cutty.app/please
172.67.70.33301 Moved Permanently 0 B IP 172.67.70.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /please HTTP/1.1
Host: cutty.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Feb 2023 20:49:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Feb 2023 21:49:37 GMT
Location: https://cutty.app/please
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5SRiJrG3tKw4645%2FiTh22DGfy0gX36Ho%2FkbdpkYkQwSutgsCD9YNneLvlYOZe8Kcww0dzTKvFi7E4WHmiSpPjejnY9uLSKffCyllNxuyq%2FgHiYdZIk7%2FK1w8g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79673ba28e4eb4fd-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4063
Expires: Wed, 08 Feb 2023 21:57:20 GMT
Date: Wed, 08 Feb 2023 20:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11496
Expires: Thu, 09 Feb 2023 00:01:13 GMT
Date: Wed, 08 Feb 2023 20:49:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13205
Expires: Thu, 09 Feb 2023 00:29:42 GMT
Date: Wed, 08 Feb 2023 20:49:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 20:36:43 GMT
content-type: application/json
age: 774
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: F4HR18WHqwAwvBoCBF1IjBfS6jFIMXt0VwQRImAowIr5VqLjNUGD7hUL/GTCB8LeGaoKR09zc+8=
x-amz-request-id: 5WRYAPPM7NWFQHWH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 20:46:06 GMT
age: 211
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/vgst28AgDis
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/vgst28AgDis
IP 142.250.74.163:0
Hash 50fbb5022ef6c30fde313e0e442312e5
9b2eea97687a142494dadcf487d37754e2e8246a
187d7b14510e091436bc24e7376154f9cf92cc2e505a98650e351b81768170eb
POST /s/gts1p5/vgst28AgDis HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.163:0
Hash 22fabb4a4f2bb38434477b59b8f7aa38
5d68315c0fd7dc157b9a53e5e39cc1014bcde477
8c244d66f3d0ce61579c8625a3df8e498137a096371c53dc843b374143142898
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
216.58.211.4200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (850), with no line terminators
Hash c40fb3e99bdf4c051379206b381f995b
3cf6ce4a866abbd13ce857357061a1cfa3a27690
0c45a6582686059e9d82919355c239be284c5740680f56332419ce0516280183
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 08 Feb 2023 20:49:38 GMT
date: Wed, 08 Feb 2023 20:49:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/locale-ar.png
172.67.181.253200 OK 51 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-ar.png
IP 172.67.181.253:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash c81b22802da2b0f2d79452c15098ddb3
abd99b0b24da4d6d74513bb6b2b3311289a3dacc
7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5
GET /images/shared/locale-ar.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 51070
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
etag: "63c5a2df-c77e"
expires: Fri, 26 Jan 2024 23:06:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 425133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzJfeHiKpfDPQfZZZaaRzMsYuD5lH%2FHN67yU6Cs2dnGtmq%2Fgxec3L2dejzgMVCYu8rAHxR8qChxn5NoKYRrQdo04hRGtv6jcWxluZYHVFGzMDivd2jv0OdhpN%2F1xwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe0a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cuty.io/images/shared/locale-es.png
172.67.181.253200 OK 13 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-es.png
IP 172.67.181.253:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash cd2f27e52bb7592e28676a86a3309158
796b9f96cbd568743713d06478e26c8e690e3723
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
GET /images/shared/locale-es.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 12579
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
etag: "63c5a2df-3123"
expires: Thu, 25 Jan 2024 23:00:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1115583
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWtLv58kkoFKhgtkd6fx7zv%2FXhnV3j%2BG20kYK1bmov9jU2YOmu3ZrS%2BPev5cRv4precm23Z0e34zSfcWvrTjf5k61Q9q1XA8O3gNfy5cST2HExGnCmHAAdVybh%2BcIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe090b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/bitcoin.png
172.67.181.253200 OK 31 kB URL HTTP/2 cdn.cuty.io/images/public/bitcoin.png
IP 172.67.181.253:0
File type PNG image data, 2000 x 417, 8-bit colormap, non-interlaced\012- data
Hash c072d65a81198a616ea588f4654f1cfb
53ec193adf51c7fcb1a642f680443d90bb3ce91d
391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f
GET /images/public/bitcoin.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 30766
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-782e"
expires: Fri, 05 Jan 2024 18:01:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2946895
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSWhTElH%2B3dznVfMOKdGQDb70ldBhdz%2FtkwLuiTyMjrzsip5DQl5x0fTtHWPY39tP%2FvUKqP%2F1MNiuhexW0L2TzxJ2546e4w3vtXrQBTvqxjaMAgfIAZXy1ZPf07u6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe1b0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/facebook-icon.png
172.67.181.253200 OK 170 B URL HTTP/2 cdn.cuty.io/images/shared/facebook-icon.png
IP 172.67.181.253:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 92619173676942ddb284d1520af0129c
ae57393f65b60bb02f0324882da4bfcd78a1426a
1d4073de5206d5aec02fedc9178f938e07f91fe49d4ba4ea246b90a800f0b124
GET /images/shared/facebook-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/webp
content-length: 170
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=409
content-disposition: inline; filename="facebook-icon.webp"
vary: Accept
etag: "63b16742-199"
expires: Mon, 01 Jan 2024 10:59:14 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3317418
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeAGmqwDhBGOTCwijYSEsOCbKETsjGQ79J%2BGZPXJRgr3GUQbbBsAGZ1tjSzfGT%2BxFQIxObagZqWlwQqyFwdtUIUspntICpq21UYMI9NC2FbdsVczc8QtFCcYroW3ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba7fe0f0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/locale-fr.png
172.67.181.253200 OK 16 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-fr.png
IP 172.67.181.253:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash d5c12041f2ddd200c2c881e5be833179
52ca2be8bf29666646ce347a5d0ef3f6cd547ca9
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
GET /images/shared/locale-fr.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 16411
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-401b"
expires: Fri, 12 Jan 2024 18:04:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1791662
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNMn1a7ySscAEnFtgGpOmfTMxpz%2BOC9Qn5gz2mXLD%2B3fLk%2F5AhqADqPJdmMrTtZ9iq6BcjhXJgqTvmnVb%2BitZqFZ1W9JICdrW2qUulU0GiHdcrg8Mi2uccvF9t8ucQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe0b0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/payeer.png
172.67.181.253200 OK 1.4 kB URL HTTP/2 cdn.cuty.io/images/public/payeer.png
IP 172.67.181.253:0
File type PNG image data, 167 x 35, 8-bit colormap, non-interlaced\012- data
Hash 076721e6bc9e7ebd04612c544a59e3ce
777b33fdf4ec2212b9613e50d46e203d54163dbb
6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d
GET /images/public/payeer.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 1390
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-56e"
expires: Fri, 05 Jan 2024 18:28:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2841022
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6112XajFO2QMzzAMovpmwjvPPO7TiVzl26zqlWguXrMzfs7TS3BrXXKHHvr6CY2GKh7raBzjhtemMATDZ8r8weEv1WsWZFgdQaHobb%2BqiZbgWnOcvr351jbvM1Dpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe1e0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/paypal.png
172.67.181.253200 OK 20 kB URL HTTP/2 cdn.cuty.io/images/public/paypal.png
IP 172.67.181.253:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb3c2365bc4ab68c2a218330f9fd0fd7
963ed20ac545ee6feaaa4eb34f67bad4c90cdee2
8d3a352fb65a6e167dac3019fc3e148fc6f82d99df7ad55192019055658035c8
GET /images/public/paypal.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/webp
content-length: 19980
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=24721
content-disposition: inline; filename="paypal.webp"
vary: Accept
etag: "63b16742-6091"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3317418
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBwjjPx9gWqJwxrCUOXLr5YNpbbosqx7hw8AszgLBrqkDTarHe1MIdHdkaVK7WR%2Bp%2BTeio1wx3vwcbgh2JBNBOhOdr5DEpQBm5As1K%2Bdv%2FuGeElJ8ZeWsNO6TOwyYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba7fe200b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/money-tree.png
