23ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/x.svg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8434525
etag: W/"63b16742-d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g83jvOQQacxUK1Yt0LqyC5B4dY%2FQYfsQVjzNI8h0X1qCk68eEhlsv5OaTSfWTTWge2gMV4umpRooewLFG3SxwuEVbp%2F4QM%2BwjxgGLNuTMOC1tfDjPWaeUWdRNSYmiAsjEEFB5RbBu1%2Fh5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c4c98753e1a3602-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 facebook-icon.png
cdn.cuty.io/images/shared/ 409 B
734 B 22ms
19ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/facebook-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6458299
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 409
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-199"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN39eqkL23XDmfaUDIpNzEUQhR%2B222zOrNg5FsKvWmdSXc0QIpRN4Uhi558bujCma9ROrI960Js9lho9RzWKCC4SLV6NB8KlVPmx38iSF0VA4Plu0KaNOwQfbogGElEekZqCj4tVmxd10Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98753e1c3602-FRA
expires: Sat, 03 Feb 2024 23:06:31 GMT

GET
H2 200 twitter-icon.png
cdn.cuty.io/images/shared/ 809 B
1 KB 21ms
18ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/twitter-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1171192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 809
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-329"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wv0ii6cA9xhCfpHiRbr%2FCD8GlDVedLD%2FrYg5zlZjo%2Fh%2BlTh8XIs2glZHr6wJVPPkO560mK0ALIJPzur24CfCcLGlGzorKU3biFUAeHdrvI7vFxYKE0e6cxSWPipdLt56MKGG2I8ZtdPctw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e1e3602-FRA
expires: Fri, 09 Feb 2024 16:07:45 GMT

GET
H2 200 linkedin-icon.png
cdn.cuty.io/images/shared/ 222 KB
223 KB 22ms
19ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/shared/linkedin-icon.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1173609
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227769
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-379b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ITU9AdAyKhVuxpU%2BbiGtjEWGkzgZI3eEVgAOp%2BffbgcH3%2FgTx2Eszs6oIc%2BldnmGv0xPo1KWP62bYEevKZnMRKWF%2BkjLPfoB608wcpr4EcCs3mGOmt7nw%2Fots0RX0BiYfr6FCU2rn9gwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e1f3602-FRA
expires: Sat, 24 Feb 2024 01:42:11 GMT

GET
H/1.1 200
OK 60028 Show response
forbidcrenels.com/1clkn/ 6 B
1 KB 198ms
23ms Script
application/javascript 142.91.159.186
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://forbidcrenels.com/1clkn/60028

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

142.91.159.186 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 20:12:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 200 suv4.js Show response
asacdn.com/script/ 100 KB
35 KB 82ms
24ms Script
application/javascript 2606:4700:3037::ac43:c9d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/suv4.js
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdcfc0cd2ece0055e60c01ad1e3820edf3b65c1bc71fcd925a723cfde42d8f32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 365
x-guploader-uploadid: ADPycdvUjsJ-SzzSMzJs2Jfm4Dqt8V0gBk5-tLNttA6rfTcJ8Udh8BE5swOyAydbMQkTJmUZNr0zkjb10eVVvF-nfNM1BH63kJ-w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 12 Apr 2023 13:25:49 GMT
server: cloudflare
etag: W/"e47e4068a5f54c8ad33bbe8a64a118cd"
vary: Accept-Encoding
x-goog-hash: crc32c=pQRubA==, md5=5H5AaKX1TIrTO76KZKEYzQ==
x-goog-generation: 1681305949042508
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIqUZ5JMiZ%2FGTZ%2FJKuor6IRPyJHi7nia5rQFKe0aFz1INRN0McvItNso7DMoMqLuPmgA9Ep0P1AnYyq%2FimwWIBphI2BQLB9a8DhCXMlHQcCZDl2ODJvlM8Qpu%2BU7XBkNT1%2FlNCXk8aP%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 102203
cf-ray: 7c4c98758d563609-FRA
expires: Tue, 09 May 2023 20:44:41 GMT

GET
H2 200 step-1.svg
cdn.cuty.io/images/public/ 2 KB
936 B 21ms
18ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-1.svg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1171192
etag: W/"63b16742-658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQEUfc9z8N7jpfhbbs%2B0hx5K9ipWtQfbaLHv1auz8KdFkpD%2FdL5Yp3MyEyopPRTf61IA%2F%2Fb%2FvhVG%2FxV8XWjTjXipxnrxlS4ct5j%2BhvOY4vckOynXf4q%2F9vddOTnZ%2FqflihCyEd8AYwAlpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c4c98754e203602-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 step-2.svg
cdn.cuty.io/images/public/ 2 KB
1 KB 22ms
19ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-2.svg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8434449
etag: W/"63b16742-607"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DEE%2BhcbEg9td3lpYzeOGm9HCyKFOymfEpjJTb1pOmdK2CcugX%2B0GvS3Lh1bFdRAYoTOkOSsQkLnEjbz%2Bs8L%2BrG9y6HCGpRtdWek8wAnrDaN15bUbm9zdfHd1Edn8g4j6b62AqA%2FB%2FAppA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c4c98754e213602-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 step-3.svg
cdn.cuty.io/images/public/ 1 KB
813 B 27ms
24ms Image
image/svg+xml 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-3.svg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8434524
etag: W/"63b16742-45b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma6PMV8gU2E7ZG4pyQ3bbjjC9iNp1uY4mtQ1SQ1vCSGH6YyjZW4uz2lIZqAefcQEPJoV20IzSB%2BR3D%2F38Ot%2BKm4QQaLw5ed1hoSNLUkCST9jWvBMtVVkAUPqYgChdxNklT1aAGhHdUg%2FSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 7c4c98754e223602-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 01 Jan 2024 10:59:13 GMT

GET
H2 200 money-tree.png
cdn.cuty.io/images/public/ 27 KB
27 KB 30ms
27ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/money-tree.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1171192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27646
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-6bfe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRjn90br2nFF1iajRpcBE18D47IqSbgxLad75eZXYG5Ty3GbmBqR3m28uoMHtVBQPUfuhj48wlh3q0nnPf4fHDaBU3xI4uza%2BJT90wL20ICtB6MdWDkunsegYMAOVlpmEBWNxa5qPOnMDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e2a3602-FRA
expires: Wed, 14 Feb 2024 20:48:40 GMT

GET
H2 200 bitcoin.png
cdn.cuty.io/images/public/ 30 KB
30 KB 37ms
34ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/bitcoin.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7073289
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30766
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-782e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNu1rSmQ7fiOKrUZxcl1ebS7tus5WmEcDYrZCI9Yz4Q%2FXr11kCqlRUhjwSi149b0EQPlV%2FnJFbCPZOw5F%2BUysZY7RqifZdk1ev5rPfVAHNEiU1%2BjDhtVt1s%2BKHp3jhBsU9weR5%2BLQj7x6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e2b3602-FRA
expires: Wed, 14 Feb 2024 22:09:01 GMT

GET
H2 200 payeer.png
cdn.cuty.io/images/public/ 1 KB
2 KB 29ms
27ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/payeer.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1171192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1390
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-56e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bsq%2Bt%2Fv4nzJnLi5kXgGzoAWHQpQBEsVaBM5VfBqeXlkZ5jtp5cx3GaV7dwOHzfhmOW1M861rILmUlCSBAJd4B8UzbiO9ume6owr%2Bj8hOFVmSiRSbPaCzRJn3mPvJldTUbXN3W1yZc4d3Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e2c3602-FRA
expires: Sat, 03 Feb 2024 14:32:03 GMT

GET
H2 200 paypal.png
cdn.cuty.io/images/public/ 24 KB
24 KB 31ms
28ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/paypal.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7696390
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24721
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-6091"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5gktd7Rh3sC2tf1Jnvr%2Bseaex6JeyAvEPn6Ft%2BiFQzYpEiN8WgQNZOiivBsuSnTrncbIciYtczY%2Fx53FvVVAsJxqtRH1cj8JDURjFSZmUR2mZN6s0toiwVtZnOSKS3Cdv0SNP%2FGRZ7hxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e2e3602-FRA
expires: Wed, 24 Jan 2024 02:38:52 GMT

GET
H2 200 perfectMoney.png
cdn.cuty.io/images/public/ 198 KB
198 KB 38ms
35ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/perfectMoney.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8434462
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202386
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-31692"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGiUidm%2BCfH6RUJjYQDsAps1dX4NJzFvR%2F9v%2FsxfJssdmSWRM2awab2F6Fp5nlSQgaq0wVkAy2NmORYMORAqTCA%2FpSe%2FC0uGxD6f6ftitgSqEoFy3DLbDL9KOeTXn6fp7y%2BLM7jTlab1pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e2f3602-FRA
expires: Fri, 26 Jan 2024 23:33:04 GMT

GET
H2 200 advcash.png
cdn.cuty.io/images/public/ 8 KB
8 KB 31ms
28ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/advcash.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6621068
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8141
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-1fcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0Y0ul%2BU1gRGjUuCr0Jf9lMndoc%2FNEOJSvgejPcNS82ifd%2Fk9RozGth%2FYnTXzstSlrz0O1D%2FZM3hZzDtZoL1fmqVztZ8RjgxUCHuepkfR3k%2F3JwDKFA1t560YXK5MWte%2B2ySyrhPdTpwyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e303602-FRA
expires: Sat, 03 Feb 2024 23:06:31 GMT

GET
H2 200 airtm.png
cdn.cuty.io/images/public/ 2 KB
2 KB 30ms
28ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/airtm.png
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1171192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1558
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: "63c5a2df-616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19Ky1xOlnNg7tUH2NWtLkDhurIfTiS63l9ACk7lwziTQszcQip2jIQt%2B30F7PxTuROCuWSpqQfd2h%2F5MRCaY3eNaz0ycp6VQz%2BHAUaxXcYCv2K5jCxC832GhfRxIGD8wrt5jz3i4ymAKOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e313602-FRA
expires: Sat, 24 Feb 2024 01:43:47 GMT

GET
H2 200 base.js Show response
cdn.cuty.io/js/layouts/ 104 KB
37 KB 22ms
19ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/layouts/base.js?id=bc813ca38dc4dbda754827e747c2432c
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e205035f95d2df2de450fc415ca764d947545541d1b3501ba2c76f8094c877e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8434477
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-1a0b0"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7sbZaUgYzLBDy2xwM0NbKvp%2BywM8UgjbNplScWlQPIy2O62m%2BNj2%2BKbhlw0pG7I%2B2F3fvKUkaHFI8JNnihfCEhwo1eLi6m98qB0XtJgt4LYJ%2BQ0J9WSTXDQ9OYx4JzMXQTCdb9nIGOyGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c4c98753dfe3602-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 first.js Show response
cdn.cuty.io/js/public/links/ 24 KB
8 KB 30ms
27ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/links/first.js?id=d283d38a711a8751c0103864121763a6
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059fbd3e3fd10036ccca55b5d8ca87fc56519c981f8920765f8258272a78dcda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1173606
cf-polished: origSize=24370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-5f32"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zsZC6Yz5YLOKF9OL%2BgUQyUBOfN1cXh8JYX5ARGofT%2FlVsZXd46%2B28s0tue6N%2Flr4HKtwKaxy2z6skIyXzxDepGzlQb%2FK6FemdMisliy1c6OL6MRoBWw7RRWQ9QALQ0lDqc52Y1MP3yWdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c4c98754e333602-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
876 B 139ms
50ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a54944cb43fbed96d8ab1911df73a06fd97ecd86f067b0483957433a0a6001c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Tue, 09 May 2023 20:12:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 144ms
56ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b377f5417c1f05620a1fa9054c625e99fe7b6364b0731211f5cd66bed3ade45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 20:12:07 GMT

GET
H2 200 nav-links.js Show response
cdn.cuty.io/js/public/layouts/_partials/ 3 KB
1 KB 30ms
28ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6170c176158b385f669ef60f0f8ff573663f2f5356d3bd3721e4fbbd9d2f3af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1171192
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-c19"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDCzlTn3Zr76OzpGDuuv18cGoBrOvpkfC3zFCfctNcMXwN1vNfykgZAdsYoAJD%2FYdT0j6iNAhwz72aLzt1oz939i3ZwdJuF%2FMMJG0plPOWmvpl2liaeCAOYscxUe19Fdlir20OAQ%2B9wlbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c4c98754e343602-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 app.js Show response
cdn.cuty.io/js/public/layouts/ 335 KB
100 KB 44ms
42ms Script
application/javascript 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cuty.io/js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a03ddeac46f9ebc3f24a15581bd42c80926fcbabb42c59bfad5c169bdbfde1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8434454
cf-polished: origSize=343473
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
server: cloudflare
etag: W/"63c5a2df-53db1"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4p%2BTFmkSsK%2FbEMI2xdbBtaetEOmSbfSLeGZtOQX9Wdm5X7jU3aonYrCuNrcpgoZ7NldgWEIPamzIPDN4UAZRHWgmpnDnyD5rxRy%2F%2Bh1JNulW4T%2BhJwGN6xH9Qq03BVx4bqMFnlCGEYhMfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7c4c98754e363602-FRA
expires: Tue, 16 Jan 2024 19:17:53 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 162ms
114ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69d937db3ddcb6e49eb6b00a843da0c4c9d1d53ee39542b5c554881a60f472e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZPW15EYA0Z0CT0XATKXX82B
date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 794
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"0fecf0b28f515b77d7e8cc01e461c899-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7c4c98757d7a3674-FRA
link: <https://live.demand.supply/impl.v16.9.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwLw==>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 heading-background.png
cdn.cuty.io/images/public/ 95 KB
95 KB 24ms
23ms Image
image/png 2606:4700:3031::6815:4bd0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/heading-background.png
Requested by: Host: cdn.cuty.io
URL: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4bd0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6362924
cf-polished: origSize=107203, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96971
cf-bgj: imgq:85,h2pri
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
server: cloudflare
etag: "63b16742-1a2c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlSrtRb9xQ1fX6ljhtZdHWk%2FO9GT5hQCKlSin8b54f931GcuxhiJpe9WlhaTZ%2F0q7NnG7M3Q7PsNchkQMxb4lxAnV9TbpN1hqzB8UvjJhmuOYyDiX30aPsSWBdffNE283sME7Md3hkb7IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7c4c98754e383602-FRA
expires: Mon, 01 Jan 2024 10:59:14 GMT