172.67.181.253200 OK 28 kB URL HTTP/2 cdn.cuty.io/images/public/money-tree.png
IP 172.67.181.253:0
File type PNG image data, 166 x 261, 8-bit/color RGBA, non-interlaced\012- data
Hash b9c1f6949e61fdf5272ce94b2d297eec
c60dda0dea1215405f6c2fba5f30ab6c92efc1d0
bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae
GET /images/public/money-tree.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 27646
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-6bfe"
expires: Fri, 12 Jan 2024 19:11:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1788054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGvwvKv0F5Z4kcuN1g%2Fbn1csoUjWhjAlmWryNaKeWKfCLeI45GjaiM0yUfPXyn%2Fn9fjWqW0ESkPG98QD7YDECju%2FYIMzYQvnGvG2PiK6HgwC%2FY2PNZbUCjhN7BBU5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe190b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/twitter-icon.png
172.67.181.253200 OK 338 B URL HTTP/2 cdn.cuty.io/images/shared/twitter-icon.png
IP 172.67.181.253:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 331226924d21ce8f0a925233062c71b7
748c71308741f5a28d16fd7fa5e2520093ad6d14
9c2b2f6b92ebb279b34f7fbcc2bfd81829c036330f015badc93a007d91bd3263
GET /images/shared/twitter-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/webp
content-length: 338
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=809
content-disposition: inline; filename="twitter-icon.webp"
vary: Accept
etag: "63b16742-329"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3317418
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9H4F82NemvMdMxKai1s1z1Oqjj16oTmEwkvAOua8NA8nKhzPvKG6nDo1Zj4Dgum5x%2B0bsZPu%2BDhgXhvGUjg0H6OCOnJL5qYl6lLX8%2B1XU8c2Zzit7C%2B36Q28ag2%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba7fe100b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/linkedin-icon.png
172.67.181.253200 OK 228 kB URL HTTP/2 cdn.cuty.io/images/shared/linkedin-icon.png
IP 172.67.181.253:0
File type PNG image data, 976 x 970, 8-bit/color RGBA, non-interlaced\012- data
Size 228 kB (227769 bytes)
Hash c25b56612bfcb856e442fcb4fa58d958
10caff4d659c98702bd44b334e124402ef9649b4
53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c
GET /images/shared/linkedin-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 227769
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
etag: "63c5a2df-379b9"
expires: Fri, 26 Jan 2024 23:40:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 458027
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hBkiF0W0UemSi12XLnVDdumGFt84zbPqt3jIVWuXAAHInshf6d7mixfhvPFJGwvBuVs8GEMj3ahPIp%2BIpDRKip8HOcIJJ0Vnn9CoEbXwq0X8yGoEctgBfPQDRhicw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe130b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.163:0
Hash 22fabb4a4f2bb38434477b59b8f7aa38
5d68315c0fd7dc157b9a53e5e39cc1014bcde477
8c244d66f3d0ce61579c8625a3df8e498137a096371c53dc843b374143142898
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.163:0
Hash 22fabb4a4f2bb38434477b59b8f7aa38
5d68315c0fd7dc157b9a53e5e39cc1014bcde477
8c244d66f3d0ce61579c8625a3df8e498137a096371c53dc843b374143142898
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cuty.io/images/public/perfectMoney.png
172.67.181.253200 OK 202 kB URL HTTP/2 cdn.cuty.io/images/public/perfectMoney.png
IP 172.67.181.253:0
File type PNG image data, 5000 x 1023, 8-bit/color RGBA, non-interlaced\012- data
Size 202 kB (202386 bytes)
Hash 4d75a89e0baae4c6032c0fa68053830f
c9a28f03bf0e3fbbb2807db76921973872d8b390
0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf
GET /images/public/perfectMoney.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 202386
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-31692"
expires: Fri, 05 Jan 2024 18:13:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2841022
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1xWDgMV1MoJg754nPL1cpIzpBTRbFNUeOIJLLE1ZIxK84KuAchYzaN%2Ftak%2BxhnmJzWTmxXtTIHX2GtKEV8xJhE92ULk0y0itJUiRelZwXa5YI0BZn3uAEWKT53iyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe230b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/airtm.png
172.67.181.253200 OK 1.6 kB URL HTTP/2 cdn.cuty.io/images/public/airtm.png
IP 172.67.181.253:0
File type PNG image data, 173 x 90, 8-bit colormap, non-interlaced\012- data
Hash 7b0b20bc9885600d544beb5507f52790
ff99e3b5e4430ffb2b932a656e618e18f0446ab4
1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224
GET /images/public/airtm.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/png
content-length: 1558
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-616"
expires: Fri, 12 Jan 2024 18:18:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1814575
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hQnjTPeLt%2FJLifzMUA2znnTF8QVRBDiK%2FAEtDnsci%2BRVe322lDsE3YJrCeTwB20J%2BHsn6mr4%2BCPHA7Znxpao9s4OocDtzrbWXFfz2oATBEZIWP7%2FE9VIA6K%2Be9XZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba8af240b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/advcash.png
172.67.181.253200 OK 5.2 kB URL HTTP/2 cdn.cuty.io/images/public/advcash.png
IP 172.67.181.253:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d9122c103141e49c1438e1ddb2a53ae5
e52ec053fc378f00b0801bdad231bcf7ae328c4a
9bdb61517912bacfb8d34df7371cf1af713c93a9094b5b27c7e45752b0999b87
GET /images/public/advcash.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/webp
content-length: 5176
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8141
content-disposition: inline; filename="advcash.webp"
vary: Accept
etag: "63b16742-1fcd"
expires: Mon, 01 Jan 2024 10:59:14 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3317418
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr6xRIXs7OBfZYWY2I011lOR%2B8RKWS%2FwiTEk2gfXzqYrA1pfqoNFHuJPS%2FijDXRQXnXTnUepbKjkNolarwJVlChXy9EGe9dondR4GDMqrazPdJJktnW1KMgBqWQ1Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba8af200b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
216.58.207.200200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
IP 216.58.207.200:0
File type ASCII text, with very long lines (21849)
Hash 376a3dfc57011aab1de5f66c578ace40
b3ad419ab718a584dbb074187df7518d55758217
eea4046dc2bda0701b961137a948586235ae77edec6612d38f13714bd317be2e
GET /gtag/js?id=G-GGDCMPL4QP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 20:49:38 GMT
expires: Wed, 08 Feb 2023 20:49:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/locale-en.png
172.67.181.253200 OK 12 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-en.png
IP 172.67.181.253:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d1b5bc04aa5077c8a9869038892ac2f6
afbdc646898379e1128e9f3bc0fc309519ac1eb7
7abc5fbdfccc6e7fc7799d95f11b2f598b13a49fc65f84ca4ef31aac340b76c4
GET /images/shared/locale-en.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/webp
content-length: 11930
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=24647
content-disposition: inline; filename="locale-en.webp"
vary: Accept
etag: "63b16742-6047"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3317418
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCK4c2KC4mYGCU%2FgJO2wkXdBuSqH4E50GSweD3xvuQE%2FUbmhpt2MtlccG9NBDucxLgzuBJBvb2xH6ErzRHnCB4gwlxiJhdbFC43v3Vl67crDvvSS%2FAeeSLg544QAkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba8af2a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.163:0
Hash 22fabb4a4f2bb38434477b59b8f7aa38
5d68315c0fd7dc157b9a53e5e39cc1014bcde477
8c244d66f3d0ce61579c8625a3df8e498137a096371c53dc843b374143142898
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e05974bb12442627b36d48dc11953f79
d8aefe1679d09b0bc03c7bf32fadb2c325238ab4
3d3e1604da88737861895517fb8b1dc8d8a917e1e2e380acc85f71c65ffc5ab6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6368
Cache-Control: max-age=168331
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Etag: "63e3e08d-118"
Expires: Fri, 10 Feb 2023 19:35:09 GMT
Last-Modified: Wed, 08 Feb 2023 17:49:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0ae284c7a93dd87b71dd28a62336bef
4f71596658c750eda35e60a914d5980ea98348a3
c0bdbf7ac840779cbd0678f25eb3b1f5f8570e137fac47c3cc44d5b57b19daa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6220
Cache-Control: max-age=115959
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Etag: "63e3148d-117"