GET
H2 200 ut.js Show response
asacdn.com/script/ 70 KB
25 KB 25ms
24ms Script
application/javascript 2606:4700:3037::ac43:c9d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asacdn.com/script/ut.js?cb=1683663127991
Requested by: Host: asacdn.com
URL: https://asacdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3275
x-guploader-uploadid: ADPycduPSlGvx6KuG814y_NxQc76_4C57zzOHU9bawXHRWJt7dKTbaHF9KaJs1Ns_f8wY6nMg1tV6x12H1E34G1ezNRUll-QOHuK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 24 Jan 2023 10:13:06 GMT
server: cloudflare
etag: W/"32cbc0400462d7cfabd88795319e259b"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1674555186374348
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=WRmDUA==, md5=MsvAQARi18+r2IeVMZ4lmw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPqCOsvug6AWwDA2bzE9t5AnAAab8Rf%2FgZnBVGBaAsroCuCkRWX9kROVtI6lh6HXLP%2Bm%2FHJUCWL5SUmERyw%2BVHmlyz5HhhlcM6jJthF%2By7Bc8doFH14GvCfUvRT%2BlZXQwYLqKywznN1h"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 72138
cf-ray: 7c4c9875fdcd3609-FRA
expires: Tue, 09 May 2023 19:38:50 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ 1 KB
1 KB 339ms
297ms Fetch
application/json 2606:4700:e0::ac40:6d19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=5890046&chmob=%3F0&cbur=0.5152943332382909&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&cbpage=https%3A%2F%2Fcutty.app%2FhSayON&cbref=&cbdescription=&cbkeywords=cuty%2C%20url%20shortener%2C%20shorten%20urls%2C%20best%20url%20shortener%2C%20shorten%20links%20and%20earn%20money%2C%20url%20shortener%20online%2C%20earn%20money%2C%20earn%20money%20online&cbcdn=asacdn.com&aggr=0&ts=1683663128023
Requested by: Host: asacdn.com
URL: https://asacdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820b047020b3f14655913ca9ba8f1ce5b7b09ec2f5ab4fdc5f12c3630b1b0a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpT4hoZrRwcc%2FHCW7uM8gld3xKXsVY9HeKyWdXINfXQdTg5%2Fix16VcveoPIMMNF4byhKJXLvQ9ODAjPSgY5LQ3qWg%2BgdNZieKSTxegp99GS%2FSef80o8BVXWvM6UREDPBAygS26QPJJ4NCBpoOZWINhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7c4c98766e8892c6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 115ms
36ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:05:37 GMT
x-content-type-options: nosniff
age: 309991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:05:37 GMT

GET
H2 200 impl.v16.9.0.js Show response
live.demand.supply/ 73 KB
24 KB 28ms
27ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.9.0.js
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ecccd34dc662e0f098d7aac79299f8b425c42abffa5eb59135f016eefe7c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZPW15X6H0FBGJ9Q8P6B9AQC
date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 342072
cf-polished: origSize=75394
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"0005eac41d279166020740d2c4788350-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7c4c98765e8e3674-FRA

GET
H2 200 Y3V0dHkuYXBwLw== Show response
live.demand.supply/p4/v16-2-0/ 591 B
482 B 59ms
58ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwLw==
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd44e67072f875c8fd8864392d7aaddd3b819c2bad9cbd4c15b80a83b478eff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7c4c98765e913674-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/ 408 KB
164 KB 131ms
46ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1h-hbVSJRMOQsmO_2qL9cO0z/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Origin: https://cutty.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:24:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167425
x-xss-protection: 0
last-modified: Mon, 01 May 2023 02:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:24:52 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 169ms
86ms Fetch
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.cuty.io
URL: https://cdn.cuty.io/js/public/links/first.js?id=d283d38a711a8751c0103864121763a6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47377
x-xss-protection: 0
server: cafe
etag: 17931474596576810823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 May 2023 20:12:08 GMT

GET
H2

200

invisible.js Show response
cutty.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/ Frame 6D99
Redirect Chain

https://cutty.app/cdn-cgi/challenge-platform/scripts/invisible.js
https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

24 KB
11 KB

11ms
11ms

Script
application/javascript

2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Server

2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78f5f266e2a083670bab8c88c74dae3b52805aa82cee2af3dfa5fb0e3d2a9c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83faVxRcM5AIXitCKE7t8r50LpZutmgMTzY%2FpAlihSgivQs7N0DsJ9TjsmxL%2FhnRgZvUFXIr%2Bv0KX%2Fo7p5Iclb0i%2Fraapeoer%2B%2BQcBiZBZ4BupQlRmb3duI8J8Wbf0dZQHQDqPTU8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c4c9876bca2929b-FRA

Redirect headers

date: Tue, 09 May 2023 20:12:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXZQGgANAGm5e4m8bhB3UWOASSFPSGU0%2Fr3s%2BggUdWliSDALHO1teqpA%2FHMAyR0v94qb%2FnxHyqzD3N%2BaeuDi732y02BLtt70q5iNWtiXCVoRCR9o6bVSGLepNdRqtbyIKQBHuoXvOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/b5e45436/invisible.js
cache-control: max-age=300, public
cf-ray: 7c4c9876ac90929b-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
533 B 40ms
22ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=162&cs=c&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:08 GMT
cf-cache-status: HIT
age: 435281
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c9876c9312bc0-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 231ms
126ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24cba754380a600b28819c7a2ddc71ceeb52c5b8b5ecdad0eddf2c8b43069e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24946
x-xss-protection: 0
server: cafe
etag: 775 / 19486 / m202305040101 / config-hash: 11134376994157229615
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 May 2023 20:12:08 GMT

GET
H3 200 Y3V0dHkuYXBwL2hTYXlPTg== Show response
live.demand.supply/p4/v16-2-0/ 4 KB
2 KB 131ms
130ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e424537f9d776d7aba6b83add84ba1e27a84fc176c31d728b987abb57ffb5d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7c4c9876ab8a9007-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
606 B 40ms
22ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GYKXK0HTK0HZ7WJE4YFJWTG7
date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1508673
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7c4c9876c92e2bc0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 hb.php
youradexchange.com/ut/ 0
440 B 173ms
142ms Ping
text/plain 2606:4700:e0::ac40:6d19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ut/hb.php?cb=0.6032909344630093
Requested by: Host: asacdn.com
URL: https://asacdn.com/script/ut.js?cb=1683663127991
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BityuWKnK4fHjzghlVI789RO%2FSQ2QGq2r%2Fs3eAf5muerubl93cxHG15fiIngqo%2Fg3aBmCRW3e%2Fbk8w%2BZ70anANbyOZ5%2BSEIRvE6yFVvOtMKNEk3Y8%2FyUErVkoFTyRuLwPUbVQPUVuPHxXo5XSIgFL%2Fc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7c4c9876ec603a49-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 73ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=45je3580&_p=1484567434&cid=1188267719.1683663128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683663128&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FhSayON&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cutty.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cutty.app_fluid_lb+sq_firstpagelastbannerad1 Show response
live.demand.supply/cp/ 29 B
392 B 225ms
225ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagelastbannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01b1f78ab9adef9bfa2ad9ac342f1a074972c0c6308323299e562887347e2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c4c9876f9852bc0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 cutty.app_fluid_sq_firstpagemiddlebannerad1 Show response
live.demand.supply/cp/ 30 B
392 B 154ms
154ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_sq_firstpagemiddlebannerad1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9836ed49c6618eb8b255a572fce58cd8ac0fdbb13a614cabc75f578472a23dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c4c9876f9882bc0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30

GET
H3 200 cutty.app_fluid_lb+sq_firstpagefirstbannerad2 Show response
live.demand.supply/cp/ 29 B
393 B 158ms
158ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_fluid_lb+sq_firstpagefirstbannerad2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c98bcd86e1ac4e882d901d6b8fe8eb33fdb7344eb4359fecdb661cfd9d4470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c4c9876f9892bc0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
499 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GW4MERZQXMWMV26K4DT22Q59
date: Tue, 09 May 2023 20:12:08 GMT
cf-cache-status: HIT
age: 1509360
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c9876f98b2bc0-FRA

GET
H2 200 pica.js
cutty.app/cdn-cgi/challenge-platform/h/g/scripts/ Frame 6D99 6 KB
3 KB 22ms
21ms Other
application/javascript 2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutty.app/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa6e7fa57fe8e5fc70257e682418c7130eeb2f23e850d1456b56380d9f78406

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHEzWeM8Z9vFSE9qRfXHgANpKRlTSA7l1iGWl%2FPb5i4buxHTtFIE3J5l8vd1TlLyxoEu3eEuL5EM080fjlChPHvHTGkkHQ0%2FiEEJFtauY83Qyz8nxVEaptl7VZwiDB%2FhbwkNU31A7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c4c98771d31929b-FRA

GET
H3 200 cutty.app_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
393 B 152ms
151ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/cutty.app_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997db76aea478b096f574585dff641c0bad98990430cb7d70e4f317963259c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7c4c98778a232bc0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

POST
H2 200 7c4c98749aba929b Show response
cutty.app/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6D99 2 B
504 B 29ms
29ms XHR
text/plain 2606:4700:20::ac43:4621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutty.app/cdn-cgi/challenge-platform/h/g/cv/result/7c4c98749aba929b
Requested by: Host: cutty.app
URL: https://cutty.app/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c4c9878eedb929b-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JREryPO809oAlWUeegI%2BTtrXGr4RLxik8qir0AsjsAuj928n8dudAVAziBRILHLaOrHDowoJa6oqAKzzlysBmtZ6PUeySWimpsIRvYSASmoNPBNPp59xzwjGQgp2GYqYIvN4M8dGrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_sq_firstpagemiddlebannerad1&pdc=0.46238404512405396&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:08 GMT
cf-cache-status: HIT
age: 435281
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c9878ebe72bc0-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
503 B 20ms
20ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&pdc=0.2205952227115631&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:08 GMT
cf-cache-status: HIT
age: 435281
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c9878ebec2bc0-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&pdc=0.3022400379180908&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:08 GMT
cf-cache-status: HIT
age: 435281
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c9878fbf92bc0-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 21ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_auto_728x90_sticky_display_bottom&pdc=0.0267650306224823&ucv=null&e=tcp&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:08 GMT
cf-cache-status: HIT
age: 435281
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c9878fbfb2bc0-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 18ms
17ms Stylesheet
text/css 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GX3G8GV4470C9FFCAWH91XVD
date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1685750
etag: W/"14c5381be186641471a926a081d90c88-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7c4c9878fdc49007-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
497 B 23ms
22ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=cutty.app_auto_728x90_sticky_display_bottom&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GW4MERZQXMWMV26K4DT22Q59
date: Tue, 09 May 2023 20:12:08 GMT
cf-cache-status: HIT
age: 1509360
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fa63a24c8b1ff57adc9b8a7e825bdde5-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c9878fbfd2bc0-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ 403 KB
125 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12437
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127480
x-xss-protection: 0
server: cafe
etag: 445900462459606666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 08 May 2024 16:44:51 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 575 B
326 B 150ms
73ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9596d4c076e5ad8998a8dd2ffe9d1e7c8d01ab81c92d00d935ea45f80594afd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Tue, 09 May 2023 20:12:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 136ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 132ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 280ms
280ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2145702941300804&correlator=4389948300604887&eid=31072878%2C31074172%2C31074437&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C9dac83f1-e85e-4045-b0af-8939d8cf8b9f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2191873836&sfv=1-0-40&prev_scp=ti%3Df583285e-98e8-4f92-add9-b33977276405%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D81&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683663128676&lmt=1683663128&dlt=1683663127841&idt=778&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FhSayON&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1188267719.1683663128&ga_sid=1683663129&ga_hid=1484567434&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1964c8b1802bad149086dbc095df3ee125645bde33fdf2fe46129fa112b1788a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11739
x-xss-protection: 0
google-lineitem-id: 6247069801
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430473260
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
44 KB 509ms
509ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2145702941300804&correlator=87638328382602&eid=31072878%2C31074172%2C31074437&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C4d3ee50e-9453-4613-a5ec-6919ef0a5e59&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=2&adks=1699392690&sfv=1-0-40&prev_scp=ti%3Df583285e-98e8-4f92-add9-b33977276405%26chrand%3Dy%26pof%3D0%26bid%3D0.22%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683663128684&lmt=1683663128&dlt=1683663127841&idt=778&adxs=411&adys=275&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FhSayON&frm=20&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=1188267719.1683663128&ga_sid=1683663129&ga_hid=1484567434&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3643ab7e04700352084a5745c504f6ca17f591808c62135ce9c926800e7d7cfe

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIWM2PWF6f4CFUfYuwgdCgEDwQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIWM2PWF6f4CFUfYuwgdCgEDwQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44784
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
8 KB 419ms
419ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2145702941300804&correlator=1045593560698522&eid=31072878%2C31074172%2C31074437&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cd2a5005f-627e-40a8-a0c9-92075b36f18f&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=3&adks=1212464216&sfv=1-0-40&prev_scp=ti%3Df583285e-98e8-4f92-add9-b33977276405%26chrand%3Dy%26pof%3D0%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683663128687&lmt=1683663128&dlt=1683663127841&idt=778&adxs=411&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FhSayON&frm=20&vis=1&psz=778x116&msz=778x116&fws=0&ohw=0&ga_vid=1188267719.1683663128&ga_sid=1683663129&ga_hid=1484567434&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