Expires: Fri, 10 Feb 2023 05:02:17 GMT
Last-Modified: Wed, 08 Feb 2023 03:18:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 20:14:52 GMT
age: 2086
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/burger.svg
172.67.181.253200 OK 628 B URL HTTP/2 cdn.cuty.io/images/shared/burger.svg
IP 172.67.181.253:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 8fb91decc40e68266aea0309e74ed4b5
b914cf0d4380153dfbe8e230e9615b26e49df2e0
31c96524c1f36e298cc9a2fb174cfdb7ffa4d32125baff8a4aeacfb556f5ad7d
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/burger.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-cf"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3317424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxss1v0RlrhQOMlPM6WPlZDAMGAW0K%2BWGSwhx0AhHsPt0clElIowJyPrwq8uI40gGfyD5aXhrTqUh73Az9yKKqhefvjoAVaPXBCvrXHFJexDCiGkEnFYwZqMyvzKGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe0c0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
142.250.74.74200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
IP 142.250.74.74:0
Hash 765432ece19cf1fed11d5d9cbc4ec026
c694d7caa78239ba9e4352458b71346b9528123c
5c375c45a88875e05a0d095f3e28d5aac96fa29d66110a630f5b4f7e1b48b12f
GET /css2?family=Inter:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 20:49:38 GMT
date: Wed, 08 Feb 2023 20:49:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c0ae284c7a93dd87b71dd28a62336bef
4f71596658c750eda35e60a914d5980ea98348a3
c0bdbf7ac840779cbd0678f25eb3b1f5f8570e137fac47c3cc44d5b57b19daa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5640
Cache-Control: max-age=115379
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Etag: "63e3148d-117"
Expires: Fri, 10 Feb 2023 04:52:37 GMT
Last-Modified: Wed, 08 Feb 2023 03:18:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
nannieslamaic.com/1clkn/60028
23.109.87.212200 OK 26 B URL HTTP/1.1 nannieslamaic.com/1clkn/60028
IP 23.109.87.212:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/60028 HTTP/1.1
Host: nannieslamaic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 20:49:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Thu, 09-Feb-2023 20:49:38 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Thu, 09-Feb-2023 20:49:38 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
live.demand.supply/up.js
104.16.134.22200 OK 2.6 kB IP 104.16.134.22:0
File type ASCII text, with very long lines (3472)
Hash 90c4bcdbaa95b19251559ebc78f4f4d1
65dc591bc58d3212ccd7f612fd0af9110ea385dc
8792bf6df0739f8f18851857c2eb4bb49cc5b2d7ae14c215253a5d7484c4f756
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 79673ba92858b518-OSL
age: 1192
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
set-cookie: demandSupplyTi=ee42c6da-142e-458e-bcd2-c5649cc2c61f; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=Rlkr6GTMtQOsLdXHboQAd3aRhSkuWj0Z8l9KWKVIdDQ-1675889378-0-AUgg4ews6hBTLAa/s10GBjwKMICUPcVlbqLtOCaGLuEARHhnTVHCCnD/fEB9Dm7GBVxNGPmY/nguEl4xybpXXSk=; path=/; expires=Wed, 08-Feb-23 21:19:38 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
172.67.181.253200 OK 10 kB URL HTTP/2 cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
IP 172.67.181.253:0
File type ASCII text, with very long lines (52522), with no line terminators
Hash eceabe3561168cd0fc2aabb9ea95835c
4c2b822651015d7354cb8b0e8f17291d071a6caa
c36cb7abfc71ff0788154e56877b4175426eaf85542d01f5e3a2baa809fc08e4
GET /css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=52548
etag: W/"63ac510a-cd44"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Wed, 28 Dec 2022 14:22:02 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 3317424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzK8Y7GfcFyF4UuyFuGfjZ55OZ%2F93zpRUttw8%2Fr0bN97ka4eQsirO1K0lvh0Jb%2FHqsH3aWYRxgFResKr0JeXjtGkjUJiAGRv2Tzqw7UOS90j%2FUPErcOjlf9Gpq1g%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba928190b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2185
Expires: Wed, 08 Feb 2023 21:26:03 GMT
Date: Wed, 08 Feb 2023 20:49:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e05974bb12442627b36d48dc11953f79
d8aefe1679d09b0bc03c7bf32fadb2c325238ab4
3d3e1604da88737861895517fb8b1dc8d8a917e1e2e380acc85f71c65ffc5ab6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6368
Cache-Control: max-age=168331
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Etag: "63e3e08d-118"
Expires: Fri, 10 Feb 2023 19:35:09 GMT
Last-Modified: Wed, 08 Feb 2023 17:49:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.67200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutty.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 09:38:52 GMT
expires: Sat, 03 Feb 2024 09:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
age: 472246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e852842ecf55909c6f0b3c480d0b97c8
272ceabaeb129a0d2f85d39bf86baad670fbd82e
0ddcc00969c82bcfca9f1d7a79de509a0782876f77d8abbef9576e159e41eae7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 486
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Last-Modified: Wed, 08 Feb 2023 20:41:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
35.167.56.184101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.56.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jubnFQOoBbaj6KbUlBuw3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X6B8J7IbjpskGddABKdhL/N9ru4=
youradexchange.com/ut/hb.php?cb=0.39677172332759425
172.64.169.35204 No Content 0 B URL HTTP/2 youradexchange.com/ut/hb.php?cb=0.39677172332759425
IP 172.64.169.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.39677172332759425 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 945
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 08 Feb 2023 20:49:39 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr2FkJl3KTEkJ%2FOT7TKodsU5vW3r3ktOkE2%2FMBxgmO2oeyp0DLx6ib1KnpBkYj6S6veYhSEhm%2BMoYw4Nx6%2BQvVHrjOYGGHbHrwBmMZ0jZl14dF7MxYUyofL7mwnZKBJ8a9XlYyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673babbe517200-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e852842ecf55909c6f0b3c480d0b97c8
272ceabaeb129a0d2f85d39bf86baad670fbd82e
0ddcc00969c82bcfca9f1d7a79de509a0782876f77d8abbef9576e159e41eae7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 486
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Last-Modified: Wed, 08 Feb 2023 20:41:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 637 B IP 142.250.74.163:0
Hash 96ab8debafdf6b6c5d552b3b4fc5ec12
5e8b996c1b95d9e5c03746582319aa9596dfeef4
2045d2008c8ab38b7a8c5c1223a245f14964e21ecc951772c102b71bae89d15f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
youradexchange.com/script/suurl4.php?r=5890046&cbur=0.7862055561714885&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&cbpage=https%3A%2F%2Fcutty.app%2Fplease&cbref=&cbdescription=&cbkeywords=cuty%2C%20url%20shortener%2C%20shorten%20urls%2C%20best%20url%20shortener%2C%20shorten%20links%20and%20earn%20money%2C%20url%20shortener%20online%2C%20earn%20money%2C%20earn%20money%20online&cbcdn=asacdn.com&aggr=0
172.64.169.35200 OK 2.2 kB URL HTTP/2 youradexchange.com/script/suurl4.php?r=5890046&cbur=0.7862055561714885&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&cbpage=https%3A%2F%2Fcutty.app%2Fplease&cbref=&cbdescription=&cbkeywords=cuty%2C%20url%20shortener%2C%20shorten%20urls%2C%20best%20url%20shortener%2C%20shorten%20links%20and%20earn%20money%2C%20url%20shortener%20online%2C%20earn%20money%2C%20earn%20money%20online&cbcdn=asacdn.com&aggr=0
IP 172.64.169.35:0
File type JSON data\012- , ASCII text, with very long lines (945)
Hash 575fdc06125f340cb9c12d60429e42fe
8941ba6c44c964553728c3bb90fb10b56ec86226
27644fb969c91d6745540294418423d0e8d531e345d6daa9894d49324e1f424d
GET /script/suurl4.php?r=5890046&cbur=0.7862055561714885&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&cbpage=https%3A%2F%2Fcutty.app%2Fplease&cbref=&cbdescription=&cbkeywords=cuty%2C%20url%20shortener%2C%20shorten%20urls%2C%20best%20url%20shortener%2C%20shorten%20links%20and%20earn%20money%2C%20url%20shortener%20online%2C%20earn%20money%2C%20earn%20money%20online&cbcdn=asacdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:39 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KsiwUT6h%2BwOjZCu1rvhtQ2jAGiz7QP6HYye4nH3XoYjqb%2FIGSFnHftyuipEc096MOQcteez8gGfaIhc04UMFZk57bTDhmudLabnK60xKPdS49lTAV%2BGTVRc8kPbjP%2BAt6%2Fkc98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673bab4f627731-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 08:53:11 GMT