447e05626ca313ba1c3a460abf06130d9ff28e7549c701e0af9ab8e215020116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7929
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
580 B 383ms
382ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2145702941300804&correlator=3297061988455534&eid=31072878%2C31074172%2C31074437&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2Cbaf135fa-8002-4844-8cb4-6fdeec129911&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=4&adks=3101595882&sfv=1-0-40&prev_scp=ti%3Df583285e-98e8-4f92-add9-b33977276405%26chrand%3Dy%26pof%3D0%26bid%3D0.32%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683663128689&lmt=1683663128&dlt=1683663127841&idt=778&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FhSayON&frm=20&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&ga_vid=1188267719.1683663128&ga_sid=1683663129&ga_hid=1484567434&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53d314c81948ceb486ef38f51f977911f2dd7bdfdb7f15a5466cf990cdbe0f7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 550
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 93ms
92ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ff7d1b0572141603fe778eb0ce01b661919965696f04228ff3f213d7e1fd2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11221
x-xss-protection: 0

GET
H2 200 container.html Show response
8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A25C 6 KB
3 KB 170ms
46ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:08 GMT
expires: Wed, 08 May 2024 20:12:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 186ms
99ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 May 2023 20:12:08 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 68ms
9ms Script
text/javascript 2600:9000:2250:3e00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3e00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 09 May 2023 05:53:38 GMT
Via: 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 51512
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: Mo-JwYF5nwXA-6JNCNGXqfS0_SiVGXHjToKzoER0ZyjCmzk5Pvju0g==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 63ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 May 2023 20:12:09 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 56ms
12ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 05:55:32 GMT
content-encoding: gzip
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Thu, 27 Apr 2023 00:14:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 51398
x-amz-server-side-encryption: AES256
etag: W/"37e703da55f96b973658b8e7aeed0e93"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: SMrF3O9Xi2cvhNAct1HRT0yIfha4AyQEA2PNAqjZlXfgCPqPRBDFuA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 98ms
38ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: J7K7XSA2QRHD35WR
age: 2327
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7c4c987cb86430f4-FRA
x-amz-id-2: OiGpzVWlifYYKUjFeGZ8INMkJdz35dwCpdio/gv4VqsZYxJ8E2sLjlbUbDJ8YbdAz9KeuGyafMvE/Qd4oCazCg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 54ms
13ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
age: 25916
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 732
x-served-by: cache-fra-eddf8230096-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 75ms
16ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 19:40:22 GMT
via: 1.1 google
age: 1907
x-guploader-uploadid: ADPycds7vGwKZEunTjJJBF1clUjQRlgIR5NSz_NzjL9J7X3GpQeS9css4yuJHYHLbNsS10vxxMEX11u_vsE8QmwEgNU8ng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Tue, 09 May 2023 20:40:22 GMT

GET
H2 200 container.html Show response
8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6CC5 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:08 GMT
expires: Wed, 08 May 2024 20:12:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 27ms
27ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_auto_728x90_sticky_display_bottom&sy=2d88c55c-baf8-4d16-bc7e-aa942655758f&ts=81&cd=2&pud=162&pus=c&pue=349&pid=31&pis=c&pie=400&ppd=60&pps=a&ppe=429&pcl=418&ttc=558&tti=1348&ttif=0&lca=429&lcak=ppe&lct=429&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=f583285e-98e8-4f92-add9-b33977276405&e=lm&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:09 GMT
cf-cache-status: HIT
age: 435282
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c987c88982bc0-FRA

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A9B 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 16:50:00 GMT
expires: Wed, 08 May 2024 16:50:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5826 783 B
918 B 50ms
49ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64d9e87a065f18d759e95ba9f67100d438d0fd5962a709eeaf71fc648ed94088

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ol4S7_Vzs6QqDwnbRrelkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Ol4S7_Vzs6QqDwnbRrelkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:09 GMT
expires: Tue, 09 May 2023 20:12:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6CC5 24 KB
7 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 298320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 May 2024 09:20:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6CC5 2 KB
557 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82fc44d47488df64278445c8fd1f9bbf3b97c98d19d9d4ae4976c7c28840f1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 20:04:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H2 200 4374473173132342163
tpc.googlesyndication.com/simgad/ Frame 6CC5 48 KB
48 KB 42ms
41ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4374473173132342163?

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:02:31 GMT
x-content-type-options: nosniff
age: 342578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48986
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 23:06:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 May 2024 21:02:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CC5 169 KB
53 KB 152ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 671F 15 KB
6 KB 52ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=cutty.app

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 483156
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
501 B 22ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_sq_firstpagemiddlebannerad1&e=nai&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:09 GMT
cf-cache-status: HIT
age: 435282
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c987cf92c2bc0-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 49ms
47ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 48ms
47ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cutty.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 386ms
386ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2145702941300804&correlator=680406748631745&eid=31072878%2C31074172%2C31074437&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&iu_parts=44890869%3A22850961386%2Cca-pub-3831894559014614-tag%2C213b6c4c-1021-4d20-bffc-f3f3b46db672&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=770x280&ifi=5&adks=2440930281&sfv=1-0-40&prev_scp=ti%3Df583285e-98e8-4f92-add9-b33977276405%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D81&eri=1&sc=1&cookie=ID%3Db716b79cbda1b6a0%3AT%3D1683663128%3AS%3DALNI_MaC9HlxQ5ShHQR_Os8pooHBUrjwPw&gpic=UID%3D00000bf8bb8fb7ac%3AT%3D1683663128%3ART%3D1683663128%3AS%3DALNI_MYejhINsR8k4eN1trAFfZvc3hGu3A&abxe=1&dt=1683663129121&lmt=1683663129&dlt=1683663127841&idt=778&adxs=411&adys=434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutty.app%2FhSayON&frm=20&vis=1&psz=778x296&msz=778x296&fws=0&ohw=0&psts=ABHeCvgpgS-rfug_UMgQssuM2_qcNFBcmIN9Ml-N252V4Wg6usWbOV0mXh3RPMwQ_mjbDNoCcZBNmLe1aN0-hYiHJxvV&ga_vid=1188267719.1683663128&ga_sid=1683663129&ga_hid=1484567434&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYsJOSkYAxSABSAghkEhkKCnB1YmNpZC5vcmcY-pOSkYAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGLCTkpGAMUgAUgIIZBIXCghydGJob3VzZRiwk5KRgDFIAFICCGQSGQoKdWlkYXBpLmNvbRiwk5KRgDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLCTkpGAMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839a722ba553fe0c74d621b328437f58aa87942aa2d3c0ee8c37cf1217f21996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11407
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutty.app
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 98ms
31ms XHR
application/json 18.203.208.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.208.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-238.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bde52f8baa14e0c7f49605c286212a448576de1d030357150ea1e06c0a163d90

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cutty.app
cache-control: no-cache
x-server: 10.45.29.117
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 container.html Show response
8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 215E 6 KB
3 KB 38ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:08 GMT
expires: Wed, 08 May 2024 20:12:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
502 B 21ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.15&b=2&r=cutty.app_fluid_lb%2Bsq_firstpagefirstbannerad2&sy=2d88c55c-baf8-4d16-bc7e-aa942655758f&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=f583285e-98e8-4f92-add9-b33977276405&e=lm&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:09 GMT
cf-cache-status: HIT
age: 435282
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c987d297b2bc0-FRA

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 34ms
33ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: c5fb3479003b55bec0bb9a118d7d005da4f5fe23857aaf14d7af30899170bf3a

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: e3aa0d2c8292e6b1a59bb6ebaef9193b
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 73ms
34ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cutty.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://cutty.app
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 09 May 2023 20:12:09 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: cc7d433027f3cb90e01c82061f701db4

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
318 B 33ms
8ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cutty.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cutty.app
date: Tue, 09 May 2023 20:12:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CC5 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2EerDZ1UC-94hqKioi5qj6hrPFYvryFEPXXphE9KT6QKvI8DPv-FbvsJe8wlnRYpZbTEvm2ltRJgoGNTQk3_ocNiaizFndwfNTm_yrZfBR3T0sy0eORJFK_Vhf6dPszwIDxf4dsXaV2S9_giBxLdTRPR23SVA4J7oNdjAlLz7P9ppQRFxLtDtxKugrbOPcCsRT5FimVO3hrvADxWctJSWGzCzdfhvS-8pSHboiRLeNccc-BD7RsBgEvlgyUkoejGN-QTRDcclQp_AIwpilemORPgJafu2EoUfOpKS17w9uPzGJ0LjRRPdJ5ivLZJx5m7O93Tsw1dGo3s8Q25x9oRFM7RhlK9OxLU67wq61mnCR7ork5dyPuyJVH2lm2cuq7YK&sai=AMfl-YRT48iefVZbMOccWwB-ZDlo3tqTieyxOEHlrukq3fn03y90xJnEguT6PyKYtcWG9_09oTRCe3jpIBSjEK2F9e0LKGYSIteedqzt6AZ8GnREdggbxxfOx0ys0Q_4DWDU5KB5O0SOr79u3jGoMLcK&sig=Cg0ArKJSzAY2HpVHLRcgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 671F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=cutty.app&sn=ChromeSyncframe&so=0&topUrl=cutty.app&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YnUDv3xSQmlObytBTy9MR0htSnFzR2ZTOEQ1a0h0MVBuK2NMWVVDUitWdThzQmYybTBsQUIrU0FwU1lsbGswSUVNMFJuZURibmd1ZFRzUkRaR0tockJnZDVxcU1aTERaMExUczZMUjg0cXQ1VFBJb0FCaUpEMlVudmNxb0...

447 B
654 B

79ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YnUDv3xSQmlObytBTy9MR0htSnFzR2ZTOEQ1a0h0MVBuK2NMWVVDUitWdThzQmYybTBsQUIrU0FwU1lsbGswSUVNMFJuZURibmd1ZFRzUkRaR0tockJnZDVxcU1aTERaMExUczZMUjg0cXQ1VFBJb0FCaUpEMlVudmNxb0JWZGJxZVFiMG9lenRvbmEzS2lQSWxaWFpFVmRLbDJsZy9DUjlFaHc4ejVKZUh3ZitzblpQVGRGb20vRDByOGdtdVVJTFRaNUk4dlU2RHkrS3VOUGpTQ2lod3BMZVE0dEpmK1JPOXNkMnRNeGJRR005empwblROWEViL1ZleWtscjUydytCRkNmWkJtZHRIUEUrSy9wSDIvelJhRjdYUT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14c10dbcc90dedd83cefa5e57bc5d4fc6725f40a573999fa94124eaeeac559fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 9171830
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YnUDv3xSQmlObytBTy9MR0htSnFzR2ZTOEQ1a0h0MVBuK2NMWVVDUitWdThzQmYybTBsQUIrU0FwU1lsbGswSUVNMFJuZURibmd1ZFRzUkRaR0tockJnZDVxcU1aTERaMExUczZMUjg0cXQ1VFBJb0FCaUpEMlVudmNxb0JWZGJxZVFiMG9lenRvbmEzS2lQSWxaWFpFVmRLbDJsZy9DUjlFaHc4ejVKZUh3ZitzblpQVGRGb20vRDByOGdtdVVJTFRaNUk4dlU2RHkrS3VOUGpTQ2lod3BMZVE0dEpmK1JPOXNkMnRNeGJRR005empwblROWEViL1ZleWtscjUydytCRkNmWkJtZHRIUEUrSy9wSDIvelJhRjdYUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 386111
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5826 0
0 219ms
141ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305040101&jk=2145702941300804&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v19/ Frame 6CC5 18 KB
19 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:27:26 GMT
x-content-type-options: nosniff
age: 269083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18852
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:09:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:27:26 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 646D 624 B
670 B 160ms
78ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVbqHDx_Z82eiPs3lzLmWOmsW6C-chxg20-9flwxHQCHlPBCn2lrcLUIvsygwqUGAno4428NZZXxGBpTyFwk4hoRHHvo1_jsMAd1LujW1lAQTk-eAvdAKItJcI29J6HxZvg66j-nRR1LzEg56gAA-0fYjfxWpM2yzcBka2T7J0ikaXIopR-4K4ST6lTLN5UELe7tl3DPVUJpl_9-T__b8F7TmF1Fg

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:09 GMT
expires: Tue, 09 May 2023 20:12:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3F2E 78 KB
27 KB 179ms
121ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 3F2E 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 18:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 18:44:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 3F2E 19 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 18:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 18:44:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F2E 169 KB
52 KB 81ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F2E 42 B
63 B 197ms
140ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLwyuUWbDWkXVKbbx1LOPXPXTr3Dc1vNVQ7yOYW2WbT-hIswRJGcfHDsOc0rgU1ijMCI9pGp_emn_IH4xikn02oKHRfyCyrhCP_uATc2OxnRXqBbo

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F2E 0
20 B 195ms
138ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10264620778794303579&x=1&ct=76

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4AE 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:08 GMT
expires: Wed, 08 May 2024 20:12:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 26ms
26ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.22&b=2&r=cutty.app_fluid_lb%2Bsq_firstpagelastbannerad1&sy=2d88c55c-baf8-4d16-bc7e-aa942655758f&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=f583285e-98e8-4f92-add9-b33977276405&e=lm&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:09 GMT
cf-cache-status: HIT
age: 435282
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c987dca762bc0-FRA