expires: Wed, 07 Feb 2024 08:53:11 GMT
cache-control: public, max-age=31536000
age: 129388
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39284)
Hash 9e51256c88c2c3848355a93ad8766fc9
a0c994682514e44506eb86e848a8a2cce6b1a8ee
66b415263188dcf6ccc5857da49f4b20d403a18ecf0a47bffb5034f3eb4ed454
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27245
date: Wed, 08 Feb 2023 20:49:39 GMT
expires: Wed, 08 Feb 2023 20:49:39 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1477 / 127 of 1000 / last-modified: 1675858061"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 08 Feb 2023 20:49:39 GMT
expires: Wed, 08 Feb 2023 20:49:39 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17943013309332425614
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49814
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 679 B IP 142.250.74.163:0
Hash dd2c526854dad2fca02db4aab0b798d4
f5a2868a7a84d064a55e44e1911160ff6c7ddcc4
88ec2a0f3a96a9e0d8aa76e1729cf12fe4bde34af0add63e80f1fdfa191296ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=cutty.app
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=cutty.app
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cutty.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 08 Feb 2023 20:49:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=cutty.app
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=cutty.app
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cutty.app HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 08 Feb 2023 20:49:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.9 kB URL HTTP/2 4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type JSON data\012- , ASCII text, with very long lines (303), with no line terminators
Hash aeb047f158eebe714d724b83dffee307
713b6891b34f962d2f94af281d5666375530a909
dc81b6b7fd971170601eaed0776229b291c1e6c26507b28f77fbba3653a38d80
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Wed, 08 Feb 2023 20:49:40 GMT
expires: Thu, 08 Feb 2024 20:49:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020601&st=env
142.250.74.162200 OK 12 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020601&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (303), with no line terminators
Hash 4d6463f92a1e252d7a719e4933c6bbd8
d6a42a76f2caf47155886aa2fc10acb6aa45c47d
2eed948911659a35955eb5c3808b9d70165343867e04a7f19065b702cf674b15
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023020601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 08 Feb 2023 20:49:40 GMT
server: cafe
content-length: 11349
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a9c5a278f07b138c1503ea3f0ec3797e
d36fe8427bd7ba735b06e69469ef715d1600da4e
978b6a189d73e308e1d79ac9241b2e1d07c43bc9ec65e2f4112ed74f143e342b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP>m=45je3260&_p=1367014445&cid=1992273392.1675889436&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675889435&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2Fplease&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP>m=45je3260&_p=1367014445&cid=1992273392.1675889436&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675889435&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2Fplease&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GGDCMPL4QP>m=45je3260&_p=1367014445&cid=1992273392.1675889436&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675889435&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2Fplease&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cutty.app
date: Wed, 08 Feb 2023 20:49:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0da7b12665100e987815d709a369fa49
cea7e3be738a7c648c1f80febde8a27d5739b267
836778ca555c1ed182ee9fbe2dc1bc672f8d004efec182e612cb4dca85bcbd49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1037
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:40 GMT
Last-Modified: Wed, 08 Feb 2023 20:32:23 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3399)
Hash dbcd0a2009e6e925de08b2bf0d1f717f
dc19e146ccae5a1f528f60a1200d4807f4ab1cf0
18b1bbb8e7f785ec5991e7d1b93428e7a2372af40ef4483afe4e71210d5fb950
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48932
date: Wed, 08 Feb 2023 20:49:40 GMT
expires: Wed, 08 Feb 2023 20:49:40 GMT
cache-control: private, max-age=3000
etag: "1675690092087710"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&turl=https://cutty.app/please&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&turl=https://cutty.app/please&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 16772257790926e955e01853300e5e17
e1a57bd8bf82c3b46eec745d537dfeb0b806b421
0277ffe0b54f07419f295a78d8cfbafc4b97f847e288b8247387f50d3a9314ea
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&turl=https://cutty.app/please&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 10:56:08 GMT
Accept-Ranges: bytes
ETag: W/"0d433c8e23ad91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3337
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&turl=https://cutty.app/please&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&turl=https://cutty.app/please&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&turl=https://cutty.app/please&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11425
Expires: Thu, 09 Feb 2023 00:00:05 GMT
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:47:57 GMT
age: 54103
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qYXu_I4vL00EOopA1nQcxCTMKf4nObKFk9XQozhw6FezKsfTDem3Mw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:35 GMT
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
age: 81785
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iIQAy6CQSvnvQ79UJ6ifJbs-0kEqUYe8OyCqPb2HSKxoDoLykOyaLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:28 GMT
age: 82632
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pNBF_lBtNmvVWQAnBxCp0e03pdV_rbGOf9V1UvqeRO2vcZR3_lSE2w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:55:21 GMT
age: 82459
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qfHMhMAdnYcOa0Xm23enTGXj4CQC-QFHV50Pq6QQdvM5YcIgUZVPRQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:36 GMT
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
age: 82504
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src_internal117.js
95.101.11.115200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal117.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash cf93b15de9d1c76c1bc6fdaee5382496
26e52f0a242bff375cc54d8d33a1a416d89e2813
c290ae68279e0685c13650d1534a0cd86997420399bb67288046e61b13defb53
GET /dvbs_src_internal117.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Accept-Ranges: bytes
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 18840
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbe359ce6fb136add75c8f3d3cc06330
e6584afcf39b6fad21eccbcce95c6645b8e1b3b8
29478bf1b8168dc457bb7d298448a78e1040bd3aa80cbf11cfa37475568590d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: d1ddb47f-3472-4015-8d55-72f435671f03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSPHiroAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070da-114975440d70915472cdba2f;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0w6JgtsKSRHLPJ3LyY6YUI8N7PS-gVlLuivQUq9jdyeYYm3STiJJIQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:34:33 GMT
age: 58507
etag: "e6584afcf39b6fad21eccbcce95c6645b8e1b3b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 96712aeae562ade92e53a7f44af41877
bb012ee0f08d602747f47da8ba9028dfd6358129
ea2efb35d357a6f317f71355a394a3fcf962686faba6a42410878df7ceb01fcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA2EFB35D357A6F317F71355A394A3FCF962686FABA6A42410878DF7CEB01FCB"
Last-Modified: Tue, 07 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4246
Expires: Wed, 08 Feb 2023 22:00:26 GMT
Date: Wed, 08 Feb 2023 20:49:40 GMT
Connection: keep-alive
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.83204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cutty.app
access-control-allow-credentials: true