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A9B 38 KB
15 KB 71ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 3926 4 KB
1 KB 36ms
35ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 17:33:38 GMT
etag: 11900953634711111692
expires: Wed, 10 May 2023 17:33:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B4AE 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsUKwGKlaZIWgLsew7_UPioKMiAyc0IqtcNKSiJzMDaGQwYiRDhABIJWbyiFgleKQgqAHoAHqr-iYA8gBCakCuEm_tTNnsj7gAgCoAwHIA8sEqgTaAU_QyqQlKRKNhEtdBN3c3oYPLP_fawxptQjkZy3sogc5wDbNOTwtP3uQnhjuHTNspvTe9ATXJyw-zKk87Cs7XdOo0HZ5pXgMT5XfzA-qWK1j1Ul1P8YqK2FCDDY6PowDaUn2wociwdexWa5cs1B6uu7YtSEveIbyp2aOrb1DuRVf_SNTGWX7uux9xuVOO2PZkFdqzrj5bgqqk24XUiI0TW9_NX-WRxriltwc9kpZrBfpJt5Rh8Eabp0SFL3he7KbCB8FXe4-N9mN1waKfw6RSiq3B5QQRQYHLSSPwASn74TrtAPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_s-XZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCBlxPSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMCiBQC0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=vJyUYQEdbL4&uach_m=[UACH]&cid=CAQSSwBygQiD7drvF0gWVkJbIHN0qUJHfDKThjsCrfwlb9YM4a0XEagRU8LjRzOreWR9XcZNrVZBlB926cccUFDGWrGRJZQPgzjOLYr-qRgB&template_id=494
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/ Frame B4AE 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/abg_lite_fy2021.js

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 18:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 9540740394202920180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 18:44:59 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B174 143 B
383 B 36ms
35ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:09:41 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame B4AE 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 18:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 18:44:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame B4AE 19 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 18:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7958
x-xss-protection: 0
server: cafe
etag: 8677084837583379376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 18:44:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6CC5 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyV_4b68F55UCdhXvZ60KlRzfZ7IUVRwoGU8sOA05gVyK0E1rB6EHjrwzcYBrn_Hud3uhzbppkZ0iDHvHDwE0deRRM5x6kghLYHWrAgzg0RLJwdmYbUI8PkCZRP4ijzqJneTAwMboUEKmNBWrm35XG7VROJ9rNavyXx_mTQ0UMIz-L9xmRQOcyLSe7jVxtyXQs5USx4sHCLR6qaVbiNiSRgdyy5gfIG46t5fZu4DgV6T4FwZXGWHXCZOmjDdCh9xHiJveUXpWG8B239maFDAyftKr45nJvwdK1_tYGdVrdAYXp6iCzgTdm85E2deoxCSAHf5c6tUsQHAeXQFG0nU_WlZM2MDNzNW6oAg8gA-rhRy7BNgcyR6UOWy27bOgwavq5cPk&sai=AMfl-YSlCDnDE4xTFPC0SyNtFoshLqakwHgSR67UrwAvU9D1EJO8084wazrHbsG1pXPzh7lTSnPFjWlkB1UEfBxRVIkjCiF9cz06aLgwns17Pd9oD4eL1972Re1r06uRfY8hZyc2BglyP0-heMT1uCx5&sig=Cg0ArKJSzPJ3whWWLKsjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3926 74 KB
25 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 02:05:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 10 May 2023 02:05:41 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 3926 199 KB
65 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66166
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 09 May 2023 21:14:11 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame 3926 11 KB
2 KB 38ms
37ms Stylesheet
text/css 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 05:37:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 10 May 2023 05:37:49 GMT

GET
DATA 200
OK truncated
/ Frame 6CC5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0e08da6ba96c6d610eef10a80e2e3ce80c26f3992394632d136dc8870206f60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 646D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVbqHDx_Z82eiPs3lzLmWOmsW6C-chxg20-9flwxHQCHlPBCn2lrcLUIvsygwqUGAno4428NZZXxGBpTyFwk4hoRHHvo1_jsMAd1LujW1lAQTk-eAvdAKItJcI29J6HxZvg66j-nRR1LzEg56gAA-0fYjfxWpM2yzcBka2T7J0ikaXIopR-4K4ST6lTLN5UELe7tl3DPVUJpl_9-T__b8F7TmF1Fg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 20:12:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 646D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFqpGdYJdM-RAdraPsaOXwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1

43 B
766 B

15ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVbqHDx_Z82eiPs3lzLmWOmsW6C-chxg20-9flwxHQCHlPBCn2lrcLUIvsygwqUGAno4428NZZXxGBpTyFwk4hoRHHvo1_jsMAd1LujW1lAQTk-eAvdAKItJcI29J6HxZvg66j-nRR1LzEg56gAA-0fYjfxWpM2yzcBka2T7J0ikaXIopR-4K4ST6lTLN5UELe7tl3DPVUJpl_9-T__b8F7TmF1Fg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 20:12:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEuGAMylM39LB5arRsD-9zQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 646D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMSeei3wo50WFpZ5sEqlrBY&google_cver=1

43 B
1 KB

17ms
16ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMSeei3wo50WFpZ5sEqlrBY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVbqHDx_Z82eiPs3lzLmWOmsW6C-chxg20-9flwxHQCHlPBCn2lrcLUIvsygwqUGAno4428NZZXxGBpTyFwk4hoRHHvo1_jsMAd1LujW1lAQTk-eAvdAKItJcI29J6HxZvg66j-nRR1LzEg56gAA-0fYjfxWpM2yzcBka2T7J0ikaXIopR-4K4ST6lTLN5UELe7tl3DPVUJpl_9-T__b8F7TmF1Fg

Protocol

HTTP/1.1

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 May 2023 20:12:09 GMT
AN-X-Request-Uuid: c5782c9f-b6c2-4990-92e6-14633817a5d4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.151; 185.213.155.151; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMSeei3wo50WFpZ5sEqlrBY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 646D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MTMxMjQyNTAxMjczNzA4MA%3D%3D

170 B
243 B

45ms
45ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MTMxMjQyNTAxMjczNzA4MA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 May 2023 20:12:09 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.151; 185.213.155.151; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a414731a-bca5-4a35-9874-d9a23ea852cb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MTMxMjQyNTAxMjczNzA4MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B174
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
147 B

46ms
45ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:09 GMT
expires: Tue, 09 May 2023 20:12:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 20:12:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4AE 169 KB
52 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53510
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683545318771348"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 20:12:09 GMT

GET
DATA 200
OK truncated
/ Frame B4AE 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ea1b748f6f28c52a60099f230a9f1411b84547b5b8afeffc32dea87fe73989d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F2E 0
20 B 140ms
140ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6125657309439&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F2E 0
20 B 138ms
138ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6125657309439&version=m202301230201&ct=76&x=1&cor=10264620778794303000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3F2E 84 KB
35 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeCGk7sdyvQCscwqstwwhcDcdySwBsAdkFXWsD1KycPzkf_qrfAvaonh3Xl-CoYqsAyBkEIiI7IP3tMYMBudnSFbxURA&cry=1&dbm_d=AKAmf-CClrsVmEndM8-BrZFLTiqalPnKmJGJtPghRgfRNLW9t2mUoQXI-S74k7vRBzED0gD5IAP9Kn6VFQmFacuWHfHA513iKKJ2AjY92sGHWGWD7Wc5xVqcT6K2CWYFfL1VbMqXafsxKSR7UqTT7TuYAe1t8HWVq_AriPzG_CrDaCcaPiD9QUEwNdV8do512trw17z1B6lyGOwF_VOp6DqauHt_PbR5VANe2i1FC1_t9vUKYJTEzPkaWzu2zFDKngbFWLO3lk2TM8JAaqOAiVF7GOj-nLJEGxuUWZ_4ma-6MaAU3a0y_P2BlW3TWk2mSB8bY0SlF2CAqduzfEOgF_51IP0nHvakyq0VeiX2tInvqEWRV9ITjQU0rK6iIii-EhHpwrI6YTbYPmOslygfcRIzGnP7kYCkfkkl3QdseU6zBCbf09f8w1NF1V_JH3HPcUVYpPqSMXxgW_YeXL1auU8i_VdlOsUHtl74tbNZJ9cg8WJUDfGI3ReBkECPlQZho7wu2LixyyXwVk2SSTLB0AYePWlp9WzAiJ7OiJ7Jls2sgG68A1HdzzMriEPWNHMWmEKYeyiZa2kJExHYcW9icmVvXSOYP8jHSHsB4yRsVXcqh-1WvjPDOuRQgpdaa2uEtCjHlYaswdLPuYecP0jFq4RC86DNMBWLn9xHUQ9KwYoOmEiAkgFCoU_f92yL7w3hUg56wsUous-zb7K4k7LQzAPBlcyAs49zdZ539Gc72khIQ09KZ6gc8L4YUS_d4cD9EU9SbOjNQGcQaWBaCbOrfMyAKvevASQRhwRWgmd42YJBaR0a8Og-KJsZUxzJlIKlOjNs-jD934foXjZ5LtbYyka8yH0DVgjHfoUreFC78TtsqDVmvL4UdFD_cJYc5WBJYqcViU_3AYC7QpBXubGcCEOFDL_SLibiZwI5Ml1WDXyT5u7nH6xrrPyuq6zdpJOzSTTI0pCkcMgBiHN54V30NA1cklWN6cl_9p8_Vcd799b5dT7-YGmwqno53Sa7GdPXpSogPsRO2vssr7ZoGP3WlGd3r6QgohYgu05qoLJ1-XZE0TkP6ie00uycCxXboA9pNRHsG8oTjKk77cfjWJQ5XIcTKVOmE-js6XjkKAYCkCZ3a1LkdAYfBVPP3EvJVB_87d9GzEDg1-EHBP-8bFDPn5h8eMmcoi4CfbUa8c36YU-zA0CC6KSBk7rEMJZ6XRcXFEvrEZIEotFUF2idE3NJXNnC7iNOT35buKv3FSwBMiEOo1wie_nEoLPQ-p7cEJEBCMESGFmvgnjPxN6WVPNJE1zvLtq96Gs5JFnzfi9_7RztvgzRIkiwudCkAIyW6qc74HpjXIqyYzG31qNzdyrEu5UnzybsYSjG2T_RvOwRP5Bl_lyctFOy9htKdeviTBe27elgnASKJncD9ObeV4_eojInzJs4Aut9nF6TIvoIb81phoITC3J1_FtvDZ_Sj5tlhfK2z2nhXJLmgNHs4LoA6nY0mD4SLQXhN8-cJi2G5QUsC9nFIbfuqLu9PVvHcEmcwdHRaC4f-Lxh2eYjTGXLt3yVermokjvOzb35LwTGq4_stel8ZfqXNOjkZXAku4vFaZXUnKVMto2L0Carf146vUyrlPErrUuDp345NTAEY6jr-SMKkIQsbJAZ2rcCfB92s0UzsXZGzmeL1ICzwNlBkX6__FOLkqIJkbeswiolWhb9JLNIsF64NEUmPsNcg3tvPaFBZjvUNlN3K4LOngOoUELpKY_DR7RZVwX0vuB7TrNTBL3MoXSpknzhw6fR468Fbk1IUr3iSDKKd-BdFmskg53mVbcAPeMMiLfLvTvOVUALTzmXW_hhALPGs1Ka8z8QxF0fy48v8X9yInvBs-4vvZtEH1rqnrYdS0q7Ofag_tUC3bCJJmajAJwHgQp2Y1SwL_SjNg0IAwDCOX18U6IMyJZrr5yLD9zdyCipet6ByADLS26V88HcPwbjNgUFAbJk0gHk-FhN7x5tWlJTrQsCJ5Jj0PXBafq7T4wBcXQ6Mm8r8F5p_de5Uzbh7732sepIuzWy14MUa5NxWzHIVyX2w3ZiEa2aOjRq2f5d5V3gwbGH8Hx5Pp0Hjzsu0o4anhic9qa-ePktNz_9pl4eHbh4opPsoqn2gn0PGl8D0DyK7_NjNGoQPdyZuq7wjA7fluqssvCK7IFzydrCjAIwy9fN01CkPnnApN50PiCONXOEmfm5t3z82pBhKgQsNAfYDuv-IIlxJWH9OPSK8NFEvp28cJec9vmLZCowQJ-lYlbunH3qfhuAMSKFpqCi1kfjGQ8ppufDjI08-hkTaUmsGUoqkRLjZTfPwbawi7DhfKhEFubZ0nQr3JJrjll3Jv_Xd0m4AvTQyd84uAC8eKBkDFArBP4ijwrNYc1-wraFb-3McVZtt4ek_siJFYFCVbk4NhUZxpDH2HmnhdKZkBnzeQarGRXBMPQiC1NgiFq40T1Re5HDl2qGfJDI4V7gPGWQksxGdN5iTBniWwHN4JkRyJ95AY_30bCjLVgnJVnq4aFn0Syy1ka1uywDpZCChX0-rXspV5Z_sRsTEdz8AzG8YhxyCoCiThljdmErTqFiGXFidOUpDjKfhURJdWfCTlW_AFsdTz3hP0ctEEaY3AgZpNgVvL4LJrOj4Ojauh7ZnFZUY2X-j9fRCUFRiKUxXRTgjpbtZyP6GyOFPrqPmgOljVVVA6qhfP1O-lHpEcxjUjw4PDdiKS1tp9kVHUg3ZMPIugO1N1F7ivPgNz76ceyPg55Q0WBCVvn-Mh2rOz9TEPo5sJC1RtbsX4uKosWKdz1oIweAso5juZFKJifKVAjFTdEvTe43BIgznyZtHeVuBbCUdIG7gZnPsZokoodS5NwINNH-L3SagO-y5q2vgdyA3DgRNMQ8G_lrx__ABJttkP8VWneThNcRSpye-_sWKsF7DF63_3zIvrtZRacVl7gAy9GHdiF5oDxH8Am3mo578_Ue3j1b-D7NV1qKRPlZ5SLGqiCpHpC68M6Z5s7FUk53RApYWnX7lRd_wIs7eJjRLiGpqr083a0o-Z7QeJcfWouQjmqfal4D4unsWSe-w8qMIve9DykSj5BND6KzduN9j01JnyqbRgU9ePn3GsMXed1b_mtWMRSLgQY-ZmIxJRk6JT--9nHkGTd0rwQ5R22au85mDYoNPy0lPxBD03p1vve90GTV3GLcwncrOzug8ujjzB6q7XOOl-Ng7aDqNqZVJJaVX72bpJRSx3DkNYnCmb2lYD4H8bks6_98vkvu&cid=CAQSTABygQiDsTKpTmlrjwbVzVwOAAZirKgpq_vAkDImDsdXbtd2LgAFyQWNI7WQM0SiTVeDIoF6JYFwi3zHvhyPl-kUdsVKnJtYWh7gswQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fcutty.app%2F&ds=l&xdt=1&iif=1&cor=10264620778794303000&adk=929882891&idt=193&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6e4c271330c4e229a6e7d69a4dc4fd9fe2d01257fc49205fe1f8d724b8f4c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36105
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3926 34 KB
13 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 01:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 10 May 2023 01:47:45 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304262219000/ Frame 7AB4 222 KB
61 KB 159ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 90102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61839
x-xss-protection: 0
server: sffe
etag: "ccf36922213b3ec5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7AB4 15 KB
5 KB 223ms
101ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 90102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5222
x-xss-protection: 0
server: sffe
etag: "4fd619331b8f64df"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7AB4 94 KB
28 KB 226ms
105ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 90102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28884
x-xss-protection: 0
server: sffe
etag: "6451d33588c99856"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7AB4 5 KB
2 KB 246ms
125ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 90102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "83933b769a9f5701"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7AB4 40 KB
13 KB 240ms
119ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 90102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12938
x-xss-protection: 0
server: sffe
etag: "3f9bab308b30f46e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
DATA 200
OK truncated
/ Frame 7AB4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1093a042d8d8c9ed801aefd58366aa40a8b0ce55df696e874f5a565d564cf163

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 13138954983568602287
tpc.googlesyndication.com/daca_images/simgad/ Frame 7AB4 138 KB
138 KB 37ms
36ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13138954983568602287

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9507a28353a0f58ce8c8b7f6174e80d03d5247d7fe3c1e407b740c87f1644dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 23:02:01 GMT
x-content-type-options: nosniff
age: 249008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141763
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 07:04:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 23:02:01 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7AB4 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 22:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 77276
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 09 May 2023 22:44:13 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7AB4 295 B
319 B 41ms
40ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 21:21:48 GMT
x-content-type-options: nosniff
server: cafe
age: 82221
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 09 May 2023 21:21:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7AB4 0
0 46ms
45ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPD17cAKXbLFiu3OvyV11u9Rfkvwu8wOdNHiM7-ioQ2J6ioj5TCa8hcQurl0dSjvCHXC9uqYw6fol3-NfUnRs8Mvt6Tg
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7AB4 0
0 93ms
92ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtTy3GalaZMWnCpmJ7_UP7r-JkASd3Pfzbqu_x9v_ENnZHhABIJWbyiFgleKQgqAHoAHL9N_8AsgBAqkCRJ48YiGlCT7gAgCoAwHIAwiqBOIBT9DB-qnqqLkE84jjHJfGOJM4c3p7TWxTRMb3Tdt_dK3e91apXiUpzbrH9f3MdBAZHERgNQ8H43G51FId29IfOZWSuFu9Ba3aQgLgxzBcnLYK8OESbD6J7Np-fvV--QXOpDu-IFueoHrFvp_M8aoAkfYYmp38Ff7ezamQcZiMTfKKZViMOXUdxvN7bhTFHvmX27AsCpVYkFWdbXCNHKULIqYo_40E2XubKhGlE-rxjxUIQ_VGFuwXsw_B3NpFZ_cW90A1nZcFIQ6Y5jhk8YEbELcvwvCiav8AnTRvo4_1yHPmdMAEi6vVvKAE4AQBkgUECAQYAZIFBAgFGASgBgKAB52LoIMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ_r4C0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=T2CjfVQAAAc&uach_m=[UACH]&cid=CAQSPABygQiDmP6RE-nJx3nnK22nS_ywHQybXE5qa-j4KMW33RbJ4wE-3woOY24B6KspXY3ZzgSuvQZ7-LrqMxgB
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
499 B 23ms
22ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=cutty.app_fluid_sq_firstpagemiddlebannerad1&pn=2&sn=3&pc=0.46238404512405396&ds=true&e=wdp&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:09 GMT
cf-cache-status: HIT
age: 435282
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c987f9d322bc0-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=cutty.app_fluid_sq_firstpagemiddlebannerad1&sy=2d88c55c-baf8-4d16-bc7e-aa942655758f&ts=81&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=cutty.app&mlre=undefined&mlin=0&mlsi=770x280&mlbw=4g&mlcs=NaN&mltp=f583285e-98e8-4f92-add9-b33977276405&e=lm&dsReferer=Y3V0dHkuYXBwL2hTYXlPTg==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.9.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nf-request-id: 01GZ664E33BPA9BNHAJTXFC6CG
date: Tue, 09 May 2023 20:12:09 GMT
cf-cache-status: HIT
age: 435282
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "f6f92f181d318e0fd938c596d106593f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7c4c987f9d352bc0-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4A9B 0
11 B 40ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2u2Rhw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3F2E 106 KB
37 KB 117ms
36ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
Origin: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 May 2023 09:20:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/elements/html/ Frame 3F2E 11 KB
4 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeCGk7sdyvQCscwqstwwhcDcdySwBsAdkFXWsD1KycPzkf_qrfAvaonh3Xl-CoYqsAyBkEIiI7IP3tMYMBudnSFbxURA&cry=1&dbm_d=AKAmf-CClrsVmEndM8-BrZFLTiqalPnKmJGJtPghRgfRNLW9t2mUoQXI-S74k7vRBzED0gD5IAP9Kn6VFQmFacuWHfHA513iKKJ2AjY92sGHWGWD7Wc5xVqcT6K2CWYFfL1VbMqXafsxKSR7UqTT7TuYAe1t8HWVq_AriPzG_CrDaCcaPiD9QUEwNdV8do512trw17z1B6lyGOwF_VOp6DqauHt_PbR5VANe2i1FC1_t9vUKYJTEzPkaWzu2zFDKngbFWLO3lk2TM8JAaqOAiVF7GOj-nLJEGxuUWZ_4ma-6MaAU3a0y_P2BlW3TWk2mSB8bY0SlF2CAqduzfEOgF_51IP0nHvakyq0VeiX2tInvqEWRV9ITjQU0rK6iIii-EhHpwrI6YTbYPmOslygfcRIzGnP7kYCkfkkl3QdseU6zBCbf09f8w1NF1V_JH3HPcUVYpPqSMXxgW_YeXL1auU8i_VdlOsUHtl74tbNZJ9cg8WJUDfGI3ReBkECPlQZho7wu2LixyyXwVk2SSTLB0AYePWlp9WzAiJ7OiJ7Jls2sgG68A1HdzzMriEPWNHMWmEKYeyiZa2kJExHYcW9icmVvXSOYP8jHSHsB4yRsVXcqh-1WvjPDOuRQgpdaa2uEtCjHlYaswdLPuYecP0jFq4RC86DNMBWLn9xHUQ9KwYoOmEiAkgFCoU_f92yL7w3hUg56wsUous-zb7K4k7LQzAPBlcyAs49zdZ539Gc72khIQ09KZ6gc8L4YUS_d4cD9EU9SbOjNQGcQaWBaCbOrfMyAKvevASQRhwRWgmd42YJBaR0a8Og-KJsZUxzJlIKlOjNs-jD934foXjZ5LtbYyka8yH0DVgjHfoUreFC78TtsqDVmvL4UdFD_cJYc5WBJYqcViU_3AYC7QpBXubGcCEOFDL_SLibiZwI5Ml1WDXyT5u7nH6xrrPyuq6zdpJOzSTTI0pCkcMgBiHN54V30NA1cklWN6cl_9p8_Vcd799b5dT7-YGmwqno53Sa7GdPXpSogPsRO2vssr7ZoGP3WlGd3r6QgohYgu05qoLJ1-XZE0TkP6ie00uycCxXboA9pNRHsG8oTjKk77cfjWJQ5XIcTKVOmE-js6XjkKAYCkCZ3a1LkdAYfBVPP3EvJVB_87d9GzEDg1-EHBP-8bFDPn5h8eMmcoi4CfbUa8c36YU-zA0CC6KSBk7rEMJZ6XRcXFEvrEZIEotFUF2idE3NJXNnC7iNOT35buKv3FSwBMiEOo1wie_nEoLPQ-p7cEJEBCMESGFmvgnjPxN6WVPNJE1zvLtq96Gs5JFnzfi9_7RztvgzRIkiwudCkAIyW6qc74HpjXIqyYzG31qNzdyrEu5UnzybsYSjG2T_RvOwRP5Bl_lyctFOy9htKdeviTBe27elgnASKJncD9ObeV4_eojInzJs4Aut9nF6TIvoIb81phoITC3J1_FtvDZ_Sj5tlhfK2z2nhXJLmgNHs4LoA6nY0mD4SLQXhN8-cJi2G5QUsC9nFIbfuqLu9PVvHcEmcwdHRaC4f-Lxh2eYjTGXLt3yVermokjvOzb35LwTGq4_stel8ZfqXNOjkZXAku4vFaZXUnKVMto2L0Carf146vUyrlPErrUuDp345NTAEY6jr-SMKkIQsbJAZ2rcCfB92s0UzsXZGzmeL1ICzwNlBkX6__FOLkqIJkbeswiolWhb9JLNIsF64NEUmPsNcg3tvPaFBZjvUNlN3K4LOngOoUELpKY_DR7RZVwX0vuB7TrNTBL3MoXSpknzhw6fR468Fbk1IUr3iSDKKd-BdFmskg53mVbcAPeMMiLfLvTvOVUALTzmXW_hhALPGs1Ka8z8QxF0fy48v8X9yInvBs-4vvZtEH1rqnrYdS0q7Ofag_tUC3bCJJmajAJwHgQp2Y1SwL_SjNg0IAwDCOX18U6IMyJZrr5yLD9zdyCipet6ByADLS26V88HcPwbjNgUFAbJk0gHk-FhN7x5tWlJTrQsCJ5Jj0PXBafq7T4wBcXQ6Mm8r8F5p_de5Uzbh7732sepIuzWy14MUa5NxWzHIVyX2w3ZiEa2aOjRq2f5d5V3gwbGH8Hx5Pp0Hjzsu0o4anhic9qa-ePktNz_9pl4eHbh4opPsoqn2gn0PGl8D0DyK7_NjNGoQPdyZuq7wjA7fluqssvCK7IFzydrCjAIwy9fN01CkPnnApN50PiCONXOEmfm5t3z82pBhKgQsNAfYDuv-IIlxJWH9OPSK8NFEvp28cJec9vmLZCowQJ-lYlbunH3qfhuAMSKFpqCi1kfjGQ8ppufDjI08-hkTaUmsGUoqkRLjZTfPwbawi7DhfKhEFubZ0nQr3JJrjll3Jv_Xd0m4AvTQyd84uAC8eKBkDFArBP4ijwrNYc1-wraFb-3McVZtt4ek_siJFYFCVbk4NhUZxpDH2HmnhdKZkBnzeQarGRXBMPQiC1NgiFq40T1Re5HDl2qGfJDI4V7gPGWQksxGdN5iTBniWwHN4JkRyJ95AY_30bCjLVgnJVnq4aFn0Syy1ka1uywDpZCChX0-rXspV5Z_sRsTEdz8AzG8YhxyCoCiThljdmErTqFiGXFidOUpDjKfhURJdWfCTlW_AFsdTz3hP0ctEEaY3AgZpNgVvL4LJrOj4Ojauh7ZnFZUY2X-j9fRCUFRiKUxXRTgjpbtZyP6GyOFPrqPmgOljVVVA6qhfP1O-lHpEcxjUjw4PDdiKS1tp9kVHUg3ZMPIugO1N1F7ivPgNz76ceyPg55Q0WBCVvn-Mh2rOz9TEPo5sJC1RtbsX4uKosWKdz1oIweAso5juZFKJifKVAjFTdEvTe43BIgznyZtHeVuBbCUdIG7gZnPsZokoodS5NwINNH-L3SagO-y5q2vgdyA3DgRNMQ8G_lrx__ABJttkP8VWneThNcRSpye-_sWKsF7DF63_3zIvrtZRacVl7gAy9GHdiF5oDxH8Am3mo578_Ue3j1b-D7NV1qKRPlZ5SLGqiCpHpC68M6Z5s7FUk53RApYWnX7lRd_wIs7eJjRLiGpqr083a0o-Z7QeJcfWouQjmqfal4D4unsWSe-w8qMIve9DykSj5BND6KzduN9j01JnyqbRgU9ePn3GsMXed1b_mtWMRSLgQY-ZmIxJRk6JT--9nHkGTd0rwQ5R22au85mDYoNPy0lPxBD03p1vve90GTV3GLcwncrOzug8ujjzB6q7XOOl-Ng7aDqNqZVJJaVX72bpJRSx3DkNYnCmb2lYD4H8bks6_98vkvu&cid=CAQSTABygQiDsTKpTmlrjwbVzVwOAAZirKgpq_vAkDImDsdXbtd2LgAFyQWNI7WQM0SiTVeDIoF6JYFwi3zHvhyPl-kUdsVKnJtYWh7gswQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fcutty.app%2F&ds=l&xdt=1&iif=1&cor=10264620778794303000&adk=929882891&idt=193&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 18:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 18:51:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/ Frame 3F2E 28 KB
11 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230508/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 19:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10900
x-xss-protection: 0
server: cafe
etag: 15736755800806341048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 May 2023 19:40:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3926 6 KB
706 B 70ms
69ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 18:40:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame 3926 38 KB
15 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 200 2089416103879142170
tpc.googlesyndication.com/simgad/ Frame 3926 8 KB
8 KB 38ms
35ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2089416103879142170