date: Wed, 08 Feb 2023 20:49:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6DsmlpuIok97McBxPHxMGn5DTULM6n-DqP1pDFTTbuWKa44ucUBcXlAQJL4YSn1oxvQFnzJBOrXxfbVDgoIVd-NWZvgMMZRCBdkaPnaz4eM3Y1QVvDXl7phqth5CkGz7W7GXcKxcilaRfU7lzVzi1vYDmIuWlGUZbp_KWfVUhum2LfqySse6yWkPRhuQQmT_RIou5FlilAx1ycu83tvRR3aNuf-SmzgnCpweqknV5djM5DsuiRQZa2AK6lOmN7EvJ7LWcDh8vjGR-cUZqCckr1JPlFeL1iqp9aTj5przPOHMF0zAt7ZgEE_XxzCyv2oivGYy8xxvau7OLNtF8FoqQM_qcSj08qKsN8CFp_mlWpTVrELxl9C7CBaQFX7DTTZqqIkaAZZ6FLKnbraFHsOW-RTLNDO1xHFUD1BxVPDagnFM63nYTdPWUMiuR-fYoMgSztF5_f6hNNNvc-VfSvJf1ISFmA9ulTNNJtGFxqk1xFquwNlfKCbR0AXOvOrkkkA9czMrYE7x-UK-AOWkJ5uxs9TJh1D047iaH9ci0Ex8PC5YyE67k24hbncRqjAM0MB1lgLBsBnbEzYg9BcKw6KBIN5s_VuvHz41psHrquMvFKs9nG0rUTjJN08eS3u1Ku3iBiTaQe3C3Qdr2AfcLAroOpMr7qIDvHJhXDU21rU0dU48Kqkz0IPphfAbaOX-S6lzGRA4EGsiHaTZiSK8WrD1EQiW__K8xVmGfWiPZwk_M84tUShHh_4zQLZuSkjuwdpENZVEBucOt4HnGz516k1iSvOfkn3ucty_WRrE1OBX2tTAYIkyMYCE_5icXfP4mPztA9ZdYec8yJRgPW6EyETu36ALREBshnd41E11ZnR85UN5nqyJbQSlXMvxNQ2AsFeBDrRTzqxJQAK7YuLN9GhwKnTj4TYGdpKYZPcsjVg1KUxH4xnw1lIv_brHtD1TbunmuGljpEinAOOuHFDPp5et3zeRjGJNzpngF_ZPKrgRnClTtEHuIAjjasainLlwk2jGZxt_L8DV1HV9qCrlravCMlX0rayYiyXoQa1RVzUPZxdz7dzkRj36Mcxq02s67dUtxg1gAFmr-15etqvZnRp_eBJ6xX2HKb4FVY35AqemHxw&sai=AMfl-YRaWmjuoc1FVz4P9rWBh_wPmgufs5TkPrHjRsNIGM79dqp7BIYmaSHGU56JS27M8vgcWsopkrQnVHMY5t_dcErvdGp8-av2fSltGA4jHlttFtPWExFovhNcN-f9f9bes-dhDf1tmXDlxlIDIyXGreRIGosTB7YL3cg-VcOPVQcUuFi24nJ2VHzOoojiXGBXV5Manc5D1F27TaCulGbzw-GB25HkHWAKai-Mws_6aO04jOfTN66x5c-AOApVzqpn5dHji-b4nMPB5YnoRUUXZFGnFDdXsrtCnb-nx7mNlg&sig=Cg0ArKJSzHqXwEN7WHhOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230207.83949&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6DsmlpuIok97McBxPHxMGn5DTULM6n-DqP1pDFTTbuWKa44ucUBcXlAQJL4YSn1oxvQFnzJBOrXxfbVDgoIVd-NWZvgMMZRCBdkaPnaz4eM3Y1QVvDXl7phqth5CkGz7W7GXcKxcilaRfU7lzVzi1vYDmIuWlGUZbp_KWfVUhum2LfqySse6yWkPRhuQQmT_RIou5FlilAx1ycu83tvRR3aNuf-SmzgnCpweqknV5djM5DsuiRQZa2AK6lOmN7EvJ7LWcDh8vjGR-cUZqCckr1JPlFeL1iqp9aTj5przPOHMF0zAt7ZgEE_XxzCyv2oivGYy8xxvau7OLNtF8FoqQM_qcSj08qKsN8CFp_mlWpTVrELxl9C7CBaQFX7DTTZqqIkaAZZ6FLKnbraFHsOW-RTLNDO1xHFUD1BxVPDagnFM63nYTdPWUMiuR-fYoMgSztF5_f6hNNNvc-VfSvJf1ISFmA9ulTNNJtGFxqk1xFquwNlfKCbR0AXOvOrkkkA9czMrYE7x-UK-AOWkJ5uxs9TJh1D047iaH9ci0Ex8PC5YyE67k24hbncRqjAM0MB1lgLBsBnbEzYg9BcKw6KBIN5s_VuvHz41psHrquMvFKs9nG0rUTjJN08eS3u1Ku3iBiTaQe3C3Qdr2AfcLAroOpMr7qIDvHJhXDU21rU0dU48Kqkz0IPphfAbaOX-S6lzGRA4EGsiHaTZiSK8WrD1EQiW__K8xVmGfWiPZwk_M84tUShHh_4zQLZuSkjuwdpENZVEBucOt4HnGz516k1iSvOfkn3ucty_WRrE1OBX2tTAYIkyMYCE_5icXfP4mPztA9ZdYec8yJRgPW6EyETu36ALREBshnd41E11ZnR85UN5nqyJbQSlXMvxNQ2AsFeBDrRTzqxJQAK7YuLN9GhwKnTj4TYGdpKYZPcsjVg1KUxH4xnw1lIv_brHtD1TbunmuGljpEinAOOuHFDPp5et3zeRjGJNzpngF_ZPKrgRnClTtEHuIAjjasainLlwk2jGZxt_L8DV1HV9qCrlravCMlX0rayYiyXoQa1RVzUPZxdz7dzkRj36Mcxq02s67dUtxg1gAFmr-15etqvZnRp_eBJ6xX2HKb4FVY35AqemHxw&sai=AMfl-YRaWmjuoc1FVz4P9rWBh_wPmgufs5TkPrHjRsNIGM79dqp7BIYmaSHGU56JS27M8vgcWsopkrQnVHMY5t_dcErvdGp8-av2fSltGA4jHlttFtPWExFovhNcN-f9f9bes-dhDf1tmXDlxlIDIyXGreRIGosTB7YL3cg-VcOPVQcUuFi24nJ2VHzOoojiXGBXV5Manc5D1F27TaCulGbzw-GB25HkHWAKai-Mws_6aO04jOfTN66x5c-AOApVzqpn5dHji-b4nMPB5YnoRUUXZFGnFDdXsrtCnb-nx7mNlg&sig=Cg0ArKJSzHqXwEN7WHhOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230207.83949&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjss6DsmlpuIok97McBxPHxMGn5DTULM6n-DqP1pDFTTbuWKa44ucUBcXlAQJL4YSn1oxvQFnzJBOrXxfbVDgoIVd-NWZvgMMZRCBdkaPnaz4eM3Y1QVvDXl7phqth5CkGz7W7GXcKxcilaRfU7lzVzi1vYDmIuWlGUZbp_KWfVUhum2LfqySse6yWkPRhuQQmT_RIou5FlilAx1ycu83tvRR3aNuf-SmzgnCpweqknV5djM5DsuiRQZa2AK6lOmN7EvJ7LWcDh8vjGR-cUZqCckr1JPlFeL1iqp9aTj5przPOHMF0zAt7ZgEE_XxzCyv2oivGYy8xxvau7OLNtF8FoqQM_qcSj08qKsN8CFp_mlWpTVrELxl9C7CBaQFX7DTTZqqIkaAZZ6FLKnbraFHsOW-RTLNDO1xHFUD1BxVPDagnFM63nYTdPWUMiuR-fYoMgSztF5_f6hNNNvc-VfSvJf1ISFmA9ulTNNJtGFxqk1xFquwNlfKCbR0AXOvOrkkkA9czMrYE7x-UK-AOWkJ5uxs9TJh1D047iaH9ci0Ex8PC5YyE67k24hbncRqjAM0MB1lgLBsBnbEzYg9BcKw6KBIN5s_VuvHz41psHrquMvFKs9nG0rUTjJN08eS3u1Ku3iBiTaQe3C3Qdr2AfcLAroOpMr7qIDvHJhXDU21rU0dU48Kqkz0IPphfAbaOX-S6lzGRA4EGsiHaTZiSK8WrD1EQiW__K8xVmGfWiPZwk_M84tUShHh_4zQLZuSkjuwdpENZVEBucOt4HnGz516k1iSvOfkn3ucty_WRrE1OBX2tTAYIkyMYCE_5icXfP4mPztA9ZdYec8yJRgPW6EyETu36ALREBshnd41E11ZnR85UN5nqyJbQSlXMvxNQ2AsFeBDrRTzqxJQAK7YuLN9GhwKnTj4TYGdpKYZPcsjVg1KUxH4xnw1lIv_brHtD1TbunmuGljpEinAOOuHFDPp5et3zeRjGJNzpngF_ZPKrgRnClTtEHuIAjjasainLlwk2jGZxt_L8DV1HV9qCrlravCMlX0rayYiyXoQa1RVzUPZxdz7dzkRj36Mcxq02s67dUtxg1gAFmr-15etqvZnRp_eBJ6xX2HKb4FVY35AqemHxw&sai=AMfl-YRaWmjuoc1FVz4P9rWBh_wPmgufs5TkPrHjRsNIGM79dqp7BIYmaSHGU56JS27M8vgcWsopkrQnVHMY5t_dcErvdGp8-av2fSltGA4jHlttFtPWExFovhNcN-f9f9bes-dhDf1tmXDlxlIDIyXGreRIGosTB7YL3cg-VcOPVQcUuFi24nJ2VHzOoojiXGBXV5Manc5D1F27TaCulGbzw-GB25HkHWAKai-Mws_6aO04jOfTN66x5c-AOApVzqpn5dHji-b4nMPB5YnoRUUXZFGnFDdXsrtCnb-nx7mNlg&sig=Cg0ArKJSzHqXwEN7WHhOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230207.83949&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 20:49:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 21:04:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 20:49:40 GMT
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/15972483366240880479
172.217.21.166200 OK 69 kB URL HTTP/2 s0.2mdn.net/simgad/15972483366240880479
IP 172.217.21.166:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.5 (Macintosh), datetime=2022:10:03 14:51:55], baseline, precision 8, 728x90, components 3\012- data
Hash 32ada8f88682b525b6d452e5bd150869
25cea796ff40cc1162a1e7a6364d146c22b374ab
9219b5ee0b68824e5810914aae2fe62458d16f4d87bf93aad23f3d2e23378696
GET /simgad/15972483366240880479 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 68976
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:44:34 GMT
expires: Fri, 02 Feb 2024 18:44:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Jan 2023 12:22:32 GMT
content-type: image/jpeg
age: 525907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash f30ebb7855430e77d7f7e78185824905
f833d3fbb268c2d0b289b8af527a13ea6ab3535d
ecf61ddf953eab9c7889a0b5e697364bed9f8fee9f7be3c3d13258542c858354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:49:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5ZWsGkXvVvF61B_6AJf4lVAwxLAYmJThjJfDZblqyh0otslRhb5oEZ1ZW7dCdguL-Egn4XcaBS9G0AB5hRJ8qcgcAMvDMIG3mjjjRZo1yCAzyS5WqNzcqaWb-xzvSG4bxaay-hRVzoJxnp-bcWK9tQeTtaBrhHadtio5jwUz7FeWLt_TwIKnNE0yy4JwjmJ7Iwv5Dm3iBHJrTr7oK1QXQIxz_tEeqyzMLMuEjiEmJVn4nnpUoPv0zThg2e3gADqMGt-fCDZN4L6vE2WIno6j9QmKA9ghu8w5njCa2EPKFKOoOwK46m09vNoM66fxG_n3sqx4loBsOpzn4X9-fugIEvIO2TpvQDPWUpz7k1KlnF4snGdzY-6a7d5iWCC5eQ_zty7BJ5GNd2zN7Nqpg4lB54ud4j9E6uKmhLWemIgb_fIDhvxFOF6ZNbnis5PQuK6iOmueyf1x1kK5xAKq75ljAJDTcuKlwXG6SMAFa7rEcqm89zT2WYfDeWuH36f7yqqvkp0UIL-7A7JhfwTrAp569BxS2lDtqJqdkcDdeSXxiOUcsRX3zgLISAklCWYvIM2zKVzN90KgfNVupWwtGJNQjGw-RRnzJZeAQEHSGksq398viEVHdU-05DQ4v1aarR2NZk8ln1yEVBFcaujfhoZ865narT1zJwZ_b9DRFNbvKPCCh04VDWTIeL4dCk4SEZsanaceIIzna3Arp_1uROeBYVHzDGiHcdK7CMLHmKbVDGjWC7cO169z_mC18qZgIxImOtQrVri3kYaHOLkl5p1uZSwNWxKOWtsFKy3nfi2mPWm8GTKg8X398WtqRUTogGA6HwhYVUV_YaiT_J_cIu_qxkO07hAFjYs9NFx1hNel8Z8NXeN7XdYOGiBN5pN7CsZ0eEEpktolFK_J5VUOsN0r0hinS5O4_lyAwEUBKWU8MMjSoq0yUk0ajeXE7Yr0k2WO8XREWjPXa6AHVw5ubDEcqGms4505YNyAm2OlcKbUvyE62TTBP15ElgstE7RUaj5Mj-FFzlC4HSv5V4Gm4XA9yBmOrA0XWzab-CeawaGSjeh3JHYXFAvgQFgXV5PPw6Ct3i-fL6FXwx-cbItuBT6V5sZiEdwVqHoNElG1Z3CdAJA&sai=AMfl-YQHh5lf_w1p4xh_z6VpsMf7NFMWk1aL7PaAC2181-MXE7FlltpzZt7WYwS0C2BQY37DwSss1XM-vepOUXcOAh5Xm-ySyLkwosKTocKolsQosd9md9UKF_NDKXGgJEMdfidxDikIAw0CxxlsYHUSPJdRlYb7W_aMzjGdB7ps87N_UbVLlVLPAREtXBIJaZQXC-3TohhoBG1fwhYzBeGcgV22qpp24KANFcMWB5qSmCGuH8ZV6pjHBKWg7VANKlzffQ9ZfBzrK9vqoaVOxxu-WGpAiQqRbQgyVzuvPQqcRA&sig=Cg0ArKJSzDsRK-JEejEiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20230207.79332&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5ZWsGkXvVvF61B_6AJf4lVAwxLAYmJThjJfDZblqyh0otslRhb5oEZ1ZW7dCdguL-Egn4XcaBS9G0AB5hRJ8qcgcAMvDMIG3mjjjRZo1yCAzyS5WqNzcqaWb-xzvSG4bxaay-hRVzoJxnp-bcWK9tQeTtaBrhHadtio5jwUz7FeWLt_TwIKnNE0yy4JwjmJ7Iwv5Dm3iBHJrTr7oK1QXQIxz_tEeqyzMLMuEjiEmJVn4nnpUoPv0zThg2e3gADqMGt-fCDZN4L6vE2WIno6j9QmKA9ghu8w5njCa2EPKFKOoOwK46m09vNoM66fxG_n3sqx4loBsOpzn4X9-fugIEvIO2TpvQDPWUpz7k1KlnF4snGdzY-6a7d5iWCC5eQ_zty7BJ5GNd2zN7Nqpg4lB54ud4j9E6uKmhLWemIgb_fIDhvxFOF6ZNbnis5PQuK6iOmueyf1x1kK5xAKq75ljAJDTcuKlwXG6SMAFa7rEcqm89zT2WYfDeWuH36f7yqqvkp0UIL-7A7JhfwTrAp569BxS2lDtqJqdkcDdeSXxiOUcsRX3zgLISAklCWYvIM2zKVzN90KgfNVupWwtGJNQjGw-RRnzJZeAQEHSGksq398viEVHdU-05DQ4v1aarR2NZk8ln1yEVBFcaujfhoZ865narT1zJwZ_b9DRFNbvKPCCh04VDWTIeL4dCk4SEZsanaceIIzna3Arp_1uROeBYVHzDGiHcdK7CMLHmKbVDGjWC7cO169z_mC18qZgIxImOtQrVri3kYaHOLkl5p1uZSwNWxKOWtsFKy3nfi2mPWm8GTKg8X398WtqRUTogGA6HwhYVUV_YaiT_J_cIu_qxkO07hAFjYs9NFx1hNel8Z8NXeN7XdYOGiBN5pN7CsZ0eEEpktolFK_J5VUOsN0r0hinS5O4_lyAwEUBKWU8MMjSoq0yUk0ajeXE7Yr0k2WO8XREWjPXa6AHVw5ubDEcqGms4505YNyAm2OlcKbUvyE62TTBP15ElgstE7RUaj5Mj-FFzlC4HSv5V4Gm4XA9yBmOrA0XWzab-CeawaGSjeh3JHYXFAvgQFgXV5PPw6Ct3i-fL6FXwx-cbItuBT6V5sZiEdwVqHoNElG1Z3CdAJA&sai=AMfl-YQHh5lf_w1p4xh_z6VpsMf7NFMWk1aL7PaAC2181-MXE7FlltpzZt7WYwS0C2BQY37DwSss1XM-vepOUXcOAh5Xm-ySyLkwosKTocKolsQosd9md9UKF_NDKXGgJEMdfidxDikIAw0CxxlsYHUSPJdRlYb7W_aMzjGdB7ps87N_UbVLlVLPAREtXBIJaZQXC-3TohhoBG1fwhYzBeGcgV22qpp24KANFcMWB5qSmCGuH8ZV6pjHBKWg7VANKlzffQ9ZfBzrK9vqoaVOxxu-WGpAiQqRbQgyVzuvPQqcRA&sig=Cg0ArKJSzDsRK-JEejEiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20230207.79332&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsu5ZWsGkXvVvF61B_6AJf4lVAwxLAYmJThjJfDZblqyh0otslRhb5oEZ1ZW7dCdguL-Egn4XcaBS9G0AB5hRJ8qcgcAMvDMIG3mjjjRZo1yCAzyS5WqNzcqaWb-xzvSG4bxaay-hRVzoJxnp-bcWK9tQeTtaBrhHadtio5jwUz7FeWLt_TwIKnNE0yy4JwjmJ7Iwv5Dm3iBHJrTr7oK1QXQIxz_tEeqyzMLMuEjiEmJVn4nnpUoPv0zThg2e3gADqMGt-fCDZN4L6vE2WIno6j9QmKA9ghu8w5njCa2EPKFKOoOwK46m09vNoM66fxG_n3sqx4loBsOpzn4X9-fugIEvIO2TpvQDPWUpz7k1KlnF4snGdzY-6a7d5iWCC5eQ_zty7BJ5GNd2zN7Nqpg4lB54ud4j9E6uKmhLWemIgb_fIDhvxFOF6ZNbnis5PQuK6iOmueyf1x1kK5xAKq75ljAJDTcuKlwXG6SMAFa7rEcqm89zT2WYfDeWuH36f7yqqvkp0UIL-7A7JhfwTrAp569BxS2lDtqJqdkcDdeSXxiOUcsRX3zgLISAklCWYvIM2zKVzN90KgfNVupWwtGJNQjGw-RRnzJZeAQEHSGksq398viEVHdU-05DQ4v1aarR2NZk8ln1yEVBFcaujfhoZ865narT1zJwZ_b9DRFNbvKPCCh04VDWTIeL4dCk4SEZsanaceIIzna3Arp_1uROeBYVHzDGiHcdK7CMLHmKbVDGjWC7cO169z_mC18qZgIxImOtQrVri3kYaHOLkl5p1uZSwNWxKOWtsFKy3nfi2mPWm8GTKg8X398WtqRUTogGA6HwhYVUV_YaiT_J_cIu_qxkO07hAFjYs9NFx1hNel8Z8NXeN7XdYOGiBN5pN7CsZ0eEEpktolFK_J5VUOsN0r0hinS5O4_lyAwEUBKWU8MMjSoq0yUk0ajeXE7Yr0k2WO8XREWjPXa6AHVw5ubDEcqGms4505YNyAm2OlcKbUvyE62TTBP15ElgstE7RUaj5Mj-FFzlC4HSv5V4Gm4XA9yBmOrA0XWzab-CeawaGSjeh3JHYXFAvgQFgXV5PPw6Ct3i-fL6FXwx-cbItuBT6V5sZiEdwVqHoNElG1Z3CdAJA&sai=AMfl-YQHh5lf_w1p4xh_z6VpsMf7NFMWk1aL7PaAC2181-MXE7FlltpzZt7WYwS0C2BQY37DwSss1XM-vepOUXcOAh5Xm-ySyLkwosKTocKolsQosd9md9UKF_NDKXGgJEMdfidxDikIAw0CxxlsYHUSPJdRlYb7W_aMzjGdB7ps87N_UbVLlVLPAREtXBIJaZQXC-3TohhoBG1fwhYzBeGcgV22qpp24KANFcMWB5qSmCGuH8ZV6pjHBKWg7VANKlzffQ9ZfBzrK9vqoaVOxxu-WGpAiQqRbQgyVzuvPQqcRA&sig=Cg0ArKJSzDsRK-JEejEiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20230207.79332&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 20:49:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 21:04:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 20:49:41 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5ZWsGkXvVvF61B_6AJf4lVAwxLAYmJThjJfDZblqyh0otslRhb5oEZ1ZW7dCdguL-Egn4XcaBS9G0AB5hRJ8qcgcAMvDMIG3mjjjRZo1yCAzyS5WqNzcqaWb-xzvSG4bxaay-hRVzoJxnp-bcWK9tQeTtaBrhHadtio5jwUz7FeWLt_TwIKnNE0yy4JwjmJ7Iwv5Dm3iBHJrTr7oK1QXQIxz_tEeqyzMLMuEjiEmJVn4nnpUoPv0zThg2e3gADqMGt-fCDZN4L6vE2WIno6j9QmKA9ghu8w5njCa2EPKFKOoOwK46m09vNoM66fxG_n3sqx4loBsOpzn4X9-fugIEvIO2TpvQDPWUpz7k1KlnF4snGdzY-6a7d5iWCC5eQ_zty7BJ5GNd2zN7Nqpg4lB54ud4j9E6uKmhLWemIgb_fIDhvxFOF6ZNbnis5PQuK6iOmueyf1x1kK5xAKq75ljAJDTcuKlwXG6SMAFa7rEcqm89zT2WYfDeWuH36f7yqqvkp0UIL-7A7JhfwTrAp569BxS2lDtqJqdkcDdeSXxiOUcsRX3zgLISAklCWYvIM2zKVzN90KgfNVupWwtGJNQjGw-RRnzJZeAQEHSGksq398viEVHdU-05DQ4v1aarR2NZk8ln1yEVBFcaujfhoZ865narT1zJwZ_b9DRFNbvKPCCh04VDWTIeL4dCk4SEZsanaceIIzna3Arp_1uROeBYVHzDGiHcdK7CMLHmKbVDGjWC7cO169z_mC18qZgIxImOtQrVri3kYaHOLkl5p1uZSwNWxKOWtsFKy3nfi2mPWm8GTKg8X398WtqRUTogGA6HwhYVUV_YaiT_J_cIu_qxkO07hAFjYs9NFx1hNel8Z8NXeN7XdYOGiBN5pN7CsZ0eEEpktolFK_J5VUOsN0r0hinS5O4_lyAwEUBKWU8MMjSoq0yUk0ajeXE7Yr0k2WO8XREWjPXa6AHVw5ubDEcqGms4505YNyAm2OlcKbUvyE62TTBP15ElgstE7RUaj5Mj-FFzlC4HSv5V4Gm4XA9yBmOrA0XWzab-CeawaGSjeh3JHYXFAvgQFgXV5PPw6Ct3i-fL6FXwx-cbItuBT6V5sZiEdwVqHoNElG1Z3CdAJA&sai=AMfl-YQHh5lf_w1p4xh_z6VpsMf7NFMWk1aL7PaAC2181-MXE7FlltpzZt7WYwS0C2BQY37DwSss1XM-vepOUXcOAh5Xm-ySyLkwosKTocKolsQosd9md9UKF_NDKXGgJEMdfidxDikIAw0CxxlsYHUSPJdRlYb7W_aMzjGdB7ps87N_UbVLlVLPAREtXBIJaZQXC-3TohhoBG1fwhYzBeGcgV22qpp24KANFcMWB5qSmCGuH8ZV6pjHBKWg7VANKlzffQ9ZfBzrK9vqoaVOxxu-WGpAiQqRbQgyVzuvPQqcRA&sig=Cg0ArKJSzDsRK-JEejEiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&vt=11&dtpt=228&dett=2&cstd=0&cisv=r20230207.79332&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5ZWsGkXvVvF61B_6AJf4lVAwxLAYmJThjJfDZblqyh0otslRhb5oEZ1ZW7dCdguL-Egn4XcaBS9G0AB5hRJ8qcgcAMvDMIG3mjjjRZo1yCAzyS5WqNzcqaWb-xzvSG4bxaay-hRVzoJxnp-bcWK9tQeTtaBrhHadtio5jwUz7FeWLt_TwIKnNE0yy4JwjmJ7Iwv5Dm3iBHJrTr7oK1QXQIxz_tEeqyzMLMuEjiEmJVn4nnpUoPv0zThg2e3gADqMGt-fCDZN4L6vE2WIno6j9QmKA9ghu8w5njCa2EPKFKOoOwK46m09vNoM66fxG_n3sqx4loBsOpzn4X9-fugIEvIO2TpvQDPWUpz7k1KlnF4snGdzY-6a7d5iWCC5eQ_zty7BJ5GNd2zN7Nqpg4lB54ud4j9E6uKmhLWemIgb_fIDhvxFOF6ZNbnis5PQuK6iOmueyf1x1kK5xAKq75ljAJDTcuKlwXG6SMAFa7rEcqm89zT2WYfDeWuH36f7yqqvkp0UIL-7A7JhfwTrAp569BxS2lDtqJqdkcDdeSXxiOUcsRX3zgLISAklCWYvIM2zKVzN90KgfNVupWwtGJNQjGw-RRnzJZeAQEHSGksq398viEVHdU-05DQ4v1aarR2NZk8ln1yEVBFcaujfhoZ865narT1zJwZ_b9DRFNbvKPCCh04VDWTIeL4dCk4SEZsanaceIIzna3Arp_1uROeBYVHzDGiHcdK7CMLHmKbVDGjWC7cO169z_mC18qZgIxImOtQrVri3kYaHOLkl5p1uZSwNWxKOWtsFKy3nfi2mPWm8GTKg8X398WtqRUTogGA6HwhYVUV_YaiT_J_cIu_qxkO07hAFjYs9NFx1hNel8Z8NXeN7XdYOGiBN5pN7CsZ0eEEpktolFK_J5VUOsN0r0hinS5O4_lyAwEUBKWU8MMjSoq0yUk0ajeXE7Yr0k2WO8XREWjPXa6AHVw5ubDEcqGms4505YNyAm2OlcKbUvyE62TTBP15ElgstE7RUaj5Mj-FFzlC4HSv5V4Gm4XA9yBmOrA0XWzab-CeawaGSjeh3JHYXFAvgQFgXV5PPw6Ct3i-fL6FXwx-cbItuBT6V5sZiEdwVqHoNElG1Z3CdAJA&sai=AMfl-YQHh5lf_w1p4xh_z6VpsMf7NFMWk1aL7PaAC2181-MXE7FlltpzZt7WYwS0C2BQY37DwSss1XM-vepOUXcOAh5Xm-ySyLkwosKTocKolsQosd9md9UKF_NDKXGgJEMdfidxDikIAw0CxxlsYHUSPJdRlYb7W_aMzjGdB7ps87N_UbVLlVLPAREtXBIJaZQXC-3TohhoBG1fwhYzBeGcgV22qpp24KANFcMWB5qSmCGuH8ZV6pjHBKWg7VANKlzffQ9ZfBzrK9vqoaVOxxu-WGpAiQqRbQgyVzuvPQqcRA&sig=Cg0ArKJSzDsRK-JEejEiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&vt=11&dtpt=228&dett=2&cstd=0&cisv=r20230207.79332&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsu5ZWsGkXvVvF61B_6AJf4lVAwxLAYmJThjJfDZblqyh0otslRhb5oEZ1ZW7dCdguL-Egn4XcaBS9G0AB5hRJ8qcgcAMvDMIG3mjjjRZo1yCAzyS5WqNzcqaWb-xzvSG4bxaay-hRVzoJxnp-bcWK9tQeTtaBrhHadtio5jwUz7FeWLt_TwIKnNE0yy4JwjmJ7Iwv5Dm3iBHJrTr7oK1QXQIxz_tEeqyzMLMuEjiEmJVn4nnpUoPv0zThg2e3gADqMGt-fCDZN4L6vE2WIno6j9QmKA9ghu8w5njCa2EPKFKOoOwK46m09vNoM66fxG_n3sqx4loBsOpzn4X9-fugIEvIO2TpvQDPWUpz7k1KlnF4snGdzY-6a7d5iWCC5eQ_zty7BJ5GNd2zN7Nqpg4lB54ud4j9E6uKmhLWemIgb_fIDhvxFOF6ZNbnis5PQuK6iOmueyf1x1kK5xAKq75ljAJDTcuKlwXG6SMAFa7rEcqm89zT2WYfDeWuH36f7yqqvkp0UIL-7A7JhfwTrAp569BxS2lDtqJqdkcDdeSXxiOUcsRX3zgLISAklCWYvIM2zKVzN90KgfNVupWwtGJNQjGw-RRnzJZeAQEHSGksq398viEVHdU-05DQ4v1aarR2NZk8ln1yEVBFcaujfhoZ865narT1zJwZ_b9DRFNbvKPCCh04VDWTIeL4dCk4SEZsanaceIIzna3Arp_1uROeBYVHzDGiHcdK7CMLHmKbVDGjWC7cO169z_mC18qZgIxImOtQrVri3kYaHOLkl5p1uZSwNWxKOWtsFKy3nfi2mPWm8GTKg8X398WtqRUTogGA6HwhYVUV_YaiT_J_cIu_qxkO07hAFjYs9NFx1hNel8Z8NXeN7XdYOGiBN5pN7CsZ0eEEpktolFK_J5VUOsN0r0hinS5O4_lyAwEUBKWU8MMjSoq0yUk0ajeXE7Yr0k2WO8XREWjPXa6AHVw5ubDEcqGms4505YNyAm2OlcKbUvyE62TTBP15ElgstE7RUaj5Mj-FFzlC4HSv5V4Gm4XA9yBmOrA0XWzab-CeawaGSjeh3JHYXFAvgQFgXV5PPw6Ct3i-fL6FXwx-cbItuBT6V5sZiEdwVqHoNElG1Z3CdAJA&sai=AMfl-YQHh5lf_w1p4xh_z6VpsMf7NFMWk1aL7PaAC2181-MXE7FlltpzZt7WYwS0C2BQY37DwSss1XM-vepOUXcOAh5Xm-ySyLkwosKTocKolsQosd9md9UKF_NDKXGgJEMdfidxDikIAw0CxxlsYHUSPJdRlYb7W_aMzjGdB7ps87N_UbVLlVLPAREtXBIJaZQXC-3TohhoBG1fwhYzBeGcgV22qpp24KANFcMWB5qSmCGuH8ZV6pjHBKWg7VANKlzffQ9ZfBzrK9vqoaVOxxu-WGpAiQqRbQgyVzuvPQqcRA&sig=Cg0ArKJSzDsRK-JEejEiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&vt=11&dtpt=228&dett=2&cstd=0&cisv=r20230207.79332&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 20:49:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 21:04:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 20:49:41 