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43ce2e7be01c27ef3d0e2857602d7e150a1135a7b269dccd5582af48b1e9725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 20:42:29 GMT
x-content-type-options: nosniff
age: 257380
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8526
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 13:15:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 May 2024 20:42:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F2E 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 May 2024 09:20:28 GMT

GET
DATA 200
OK truncated
/ Frame 3F2E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1317f0f02c44355675b5765d7bc761893d5e41a9b727d8e4da97d366130f56e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3926 15 KB
15 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 309714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:10:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A72F 22 KB
8 KB 36ms
35ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 312674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 May 2023 05:20:55 GMT
expires: Sun, 05 May 2024 05:20:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3926 15 KB
16 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 308965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:22:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3926 15 KB
15 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 334677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 23:14:12 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16965978661036931496/ Frame 89F7 31 KB
6 KB 116ms
38ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

288b1e82264bb80cf3245a97cc9b657c4d40254f0bda7f51afacc3b1886debe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 213113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5673
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 07 May 2023 09:00:16 GMT
expires: Mon, 06 May 2024 09:00:16 GMT
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F2E 0
0 179ms
84ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3QeUUcmGm8xlcnb6VubThWr9ZVKyOcktk6Q0O66T3AnC5ShKIsQc168twShrjqBWk-tKDtDQpuWPSTlbb2IDtAD02qjw5nwRQsxL9Q7duhC3FEXi2kCF_BPgcnZkJjlnsjwhc6BhdiCgfdxPqUPJh5Q75NmeFqm6dL9OSFPmahwFgiNj7h0LyaFSYkJexsMfiRbkffXg_KK9JqcR6gJ0hxClgb8scXtpsitMwt3CD02ju1kJsLCwbRo_I1tId2LUIQtE0tS97ybHAowR8vwwub5U5xQahcjELzwa8tfuFMuEcpmMoeGXueiaNfAV0DkY-PlFn3tvv51ZQjTkN9SLsngDH8huXk08Hw5shpv6P6PRR12InH_cofPK0ZsOShS7orENa_iHtHTXXN33f-5CW1Go4tvdLV3DQo6JqO114L3yuKRmlSVdTfJXTZwtTbHYsu6UHgqMyMXOPQ9XqfY6qre9_I4tyYfT95KS9frAFMWnNi5MVkYZJ5voyIaDAp2MAPkr9hw-4Pa0bl7QtiIyqAs6taSD_svSePnVchhTxp8CPfM2IXBTNKajAgzYPodzc_uZGwb6PKjmzJv2LNqxNrMUK0IZdv1wzIWNqnPV4Ma55RcHoEGjAZkSELNSyVYxPIoj-WxdGlD-J2yAEoBJAOPiPigTAKvztJrzKuDDryp2czRTUGAgVFodM4_mfQuadyuky2oaygNf0swZ0QaIoi0YCfVRIJEqV9mIMMIsz4j7jbNE3WRrRM3GbXrZJbWmat-2cA68HYUvWnZdhg6PSSh9iA3UyaYADF-CNGqCNAftjIgsAo74gMCizXKRje2Oed8fBgCRGO7GEMipvNe9e0gUb2L3ku-69S-kPzzcrywWzWFeY0EP3cety89AalkrJvPMM0GPCdAEANjFghIxpR-ksxv2IJh7Ii2stZgLGuJpVIU3MKA6zqtD6p7VMDgyjJR0SiSG4385u5fSKa1BQOclgGQApSXRz3DEUUczaJ5pjyx1dI73ovHNeBbxGYsVT51uNk-JjgNqXsJevWJWXyqt-cS732fnZWtYsmp3yfCLuS2d_jRRpOLJdRqcRn9VGzC60_y_czGJD4PINM2OtTKrIme5ICNRqnaka8mstjXMaqF9n7EHuMki56dtoA1PRHd2JYjSyFwuy6Srcsq7QjWHGKxAlqgI&sai=AMfl-YQcyxUYY9GQPTqttSeUo3NUoH6OSZx861k1FHwWIvfNaioN3WLjTKq_Tdx5G9AM7vOHjcBX78L2H8vrI3fJKNDKL3R-7cZtcgSNkdcLEL8Zj78rQFFOVevR2Llf7wsLPUxA0rkAhFu6Wd7ItYdm627ezeznOsjHEa0wY_j6rvcWsEx84gKEV1ViLSJumpKb-zLDS8WDtLbjA4ZZUPCtMitZyUMN1NpETZ6gvnqlPiGs9RbX0wGY5eLpasLjlSsZGEHmx5jmPEbTo8G3jIMDxOKjvqNB0edQv0DX&sig=Cg0ArKJSzJkM59M_gqk2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=217&cbvp=1&cstd=214&cisv=r20230508.54702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 09 May 2023 20:12:09 GMT

GET
H2 200 ca
choices.truste.com/ Frame 3F2E 27 KB
27 KB 58ms
8ms Image
text/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-100.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 10:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA60-P1
cross-origin-embedder-policy: unsafe-none
age: 36619
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 5kuMUevgT92OvGksThb1P5saYjEbyVNijZcRS_tU8RX3YZihpqkNcQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7AB4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

55ms
54ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: cutty.app
URL: https://cutty.app/hSayON
Protocol: H3
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 May 2023 20:12:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js Show response
pagead2.googlesyndication.com/bg/ Frame A72F 38 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/j0qzk3svFByPiPxQkc7LDOXCr5XIGqNSbsgPGYk3B2s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 15:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14855
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 15:13:08 GMT

GET
H3 200 c8048154be43edfd0b4fcdc3fb22db5c.js Show response
s0.2mdn.net/sadbundle/16965978661036931496/ Frame 89F7 99 KB
28 KB 39ms
39ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/c8048154be43edfd0b4fcdc3fb22db5c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

849032524598b6ff398f77a6bfc95235029778c3f6905e1459e53198077fb176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213113
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29104
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:16 GMT

GET
H3 200 metrichpe_501_normal.ttf
s0.2mdn.net/sadbundle/16965978661036931496/fonts/ Frame 89F7 59 KB
24 KB 39ms
39ms Font
font/ttf 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/fonts/metrichpe_501_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/c8048154be43edfd0b4fcdc3fb22db5c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:21 GMT

GET
H3 200 25a789ae20cc5806a49ce1b5875568c0.jpg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 15 KB
15 KB 49ms
48ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/25a789ae20cc5806a49ce1b5875568c0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68bacf652d7a7db62c86f4fc74ee7ec0d6d2ac4390e2a84aa7a98d2381445568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:22 GMT
x-content-type-options: nosniff
age: 213108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15628
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:22 GMT

GET
H3 200 395d370bde56edb1a7a13cb7c151fd9f.svg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 4 KB
2 KB 59ms
59ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/395d370bde56edb1a7a13cb7c151fd9f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:16 GMT

GET
H3 200 metrichpe_401_normal.ttf
s0.2mdn.net/sadbundle/16965978661036931496/fonts/ Frame 89F7 60 KB
25 KB 39ms
38ms Font
font/ttf 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/fonts/metrichpe_401_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/c8048154be43edfd0b4fcdc3fb22db5c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26072
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:22 GMT

GET
H3 200 metrichpe_601_normal.ttf
s0.2mdn.net/sadbundle/16965978661036931496/fonts/ Frame 89F7 61 KB
26 KB 46ms
45ms Font
font/ttf 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/fonts/metrichpe_601_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/c8048154be43edfd0b4fcdc3fb22db5c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26501
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:16 GMT

GET
H3 200 1730852a9bfcc0792be039d9c5a788cc.jpg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 22 KB
22 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/1730852a9bfcc0792be039d9c5a788cc.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9803c95c8c0968606ef29aa3b7f660b689a017a9d36fcd3adf7fd21b1f7bc12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:22 GMT
x-content-type-options: nosniff
age: 213108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22905
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:22 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 4 KB
2 KB 60ms
60ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A72F 0
20 B 146ms
146ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRv_UGalaZMrgHPys9u8P6bONuAQAAAAAOAHgBAI&bg=!wMOlw5fNAAYV_mUANf47ADkAdvg8WpI7MJJg465nN-gLwluc0K2MCJ83zjsjxT-7sx3U4CtywAruQOchA8jqWSAtA2tWqqwVaDoCAAAAh1IAAAADaAEHmQM6o9eFifWCtBLuhsnY8mH1J-khdOR2nSMIP6Ab92p3pwK9aDaaCuPqeAQwqwatReGAOsvX6UdsplzyVEGxoLMu6ZNCPqm8nuH2ArxHiXVDALP-UeSLsf-ovTeaFeooKSWZ3lf79OW2OzW3X-MyYuM1hjoosF6FXdD4Hnt6nrU0XrEJ3HG01j2rl0VSDowtrkbuO9rR0GazU6f-zYV_yQ_BOtldMCjQBBHwOKurM4fTJNo3RRg4SSHvGEN05rnXJhKEbAaZs2cYuFFJ8v0Cz2rnh86pkihUB9W6PaBXaJju1nhLSWGagl8IfqYYfgA2C35VICXEc_Ra40fDNmK8Ed0cl5sjhRMu_D7nrYN5Je0WMJuwdLnLwtatF4d0DM3AvgRJojpsuoYx11HUjgoo-0LvOLSpWzicFKAHrMA3ZS_DQ-ROeI46b8bY9w0FmAc-S29QG3oqUwoZQxDx52VhXNSAeILHPBt1gAzh0k1OvJdHZNmg8mHyYwt_fqLaTyl0AX27KEDopPaI1DO5uDBk9TYNqFgqXepWfBEVhgi4OxiGaxNm7a2VBXdeqB5beqgqnnsCx8TFBwowZC9Bq0nLBC_BCJXCKhZcni0PzUhAH7uaPlXQ5QwCNipYy3FuLDgEzZupuhIc8m1MZUfC_uxSgCSWOR7_ArwBSgA9M_KSI8dngqGHrKMlEzgnjnQ_WiMprMm0oYYyGXUwvE0SbA0l-bHVa7b1qvjERvYUV-FQJ6uRZvEGIH1IRwL-L42DZe5ujJjOHOZGOjOy7AfUqQYM4EIeycBM3vuCJXQ7_ltmwBX6x1lq0GgNm3i6iJIWYOALlmqMDklfgdH_TBuSvatR4w-e3aDAVybOtYrec1YmSMJkkCgWpHfcfFZh6LJ2zkGwWB59QO8XDV38YHn91n4feHwZrcFxTAeqTX8PDwV3MvW6KTRqlmn7W6M1K5lrDpBuQidk3bPi-OJUC8MkB-hCWySiB-EcOwnxifHLmzUgJPU4bo6UAmrk-NGKrLuvhvs003FT4VpO6hA6a4EoDHXdSRz5rpaaDrCszaQ_1VWiAznTgfM3IuXo-TTT5KsCtngVfktS3vrqH7rdGLyKug

Requested by

Host: 8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
URL: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 146ms
146ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305040101&jk=2145702941300804&bg=!tbaltuLNAAYV_mUANf47ADkAdvg8WgKrHW3p_DZdoiCecs9LkGSnrJcqJIdEL7QesGnFySunHyBhOSPG4TxY9UTL1jdnINxKSuACAAAA2VIAAAADaAEHCgDCZctR1M13EuJyopsJfDXpV87-7Yf4fvEPAz62-VyEBSbhLQcATyP6LoqL5AokPYUIzMeR0r87ibSdFkaQloyOWPzY2gDFl5pAWNmUHSg3jc0snx67hbfmif1MyNj7RmwvyC32FoMlFdxE4mDNQaFQatj3b-acazPAmAvkQsMostFhgtYDWJooFbQ_YQXOAtTV60MvKEts6XXdYIuvBkJck39Fv1mBv1f4x01mQc6FaqYUKhLFEkHvUD9I1xuB5W5B8cuZAqSPRYUd9aUAbrAQeYeTUsMgEGm7iASEQxo4Azytci-lxAc1xx60ux7JpXI9wW8BeIM4pN_fNkqNRCwCzSTKF1ary88aEtfagF-rhD9fABS81Qwf19LXnv6A_nL8TSJAZG5asaDOXae9Fx3OtBwJU_9-9o4po9CtSgQibwmm1lD6kKWKyH7-3jnJTQotue4ZdEfeLswi-imw5Y9JSYS4DJMLCyOUOWntaFd-no1FKQZJW4iJL08aSPKTpr8Y90mLiA-ylAo51pdbefr_85f3TP8HvrsthRt2DiXbu1WkDSq7114L5-RwFK8X2jmdu4ENxfHrU0dX2SqpXNdj7zds6nphn5r-KpcUfSIKB4otUOayZiJqD4_HQJy4l0qCgRLlYmOk1QkVhiX5WVqR3Iv_sBuD1SPeVaaQmB5FnUTwH_X2CCUJC18mvZvRCQ08kYJ2SwxxnjUzNR-_FM4QCkB9FhoEOzHNexyPWid9hNmevt1VprGCT3-9S_RZ21Mp2IckGZN7MTBSiIDn-L1sHDho7SIVOFkjKKy5dhnVShVnsNdHlV8uywb1sWedde9xxXonQp3U_tTBUHuz2CFf-2EQuM0Y1yPMRDIldULqRCiEvWPPGppA-Q0v1xkAbLkEkqnQoX0eqbkQ_a4qQtU9eO93Dk61xT1wo1WWW-w78HfPixPaWkIexNrPm8-htdHOk8BRiEqmDsLUQ4QqOrRdTR6usTYoCNl1MsLBqaqfVGhc8tFfB2CQimDVNTWUw0k7WhSSBlGJT85dwHcrvfnJ46Rb-CHAH7wFoprizrJgvxoq-lOC1bZGN1ACxfmHNkSgRo0_5Gi4S87dXxBwe8xfcR_QtvaL4aXPla7jbkxykHLb-uowjxHPs1qqvpH63mXTXjddvfKomPhh
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F2E 0
0 74ms
74ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3QeUUcmGm8xlcnb6VubThWr9ZVKyOcktk6Q0O66T3AnC5ShKIsQc168twShrjqBWk-tKDtDQpuWPSTlbb2IDtAD02qjw5nwRQsxL9Q7duhC3FEXi2kCF_BPgcnZkJjlnsjwhc6BhdiCgfdxPqUPJh5Q75NmeFqm6dL9OSFPmahwFgiNj7h0LyaFSYkJexsMfiRbkffXg_KK9JqcR6gJ0hxClgb8scXtpsitMwt3CD02ju1kJsLCwbRo_I1tId2LUIQtE0tS97ybHAowR8vwwub5U5xQahcjELzwa8tfuFMuEcpmMoeGXueiaNfAV0DkY-PlFn3tvv51ZQjTkN9SLsngDH8huXk08Hw5shpv6P6PRR12InH_cofPK0ZsOShS7orENa_iHtHTXXN33f-5CW1Go4tvdLV3DQo6JqO114L3yuKRmlSVdTfJXTZwtTbHYsu6UHgqMyMXOPQ9XqfY6qre9_I4tyYfT95KS9frAFMWnNi5MVkYZJ5voyIaDAp2MAPkr9hw-4Pa0bl7QtiIyqAs6taSD_svSePnVchhTxp8CPfM2IXBTNKajAgzYPodzc_uZGwb6PKjmzJv2LNqxNrMUK0IZdv1wzIWNqnPV4Ma55RcHoEGjAZkSELNSyVYxPIoj-WxdGlD-J2yAEoBJAOPiPigTAKvztJrzKuDDryp2czRTUGAgVFodM4_mfQuadyuky2oaygNf0swZ0QaIoi0YCfVRIJEqV9mIMMIsz4j7jbNE3WRrRM3GbXrZJbWmat-2cA68HYUvWnZdhg6PSSh9iA3UyaYADF-CNGqCNAftjIgsAo74gMCizXKRje2Oed8fBgCRGO7GEMipvNe9e0gUb2L3ku-69S-kPzzcrywWzWFeY0EP3cety89AalkrJvPMM0GPCdAEANjFghIxpR-ksxv2IJh7Ii2stZgLGuJpVIU3MKA6zqtD6p7VMDgyjJR0SiSG4385u5fSKa1BQOclgGQApSXRz3DEUUczaJ5pjyx1dI73ovHNeBbxGYsVT51uNk-JjgNqXsJevWJWXyqt-cS732fnZWtYsmp3yfCLuS2d_jRRpOLJdRqcRn9VGzC60_y_czGJD4PINM2OtTKrIme5ICNRqnaka8mstjXMaqF9n7EHuMki56dtoA1PRHd2JYjSyFwuy6Srcsq7QjWHGKxAlqgI&sai=AMfl-YQcyxUYY9GQPTqttSeUo3NUoH6OSZx861k1FHwWIvfNaioN3WLjTKq_Tdx5G9AM7vOHjcBX78L2H8vrI3fJKNDKL3R-7cZtcgSNkdcLEL8Zj78rQFFOVevR2Llf7wsLPUxA0rkAhFu6Wd7ItYdm627ezeznOsjHEa0wY_j6rvcWsEx84gKEV1ViLSJumpKb-zLDS8WDtLbjA4ZZUPCtMitZyUMN1NpETZ6gvnqlPiGs9RbX0wGY5eLpasLjlSsZGEHmx5jmPEbTo8G3jIMDxOKjvqNB0edQv0DX&sig=Cg0ArKJSzJkM59M_gqk2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=587&vt=11&dtpt=370&dett=3&cstd=214&cisv=r20230508.54702&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cutty.app
URL: https://cutty.app/hSayON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 20:12:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 May 2023 20:12:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6CC5 42 B
64 B 145ms
145ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswQM5Cm5YmVOdfoI0Jtl2SH4nKZgEnlSgtV28Eho_9vqZOmGuexMv6B9iJa2xq_9VrQ__RAspokv_kIxvIjNBsjQ39tCnrntYy9jpEe5tnOL6xXAFr&sig=Cg0ArKJSzPzQIzgwrt2xEAE&id=lidar2&mcvt=1000&p=1111,437,1199,1163&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2191873836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683663129018&rpt=322&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4AE 42 B
64 B 146ms
145ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD0_LiNxGGtw6ZzZw0nITSoxvZegTOYfqdizTbTooryx0mL3uVMWlb7kaDHttAErMxTQ-zDqbXg904_gHwVlaRMwEjlMkU-YhJv5mA2JYSZ2ft8mxr7q6I6tYSElBmzY7VAnq8GGXvaY5-eAeWE28jdo6Domo3BPRl&sai=AMfl-YSmtTQbUOGeddeaBNd4ypqhctAw6DKLqMgOIiet6pwFRwY2ZA_AUaWa9wzb1aJSyXtZZPe6WqoBNXIoWb1dGAVDXa8EFil8GLnN0-PEk6IucPdiv3IDs8hchBYnv1g5NDoMg3dtzRMlOF2U&sig=Cg0ArKJSzNeP9YwfY82jEAE&cid=CAQSSwBygQiD7drvF0gWVkJbIHN0qUJHfDKThjsCrfwlb9YM4a0XEagRU8LjRzOreWR9XcZNrVZBlB926cccUFDGWrGRJZQPgzjOLYr-qRgB&id=lidar2&mcvt=1000&p=275,415,555,1185&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1699392690&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683663129239&rpt=276&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F2E 42 B
64 B 145ms
145ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyt6pIPObgdmKZcK37XV2i6tuSFTaqqFnAQ4XNzsl0UQCitX1c9eVCFhCkzWQQ6C8TBet6bKwu1YxeZxE1XwW7tBxp2GzyhORS37cLsIVJlXbCKzhe7jbjqjYVJdmZRnSbGUn-kA&sai=AMfl-YSSub_FA0rUe8RGwCvIEfK-E9EUfifjL6fx_btBIJhF0GUhrYv90204eZFercPw9tNhF41AHUIfIqcXiw0NxEbGmy8adBwPXoty-Bcqbio9gTTyNe-up42aywMDoUso2DmhfR2iBmoO5z5GxQ&sig=Cg0ArKJSzJdfFMhpko_ZEAE&cid=CAQSTABygQiDsTKpTmlrjwbVzVwOAAZirKgpq_vAkDImDsdXbtd2LgAFyQWNI7WQM0SiTVeDIoF6JYFwi3zHvhyPl-kUdsVKnJtYWh7gswQYAQ&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230508&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1212464216&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683663129217&rpt=447&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7AB4 42 B
64 B 151ms
151ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXHrV6mtvON53B-6kIH-zJJeHcz7-zWvpAFSmjf6-Ub7QgJwoKqWvbOmwkqttW0bIcr3_mhDuexVjFMbcbODxje7GwIDZAiLR6kY-YXIQTXN6NjPIcCbvOIsCQ0ZWcRqCMLZHDl0YBt4doBOw8wsxB8DEIabS-Gn-A_Q&sai=AMfl-YTfuh7QpzknWQkFuD6CEBgjirHTSQdCBB1RBWYoEjH2i2C7Lga_b9tZ9W5CbsV03kf--8BqNXWQ7A_2Kc8FeO4Cgt5OgZnNHbHfHfzb8l27pj_SO5kCVcmipJNL&sig=Cg0ArKJSzNIdS50WJhHLEAE&cid=CAQSPABygQiDmP6RE-nJx3nnK22nS_ywHQybXE5qa-j4KMW33RbJ4wE-3woOY24B6KspXY3ZzgSuvQZ7-LrqMxgB&id=ampim&o=415,598&d=770,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=387&tls=1387&g=100&h=100&tt=1387&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cutty.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F2E 0
20 B 139ms
139ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6125657309439&version=m202301230201&ct=76&x=1&cor=10264620778794303000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 20:12:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 metrichpe_701_normal.ttf
s0.2mdn.net/sadbundle/16965978661036931496/fonts/ Frame 89F7 60 KB
26 KB 39ms
39ms Font
font/ttf 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/fonts/metrichpe_701_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/c8048154be43edfd0b4fcdc3fb22db5c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26441
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:38 GMT

GET
H3 200 bf92c8be83eeb2dbf186eb1436ebcb5e.svg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 4 KB
2 KB 38ms
38ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/c8048154be43edfd0b4fcdc3fb22db5c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:16 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 89F7 725 B
374 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16965978661036931496/c8048154be43edfd0b4fcdc3fb22db5c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ef4cbeeeeb11bf689c56bf1a96f0d51bd084aee65c3c247e099b85f088aa9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 20:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 19:47:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 20:12:14 GMT

GET
H3 200 1730852a9bfcc0792be039d9c5a788cc.jpg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 22 KB
22 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/1730852a9bfcc0792be039d9c5a788cc.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9803c95c8c0968606ef29aa3b7f660b689a017a9d36fcd3adf7fd21b1f7bc12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:22 GMT
x-content-type-options: nosniff
age: 213112
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22905
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:22 GMT

GET
H3 200 c28ee83047461d8b4054c01d9cad59dd.jpg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 1 KB
1 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/c28ee83047461d8b4054c01d9cad59dd.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfeeac72b1bd9df793a7d5755964b7498759a0d484aa2b666039b1a5dc45082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:38 GMT
x-content-type-options: nosniff
age: 213096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1359
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:38 GMT

GET
H3 200 f79959d35be1ec2d92728dc39fa473c3.jpg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 3 KB
3 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/f79959d35be1ec2d92728dc39fa473c3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9be5492995faf420002c933226fc4a4c73d07dea35e63530cc8b0abf247683b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 09:00:28 GMT
x-content-type-options: nosniff
age: 299506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2940
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 05 May 2024 09:00:28 GMT

GET
H3 200 409f667579a3c0ab7819a840cd41bc58.svg
s0.2mdn.net/sadbundle/16965978661036931496/media/ Frame 89F7 258 B
252 B 47ms
46ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16965978661036931496/media/409f667579a3c0ab7819a840cd41bc58.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16965978661036931496/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 09:00:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 223
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 23:45:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 May 2024 09:00:20 GMT