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6DsmlpuIok97McBxPHxMGn5DTULM6n-DqP1pDFTTbuWKa44ucUBcXlAQJL4YSn1oxvQFnzJBOrXxfbVDgoIVd-NWZvgMMZRCBdkaPnaz4eM3Y1QVvDXl7phqth5CkGz7W7GXcKxcilaRfU7lzVzi1vYDmIuWlGUZbp_KWfVUhum2LfqySse6yWkPRhuQQmT_RIou5FlilAx1ycu83tvRR3aNuf-SmzgnCpweqknV5djM5DsuiRQZa2AK6lOmN7EvJ7LWcDh8vjGR-cUZqCckr1JPlFeL1iqp9aTj5przPOHMF0zAt7ZgEE_XxzCyv2oivGYy8xxvau7OLNtF8FoqQM_qcSj08qKsN8CFp_mlWpTVrELxl9C7CBaQFX7DTTZqqIkaAZZ6FLKnbraFHsOW-RTLNDO1xHFUD1BxVPDagnFM63nYTdPWUMiuR-fYoMgSztF5_f6hNNNvc-VfSvJf1ISFmA9ulTNNJtGFxqk1xFquwNlfKCbR0AXOvOrkkkA9czMrYE7x-UK-AOWkJ5uxs9TJh1D047iaH9ci0Ex8PC5YyE67k24hbncRqjAM0MB1lgLBsBnbEzYg9BcKw6KBIN5s_VuvHz41psHrquMvFKs9nG0rUTjJN08eS3u1Ku3iBiTaQe3C3Qdr2AfcLAroOpMr7qIDvHJhXDU21rU0dU48Kqkz0IPphfAbaOX-S6lzGRA4EGsiHaTZiSK8WrD1EQiW__K8xVmGfWiPZwk_M84tUShHh_4zQLZuSkjuwdpENZVEBucOt4HnGz516k1iSvOfkn3ucty_WRrE1OBX2tTAYIkyMYCE_5icXfP4mPztA9ZdYec8yJRgPW6EyETu36ALREBshnd41E11ZnR85UN5nqyJbQSlXMvxNQ2AsFeBDrRTzqxJQAK7YuLN9GhwKnTj4TYGdpKYZPcsjVg1KUxH4xnw1lIv_brHtD1TbunmuGljpEinAOOuHFDPp5et3zeRjGJNzpngF_ZPKrgRnClTtEHuIAjjasainLlwk2jGZxt_L8DV1HV9qCrlravCMlX0rayYiyXoQa1RVzUPZxdz7dzkRj36Mcxq02s67dUtxg1gAFmr-15etqvZnRp_eBJ6xX2HKb4FVY35AqemHxw&sai=AMfl-YRaWmjuoc1FVz4P9rWBh_wPmgufs5TkPrHjRsNIGM79dqp7BIYmaSHGU56JS27M8vgcWsopkrQnVHMY5t_dcErvdGp8-av2fSltGA4jHlttFtPWExFovhNcN-f9f9bes-dhDf1tmXDlxlIDIyXGreRIGosTB7YL3cg-VcOPVQcUuFi24nJ2VHzOoojiXGBXV5Manc5D1F27TaCulGbzw-GB25HkHWAKai-Mws_6aO04jOfTN66x5c-AOApVzqpn5dHji-b4nMPB5YnoRUUXZFGnFDdXsrtCnb-nx7mNlg&sig=Cg0ArKJSzHqXwEN7WHhOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&vt=11&dtpt=275&dett=2&cstd=0&cisv=r20230207.83949&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6DsmlpuIok97McBxPHxMGn5DTULM6n-DqP1pDFTTbuWKa44ucUBcXlAQJL4YSn1oxvQFnzJBOrXxfbVDgoIVd-NWZvgMMZRCBdkaPnaz4eM3Y1QVvDXl7phqth5CkGz7W7GXcKxcilaRfU7lzVzi1vYDmIuWlGUZbp_KWfVUhum2LfqySse6yWkPRhuQQmT_RIou5FlilAx1ycu83tvRR3aNuf-SmzgnCpweqknV5djM5DsuiRQZa2AK6lOmN7EvJ7LWcDh8vjGR-cUZqCckr1JPlFeL1iqp9aTj5przPOHMF0zAt7ZgEE_XxzCyv2oivGYy8xxvau7OLNtF8FoqQM_qcSj08qKsN8CFp_mlWpTVrELxl9C7CBaQFX7DTTZqqIkaAZZ6FLKnbraFHsOW-RTLNDO1xHFUD1BxVPDagnFM63nYTdPWUMiuR-fYoMgSztF5_f6hNNNvc-VfSvJf1ISFmA9ulTNNJtGFxqk1xFquwNlfKCbR0AXOvOrkkkA9czMrYE7x-UK-AOWkJ5uxs9TJh1D047iaH9ci0Ex8PC5YyE67k24hbncRqjAM0MB1lgLBsBnbEzYg9BcKw6KBIN5s_VuvHz41psHrquMvFKs9nG0rUTjJN08eS3u1Ku3iBiTaQe3C3Qdr2AfcLAroOpMr7qIDvHJhXDU21rU0dU48Kqkz0IPphfAbaOX-S6lzGRA4EGsiHaTZiSK8WrD1EQiW__K8xVmGfWiPZwk_M84tUShHh_4zQLZuSkjuwdpENZVEBucOt4HnGz516k1iSvOfkn3ucty_WRrE1OBX2tTAYIkyMYCE_5icXfP4mPztA9ZdYec8yJRgPW6EyETu36ALREBshnd41E11ZnR85UN5nqyJbQSlXMvxNQ2AsFeBDrRTzqxJQAK7YuLN9GhwKnTj4TYGdpKYZPcsjVg1KUxH4xnw1lIv_brHtD1TbunmuGljpEinAOOuHFDPp5et3zeRjGJNzpngF_ZPKrgRnClTtEHuIAjjasainLlwk2jGZxt_L8DV1HV9qCrlravCMlX0rayYiyXoQa1RVzUPZxdz7dzkRj36Mcxq02s67dUtxg1gAFmr-15etqvZnRp_eBJ6xX2HKb4FVY35AqemHxw&sai=AMfl-YRaWmjuoc1FVz4P9rWBh_wPmgufs5TkPrHjRsNIGM79dqp7BIYmaSHGU56JS27M8vgcWsopkrQnVHMY5t_dcErvdGp8-av2fSltGA4jHlttFtPWExFovhNcN-f9f9bes-dhDf1tmXDlxlIDIyXGreRIGosTB7YL3cg-VcOPVQcUuFi24nJ2VHzOoojiXGBXV5Manc5D1F27TaCulGbzw-GB25HkHWAKai-Mws_6aO04jOfTN66x5c-AOApVzqpn5dHji-b4nMPB5YnoRUUXZFGnFDdXsrtCnb-nx7mNlg&sig=Cg0ArKJSzHqXwEN7WHhOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&vt=11&dtpt=275&dett=2&cstd=0&cisv=r20230207.83949&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjss6DsmlpuIok97McBxPHxMGn5DTULM6n-DqP1pDFTTbuWKa44ucUBcXlAQJL4YSn1oxvQFnzJBOrXxfbVDgoIVd-NWZvgMMZRCBdkaPnaz4eM3Y1QVvDXl7phqth5CkGz7W7GXcKxcilaRfU7lzVzi1vYDmIuWlGUZbp_KWfVUhum2LfqySse6yWkPRhuQQmT_RIou5FlilAx1ycu83tvRR3aNuf-SmzgnCpweqknV5djM5DsuiRQZa2AK6lOmN7EvJ7LWcDh8vjGR-cUZqCckr1JPlFeL1iqp9aTj5przPOHMF0zAt7ZgEE_XxzCyv2oivGYy8xxvau7OLNtF8FoqQM_qcSj08qKsN8CFp_mlWpTVrELxl9C7CBaQFX7DTTZqqIkaAZZ6FLKnbraFHsOW-RTLNDO1xHFUD1BxVPDagnFM63nYTdPWUMiuR-fYoMgSztF5_f6hNNNvc-VfSvJf1ISFmA9ulTNNJtGFxqk1xFquwNlfKCbR0AXOvOrkkkA9czMrYE7x-UK-AOWkJ5uxs9TJh1D047iaH9ci0Ex8PC5YyE67k24hbncRqjAM0MB1lgLBsBnbEzYg9BcKw6KBIN5s_VuvHz41psHrquMvFKs9nG0rUTjJN08eS3u1Ku3iBiTaQe3C3Qdr2AfcLAroOpMr7qIDvHJhXDU21rU0dU48Kqkz0IPphfAbaOX-S6lzGRA4EGsiHaTZiSK8WrD1EQiW__K8xVmGfWiPZwk_M84tUShHh_4zQLZuSkjuwdpENZVEBucOt4HnGz516k1iSvOfkn3ucty_WRrE1OBX2tTAYIkyMYCE_5icXfP4mPztA9ZdYec8yJRgPW6EyETu36ALREBshnd41E11ZnR85UN5nqyJbQSlXMvxNQ2AsFeBDrRTzqxJQAK7YuLN9GhwKnTj4TYGdpKYZPcsjVg1KUxH4xnw1lIv_brHtD1TbunmuGljpEinAOOuHFDPp5et3zeRjGJNzpngF_ZPKrgRnClTtEHuIAjjasainLlwk2jGZxt_L8DV1HV9qCrlravCMlX0rayYiyXoQa1RVzUPZxdz7dzkRj36Mcxq02s67dUtxg1gAFmr-15etqvZnRp_eBJ6xX2HKb4FVY35AqemHxw&sai=AMfl-YRaWmjuoc1FVz4P9rWBh_wPmgufs5TkPrHjRsNIGM79dqp7BIYmaSHGU56JS27M8vgcWsopkrQnVHMY5t_dcErvdGp8-av2fSltGA4jHlttFtPWExFovhNcN-f9f9bes-dhDf1tmXDlxlIDIyXGreRIGosTB7YL3cg-VcOPVQcUuFi24nJ2VHzOoojiXGBXV5Manc5D1F27TaCulGbzw-GB25HkHWAKai-Mws_6aO04jOfTN66x5c-AOApVzqpn5dHji-b4nMPB5YnoRUUXZFGnFDdXsrtCnb-nx7mNlg&sig=Cg0ArKJSzHqXwEN7WHhOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&vt=11&dtpt=275&dett=2&cstd=0&cisv=r20230207.83949&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 20:49:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Feb-2023 21:04:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 20:49:41 GMT
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 94ac72489874f6b5a270b80a4e1e80c0
c8a20282f8197dfeb4de42983cf5853766e48462
6c772d26afaa260022c99fe7131b14690d119be0762a0a62788e4d642d18e48e
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 Feb 2023 20:49:40 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 Feb 2023 19:37:58 GMT
Expires: Thu, 09 Feb 2023 19:37:58 GMT
ETag: "c8a20282f8197dfeb4de42983cf5853766e48462"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_984750846059&jsTagObjCallback=__tagObject_callback_984750846059&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=984750846059&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://cutty.app/please&chro=0&hist=1&winh=280&winw=770&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau4FEEJ%5D2AATauU2%26C%3Dl9EEADTbpTauTau4FEEJ%5D2AATauA%3D62D6&dvp_exetime=15.00&callbackName=__verify_callback_984750846059
34.149.12.213200 OK 269 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_984750846059&jsTagObjCallback=__tagObject_callback_984750846059&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=984750846059&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://cutty.app/please&chro=0&hist=1&winh=280&winw=770&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau4FEEJ%5D2AATauU2%26C%3Dl9EEADTbpTauTau4FEEJ%5D2AATauA%3D62D6&dvp_exetime=15.00&callbackName=__verify_callback_984750846059
IP 34.149.12.213:0
Hash 2dc8e90a0bae68a2321b98e8f8dda5de
e5f19c811d49205616aebdd95490ace0dc98d714
47c4c36d5e2f662a824b95681d8543c8c4c2808b5acada52168a532b6aa1e70c
GET /verify.js?flvr=0&jsCallback=__verify_callback_984750846059&jsTagObjCallback=__tagObject_callback_984750846059&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=984750846059&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://cutty.app/please&chro=0&hist=1&winh=280&winw=770&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau4FEEJ%5D2AATauU2%26C%3Dl9EEADTbpTauTau4FEEJ%5D2AATauA%3D62D6&dvp_exetime=15.00&callbackName=__verify_callback_984750846059 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:41 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/07/2023 20:49:41
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
cdn.doubleverify.com/dv-measurements3508.js
95.101.11.115200 OK 109 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3508.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (108623 bytes)
Hash c84c54cf34332c1c5f76c6ea70136d20
a79e40be2aeb35b24347b3375d29d2f00d120ed2
8cb9c2082f58c7bffb37795ad72a7751357afdcb8a359174f3697daeaf07ccfb
GET /dv-measurements3508.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 08:38:04 GMT
Accept-Ranges: bytes
ETag: "0be8d7ecf3ad91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 108623
Date: Wed, 08 Feb 2023 20:49:41 GMT
Connection: keep-alive
servedby.flashtalking.com/imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&us_privacy=${US_PRIVACY}&cachebuster=253138.36303811&ft_dv=%5B%25ft_dv%25%5D
104.88.10.141200 OK 817 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&us_privacy=${US_PRIVACY}&cachebuster=253138.36303811&ft_dv=%5B%25ft_dv%25%5D
IP 104.88.10.141:0
File type ASCII text, with CRLF, CR, LF line terminators
Hash 816921414537fdede6b572b61aa867f5
509e286817c1f2e07f094b8da7160a8033c51745
65085bf116e11267e22e7db9c57a158c957697d2ccf743476e1473a2e92bb654
GET /imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&us_privacy=${US_PRIVACY}&cachebuster=253138.36303811&ft_dv=%5B%25ft_dv%25%5D HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app10.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Wed, 08 Feb 2023 20:49:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 Feb 2023 20:49:41 GMT
Content-Length: 817
Connection: keep-alive
Strict-Transport-Security: max-age=86400
cdn.flashtalking.com/xre/518/5182866/4069571/js/j-5182866-4069571.js
205.185.216.10200 OK 17 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182866/4069571/js/j-5182866-4069571.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash 8c83de7498f1e340dc423c319a72cf66
fb1ee3c2d5e97a8c3f94764ff5e98ee3cd7cd0e1
25f586ea17fffa43cca2307d13698b6eb3b71489ded14fc1530582908c60a8f9