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cuty.io/	1970-01-20 11:51:07	Name: XSRF-TOKEN Value: eyJpdiI6IjJaQ0NqVlk1MG1vN3hvWmhXTTFqM3c9PSIsInZhbHVlIjoiWjZiN0h1dGtIZXgvRGZjQzhCNGcyMW1yV05kcHlnV0FYTGdIamJZOFhWL3dsN05vYVQ2ZE1DakM4WUxQYnltWExVS2pCS1Rmdms1RnU0eFFhU0xWWjU0d2Q1OUlPanA0S3FCQUpzNDJibWNrSUNHVzdZM0xLOGhTMWpxUFRSL0YiLCJtYWMiOiI0ZWFlNzBiYzI0NGU4MzUyZWVjNDM4ZjBlNjk3NmE0NzcwYTlkZjUyZjNlNjA0NDk3N2Q3MGRmZDdmZjNkNzFiIiwidGFnIjoiIn0%3D
cuty.io/	1970-01-20 11:51:07	Name: cuty_session Value: eyJpdiI6IlRwNUdkRzBndExyQnVZbDVIc1hnaHc9PSIsInZhbHVlIjoicjJuZG1JekNqSmltV25lODQ4YkV5bml6UEQxVEowNVVua0ZWM2JZaTFzQ1Noek1QNGtsamVBUE5uMFhCV3FQWkJwa0pBbjFydzhIKzlvZG05YklocEwrblFXeWNWblVkdllDM08ycU8veCtzZTlGOEhqL1dUWHRyRTFJQ0FDclQiLCJtYWMiOiI4MWUyMDZkNzdhNjc1NGEzOWRiMGEyY2MxNjlkZGExODA5YzhhMDBjNWIwMGEwNWQxZGRmYThkZDAxNjc2YzE5IiwidGFnIjoiIn0%3D
cutty.app/	1970-01-20 11:51:07	Name: XSRF-TOKEN Value: eyJpdiI6Ik9Wb0ozTUZscHVLajhZLzNmK1B4cEE9PSIsInZhbHVlIjoicld6SEZQU1drQXFCSHJ5bzdHOVJTdkpFQkF4KzEvSmZ0ekdOS3lpVkRtZDlpZWRHN3Z1SjhyZG1UQnRlRWpWWWhzaFY0amVXdzF5cTlmRzlFS3RiMU9tbS9lSDN4WUtyZmdyaUZTQnFHNE9UbTVvT2EybTF4QVRNeTkwZHdJR3giLCJtYWMiOiIzZTZjMzM1OWJlNzliOTYxYWU4MGViZjc3MGY5NWM2NWVjOGQ0ZTcyMGRjMTZlYjdiOWJlNjc3YmViZTczMDgzIiwidGFnIjoiIn0%3D
cutty.app/	1970-01-20 11:51:07	Name: cuty_session Value: eyJpdiI6ImdSZ2VGbUdWZW9GT0FCeXJnVlBWYnc9PSIsInZhbHVlIjoiWU5oak1yWjNMQitRc2JtbGQ5VGd6L1BOd1JxTjdjOWV6bERiODQ3c21JOHpTRjZYa21GNVI3c29lUTYwSkMvMExHNTZwelp5NG56WWNNZkVCd3BLSFJFZENFNXQ3QVZpeXJHbU0vWTdSWFAxTk5HYUZoTEQ1Ym4zUzlRaWE2b3giLCJtYWMiOiI1MDM2NGRmYmYzNjJlZTg5NTdkNWFmMjdkMTlkY2Q4MmQzYmYxOTMyOTY1NzcwMDg3MTY0MzM1MDIyMGRmZTk3IiwidGFnIjoiIn0%3D
live.demand.supply/	1970-01-20 21:17:03	Name: demandSupplyTi Value: f583285e-98e8-4f92-add9-b33977276405
.demand.supply/	1970-01-20 11:41:04	Name: __cf_bm Value: 9JiTkOu_l.ZGJg6ikOY_iChKRt58rPIyWAC.EeqLCJc-1683663128-0-ASMqsO1/wL0Na9vKS4VYohozowujPYxRq481dgDMkRNV/RX2xjBWewd0uKZ2D7ElT3l2OZFrM1wWG39BO6Oy6tk=
forbidcrenels.com/	1970-01-20 11:42:29	Name: GL_UI4 Value: eJw9jd1Og0AUhPmnakEn4QF8hCVtpV4aH8JLcmAPdC3sNssK8e3dmOjVfJl8kwmCIKoeEa5ZgviLTnim7vzSNK80EJ1qPjaSpBTifBDy2FHPA%2B7U0jrqJnYJdstM1rVuTbAfWbNVfdsbyQWevPXXXLXZdIK0s6RlgXT2xlQg76zZFrZVjETTzMjeL9b4TGf6NBZxXR88K%2B05FIjMUsXlPfIPpaUflntEtSjLLMDDbSI3GDu3SmYh0tGSZIRv2PXkeDT2G7nk5erMDTCTbP%2F93994qwUyyavq%2FblxF7Y%2FEHNPPQ%3D%3D
forbidcrenels.com/	1970-01-20 11:42:29	Name: GL_GI10 Value: eJxljMFqAjEYhNdsjV0syoAPsC%2BgkC5Le23rtl48%2BQAhrP9KkM0fkijdPn2tQin0MDDMzDdZlonFDMJ6zNVzvXpU1UrV9UUK%2BYEYYt3goeWTS2HQzvSEyQeF3rgBMtDBsoPYNJjevG55Txivm%2BWf7EqNNxQj4a61aQDeg3HH7hRSafpya6xD8VPc8MUF%2Fz%2FIbfRApdRTVe4onG1LsXx5ReEo6eiJ9ijeOHgOJhFmv%2Bn1U%2Ba4t1H7wJ%2BDHGGebE9f7Ehz10VKUmB0luIb34NPyQ%3D%3D
.cutty.app/	1970-01-20 21:17:03	Name: _ga_GGDCMPL4QP Value: GS1.1.1683663128.1.0.1683663128.0.0.0
.cutty.app/	1970-01-20 21:17:03	Name: _ga Value: GA1.1.1188267719.1683663128
.cutty.app/	1970-01-20 11:41:04	Name: __cf_bm Value: zTmQ2DIdetrm7AR9jSf97umIjzk2Yil4yXPfWVl5h9s-1683663128-0-AScFYdXpHB4516E9b2grgPNrv9cDYPt173QoJevO2tY83aPoils58ivyM6UmGx1sp0CxmKj5dwrkIoIM4tCkZbjXIJECH7mXeqSPSscCTyeY
.criteo.com/	1970-01-20 21:02:39	Name: uid Value: 0d128150-cb70-470a-b564-9b8bc7a7f9b3
.cutty.app/	1970-01-20 21:02:39	Name: __gads Value: ID=1e4846fa8e6b580b:T=1683663128:S=ALNI_MYJlRSCM2f5MjByZxlHFYe8OXcJSg
.cutty.app/	1970-01-20 21:02:39	Name: __gpi Value: UID=00000bf8bb9f4e9c:T=1683663128:RT=1683663128:S=ALNI_MZckGJb9CR9kqdb9s00lux4McCuFg
.cutty.app/	1970-01-20 21:02:39	Name: cto_bundle Value: Hordl196SzloJTJCbFJHcjVyVTR2JTJCY3NFdmlWcmhCaiUyRnRLZCUyQlFUaDdZQnBRelc3Sk11SiUyQmxtUUN1ZVR6ZVBoRTglMkI1ZVUxTnFwNml0R25tMHNNMWQ3ZGcwNE9yVmtXcTJDa1VqemphU1FmYVV3MDQ1Wk5udjFqNTFCSjhJblRSQ2Z0UWI2R0Q3WCUyRkRmemFnSWdGcHFwVWhGWkRodyUzRCUzRA
.casalemedia.com/	1970-01-20 20:26:39	Name: CMID Value: ZFqpGdYJdM-RAdraPsaOXwAA
.casalemedia.com/	1970-01-20 13:50:39	Name: CMPS Value: 5139
.casalemedia.com/	1970-01-20 13:50:39	Name: CMPRO Value: 5139
.adnxs.com/	1970-01-20 13:50:39	Name: uuid2 Value: 5771312425012737080
.doubleclick.net/	1970-01-20 21:02:39	Name: IDE Value: AHWqTUnQh7hAaMV9AOqYRgt8JSdPuPoUWyPWZqlMgfArR370hG5eBltQZpMC99aD3LY
.doubleclick.net/	1970-01-20 11:41:06	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 13:50:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU!for1O!]tbPl1M>e)ZlrFUfJ+tGXxo]I/)0gIM$=y9.G/gTaMG@D<?veYvp5M^<7F:3If)y3KL9D3I?+CqTB0V

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8aa8f733b5f5fda6ea1c1e6881ef7989.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
asacdn.com
bcp.crwdcntrl.net
cdn.ampproject.org
cdn.cuty.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
choices.truste.com
cm.g.doubleclick.net
cutty.app
cuty.io
dsum-sec.casalemedia.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
forbidcrenels.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
live.demand.supply
mug.criteo.com
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
youradexchange.com
13.32.121.100
141.95.98.64
142.250.181.226
142.250.184.194
142.91.159.186
178.250.1.11
18.203.208.238
185.80.39.216
185.89.210.180
2001:4860:4802:34::36
2600:9000:2250:3e00:a:e047:752:b361
2606:4700:10::6816:3556
2606:4700:20::ac43:4621
2606:4700:3031::6815:4bd0
2606:4700:3037::ac43:c9d8
2606:4700::6810:8616
2606:4700:e0::ac40:6d19
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2004
2a02:2638:3::3
2a02:2638:d::d
2a04:4e42::485
34.96.70.87
35.190.39.111
65.9.66.97
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
059fbd3e3fd10036ccca55b5d8ca87fc56519c981f8920765f8258272a78dcda
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4a894b9b1256e43e179d664e5e9c33dac45d8fa7b265b31f8054a0e84803a1
0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
0ff7d1b0572141603fe778eb0ce01b661919965696f04228ff3f213d7e1fd2e1
1093a042d8d8c9ed801aefd58366aa40a8b0ce55df696e874f5a565d564cf163
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1317f0f02c44355675b5765d7bc761893d5e41a9b727d8e4da97d366130f56e1
14c10dbcc90dedd83cefa5e57bc5d4fc6725f40a573999fa94124eaeeac559fa
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1964c8b1802bad149086dbc095df3ee125645bde33fdf2fe46129fa112b1788a
1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224
1ef4cbeeeeb11bf689c56bf1a96f0d51bd084aee65c3c247e099b85f088aa9d3
24cba754380a600b28819c7a2ddc71ceeb52c5b8b5ecdad0eddf2c8b43069e48
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28867ed73f6b31c99cdbaad04aa4134fa192e10ff220d0c004fe5c04cb9a6f2f
288b1e82264bb80cf3245a97cc9b657c4d40254f0bda7f51afacc3b1886debe1
308e9d764fa59dc2cd4f72128c8e247cebb14c630491107f2539af6066183691
30d039e5187c255a96b025d81ab3be8bbc1874168079d3a3219a3b75665e284f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3643ab7e04700352084a5745c504f6ca17f591808c62135ce9c926800e7d7cfe
3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c
391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f
39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c0706adf5d4587ac6f4139e8889628b1b7a5e9cd320a3eeada00a46806f45a1
447e05626ca313ba1c3a460abf06130d9ff28e7549c701e0af9ab8e215020116
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45a03ddeac46f9ebc3f24a15581bd42c80926fcbabb42c59bfad5c169bdbfde1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4b377f5417c1f05620a1fa9054c625e99fe7b6364b0731211f5cd66bed3ade45
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc0af554956e4cbac91ed3fb0016bb8a53b1b29e87a93f9172d3942fe6c8074
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c
53d314c81948ceb486ef38f51f977911f2dd7bdfdb7f15a5466cf990cdbe0f7a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ea1b748f6f28c52a60099f230a9f1411b84547b5b8afeffc32dea87fe73989d
5ffdc3ac4306a19c995a12935fcbebddba0d65dce9680443e84fb04541cf43f3
6170c176158b385f669ef60f0f8ff573663f2f5356d3bd3721e4fbbd9d2f3af0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ecccd34dc662e0f098d7aac79299f8b425c42abffa5eb59135f016eefe7c28
64d9e87a065f18d759e95ba9f67100d438d0fd5962a709eeaf71fc648ed94088
6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d
6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a
6691be61fca3dfd5d7c7a7eeccfea9bd658aff11dd7bec10d20058d8b54f096e
671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b
68bacf652d7a7db62c86f4fc74ee7ec0d6d2ac4390e2a84aa7a98d2381445568
691f00c0c64d110b68cf4237589633da601dfd5112c8c048c87ebd915db64bb7
6aa6e7fa57fe8e5fc70257e682418c7130eeb2f23e850d1456b56380d9f78406
6e205035f95d2df2de450fc415ca764d947545541d1b3501ba2c76f8094c877e
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
78f5f266e2a083670bab8c88c74dae3b52805aa82cee2af3dfa5fb0e3d2a9c1b
7b5d6a17829ac00d843f0527e4c030450401fcb2596976a7a941913ed59894be
7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5
7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be
7fd1d0dbdc43386ec569735f5e63a9c81684a1f186c94b0039d609abd0411503
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
820b047020b3f14655913ca9ba8f1ce5b7b09ec2f5ab4fdc5f12c3630b1b0a41
82fc44d47488df64278445c8fd1f9bbf3b97c98d19d9d4ae4976c7c28840f1d3
839a722ba553fe0c74d621b328437f58aa87942aa2d3c0ee8c37cf1217f21996
849032524598b6ff398f77a6bfc95235029778c3f6905e1459e53198077fb176
8a54944cb43fbed96d8ab1911df73a06fd97ecd86f067b0483957433a0a6001c
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
8f4ab3937b2f141c8f88fc5091cecb0ce5c2af95c81aa3526ec80f198937076b
9246476ad494512fd651c54a3243ca5e4ca7012488b5237d1b19c03089dbba50
9507a28353a0f58ce8c8b7f6174e80d03d5247d7fe3c1e407b740c87f1644dee
9596d4c076e5ad8998a8dd2ffe9d1e7c8d01ab81c92d00d935ea45f80594afd4
977c15df2295c7f457b797893def2a978abae8f05c957a2176f9c650ca9305d8
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9803c95c8c0968606ef29aa3b7f660b689a017a9d36fcd3adf7fd21b1f7bc12c
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9be5492995faf420002c933226fc4a4c73d07dea35e63530cc8b0abf247683b7
9bfeeac72b1bd9df793a7d5755964b7498759a0d484aa2b666039b1a5dc45082
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a69d937db3ddcb6e49eb6b00a843da0c4c9d1d53ee39542b5c554881a60f472e
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d
ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2465d688f7473b25f4a67084bbf33eb1f4b31374656e33733f66ed1cb39d0b5
b5bf12e42fca5c8e7bf614f3cacc6aaa41275acf4bebb3bfe1db2e5002c21777
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bde52f8baa14e0c7f49605c286212a448576de1d030357150ea1e06c0a163d90
c0e08da6ba96c6d610eef10a80e2e3ce80c26f3992394632d136dc8870206f60
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c5fb3479003b55bec0bb9a118d7d005da4f5fe23857aaf14d7af30899170bf3a
c637f20aa2c06194694dfbdce826e0c2dc27be6768a7f796c9196e35e67e6c7f
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c95ae17f34654993abce3961283bc904a5eeddc7ed0e0c20cc307722d9f1d4ef
cd44e67072f875c8fd8864392d7aaddd3b819c2bad9cbd4c15b80a83b478eff9
cdcfc0cd2ece0055e60c01ad1e3820edf3b65c1bc71fcd925a723cfde42d8f32
d01b1f78ab9adef9bfa2ad9ac342f1a074972c0c6308323299e562887347e2d4
d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
d7c98bcd86e1ac4e882d901d6b8fe8eb33fdb7344eb4359fecdb661cfd9d4470
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d997db76aea478b096f574585dff641c0bad98990430cb7d70e4f317963259c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e424537f9d776d7aba6b83add84ba1e27a84fc176c31d728b987abb57ffb5d77
e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533
ec25a2a97a622751d1ec7a9f41e37b52e978d5482fa38c16391f5ce1eb732c22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b91e921cdcd45be4f7f4b62044865bda6c4728fdb6c816846d1126484c478e
f43ce2e7be01c27ef3d0e2857602d7e150a1135a7b269dccd5582af48b1e9725
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e4c271330c4e229a6e7d69a4dc4fd9fe2d01257fc49205fe1f8d724b8f4c6d
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
f9836ed49c6618eb8b255a572fce58cd8ac0fdbb13a614cabc75f578472a23dd
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

cutty.app Open in urlscan Pro 2606:4700:20::ac43:4621 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

96 %HTTPS

68 %IPv6

28 Domains

39 Subdomains

38 IPs

6 Countries

2698 kBTransfer

5684 kBSize

22 Cookies

7 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cutty.app Open in urlscan Pro
2606:4700:20::ac43:4621 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

96 %
HTTPS

68 %
IPv6

28
Domains

39
Subdomains

38
IPs

6
Countries

2698 kB
Transfer

5684 kB
Size

22
Cookies

183 HTTP transactions
6 data transactions