GET /xre/518/5182866/4069571/js/j-5182866-4069571.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:41 GMT
Connection: Keep-Alive
ETag: "1664998065"
Cache-Control: max-age=964
Content-Encoding: gzip
Content-Length: 17008
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 05 Oct 2022 19:27:45 GMT
Accept-Ranges: bytes
x-amz-id-2: zFXgMlJd6SX5rnAEjM+CiD1vPe2y/2Y++/eZjtKkM5dcopFuD0gMkEWnihOpXXG9zgqocE7Q6M4=
x-amz-request-id: S2H2HPJV9D2NMBZE
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675889381.dop023.sk1.t,1675889381.cds212.sk1.shn,1675889381.dop023.sk1.t,1675889381.cds069.sk1.c
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=4069571&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=820A8F2A-26C1-1348-F149-95AA772DC62A&auevent=&7817260
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=4069571&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=820A8F2A-26C1-1348-F149-95AA772DC62A&auevent=&7817260
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 16772257790926e955e01853300e5e17
e1a57bd8bf82c3b46eec745d537dfeb0b806b421
0277ffe0b54f07419f295a78d8cfbafc4b97f847e288b8247387f50d3a9314ea
GET /dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=4069571&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=820A8F2A-26C1-1348-F149-95AA772DC62A&auevent=&7817260 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 07 Feb 2023 10:56:08 GMT
Accept-Ranges: bytes
ETag: W/"0d433c8e23ad91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3337
Date: Wed, 08 Feb 2023 20:49:41 GMT
Connection: keep-alive
cdn.flashtalking.com/116327/4069571/index.html
205.185.216.10200 OK 22 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069571/index.html
IP 205.185.216.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1430), with CRLF, LF line terminators
Hash 6b6f22786e6f3f0c871de2632b0a6a8b
f519f5563a86f2fc64f4a1737342ee354ad4876d
3ea4a259652cff565b2e3ffe95ad3c43f060582cdce0c99117c57d1a41ad15ef
GET /116327/4069571/index.html HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:41 GMT
Connection: Keep-Alive
ETag: "1664411220"
Cache-Control: max-age=133
Content-Encoding: gzip
Content-Length: 22509
Content-Type: text/html
Last-Modified: Thu, 29 Sep 2022 00:27:00 GMT
Accept-Ranges: bytes
x-amz-id-2: OoqgReKjupAkHGPMUkNRenRYsMSQ/Lnev/EzKoZdVA/b8shKyd8vD8W8XDFKmr3MgA2jdprM+zU=
x-amz-request-id: F80T9ABB9123GK0M
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675889381.dop023.sk1.t,1675889381.cds212.sk1.shn,1675889381.dop023.sk1.t,1675889381.cds264.sk1.c
secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
2.18.172.49200 OK 1.3 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
IP 2.18.172.49:0
File type PNG image data, 19 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash db320ef6f3c45ab5c90887ef618de2bb
7d4bd175166545ea775fcb69b406eba11f7fa3ec
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
GET /oba/icon/iconc.png?EDAA_icon=y HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Content-Type: image/png
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish: 440713868 434560932
Accept-Ranges: bytes
Content-Length: 1308
Cache-Control: max-age=2444580
Expires: Thu, 09 Mar 2023 03:52:41 GMT
Date: Wed, 08 Feb 2023 20:49:41 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.flashtalking.com/116327/4069571/images/Desktop_Acrobat_ARed_FullBleedVERB.png
205.185.216.10200 OK 53 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069571/images/Desktop_Acrobat_ARed_FullBleedVERB.png
IP 205.185.216.10:0
File type PNG image data, 1006 x 1006, 8-bit/color RGBA, non-interlaced\012- data
Hash 38a032ded861b9c4d5806ec24c9b1ca6
8d0ab06003146fce58b1484ffd543c2be3e8c049
5974065541ad65f16b0bb987eedcc3be2ecbaa4de9f21869d636cecc2441efda
GET /116327/4069571/images/Desktop_Acrobat_ARed_FullBleedVERB.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069571/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:41 GMT
Connection: Keep-Alive
ETag: "1664411220"
Cache-Control: max-age=1178
Content-Length: 52887
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:00 GMT
Accept-Ranges: bytes
x-amz-id-2: H/X/708k3Xefx6Xr51eB0d28ZR+nnbIFX70q3oG6IV72cOvVQDsCVjU09U43LSwlQS7lEdTgFR8=
x-amz-request-id: F80W3BAVDHT0KBTV
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675889381.dop023.sk1.t,1675889381.cds212.sk1.shn,1675889381.dop023.sk1.t,1675889381.cds255.sk1.c
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash f4d56006a8d2f4a1f43799e0347d49fd
997efe805e232990bbb9da54d704a28d9915e419
b674ed789c814413f81a3c99f09d2ea1eb97988633b478597d0bed4a7a994b2d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 Feb 2023 20:49:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 Feb 2023 03:03:34 GMT
Expires: Thu, 09 Feb 2023 03:03:34 GMT
ETag: "997efe805e232990bbb9da54d704a28d9915e419"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash f4d56006a8d2f4a1f43799e0347d49fd
997efe805e232990bbb9da54d704a28d9915e419
b674ed789c814413f81a3c99f09d2ea1eb97988633b478597d0bed4a7a994b2d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 Feb 2023 20:49:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 Feb 2023 03:03:34 GMT
Expires: Thu, 09 Feb 2023 03:03:34 GMT
ETag: "997efe805e232990bbb9da54d704a28d9915e419"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn.flashtalking.com/116327/4069571/images/gradient_728x90.png
205.185.216.10200 OK 6.2 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069571/images/gradient_728x90.png
IP 205.185.216.10:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash db47dddd08bbabfb656fdcb6c4845fd4
df7ac31929e97fd01d66528ca60885d95b546306
9a518f29526e9b9bf6627c17debd7fab5c01fdf1a80032dcea9ddfdca3c9ee8b
GET /116327/4069571/images/gradient_728x90.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069571/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: Keep-Alive
ETag: "1664411220"
Cache-Control: max-age=1175
Content-Length: 6175
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:00 GMT
Accept-Ranges: bytes
x-amz-id-2: jWS7axUqNJAjc/GGfoq2dq8dMr3dbiEJ1bmE+wD+SqA9nzbqNIpDhyraj7QpMvt945DvWwe7qJ8=
x-amz-request-id: CK2Q8WCYWJQRKMY5
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675889381.dop023.sk1.t,1675889381.cds212.sk1.shn,1675889382.dop023.sk1.t,1675889382.cds071.sk1.c
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=215&ttfrms=30&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau4FEEJ%5D2AATauU2%26C%3Dl9EEADTbpTauTau4FEEJ%5D2AATauA%3D62D6&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675889437411974&jsCallback=dvCallback_1675889437411280&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3508&tgjsver=3508&lvvn=28&m1=13&refD=2&fcifrms=8&brh=1&sdf=2&dvp_epl=83&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://cutty.app/please&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=26052402166.552002&dvp_tukv=1141545902791.023&dvp_tuid=939123496535&jurtd=179781648
34.149.12.213200 OK 678 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=215&ttfrms=30&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau4FEEJ%5D2AATauU2%26C%3Dl9EEADTbpTauTau4FEEJ%5D2AATauA%3D62D6&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675889437411974&jsCallback=dvCallback_1675889437411280&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3508&tgjsver=3508&lvvn=28&m1=13&refD=2&fcifrms=8&brh=1&sdf=2&dvp_epl=83&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://cutty.app/please&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=26052402166.552002&dvp_tukv=1141545902791.023&dvp_tuid=939123496535&jurtd=179781648
IP 34.149.12.213:0
File type ASCII text, with very long lines (1184), with no line terminators
Hash fec2be4c6d0f61cc4fecfe69a56e95e3
e18789a01625cedb95739d6b4389d2d48852368a
e65aa5f94b136482e1968154ccdcc74cdaa34d26cbe5287745fa76486ee20909
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=215&ttfrms=30&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau4FEEJ%5D2AATauU2%26C%3Dl9EEADTbpTauTau4FEEJ%5D2AATauA%3D62D6&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675889437411974&jsCallback=dvCallback_1675889437411280&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3508&tgjsver=3508&lvvn=28&m1=13&refD=2&fcifrms=8&brh=1&sdf=2&dvp_epl=83&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://cutty.app/please&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hhw7L9McLrp4Wi3W1zGgFT&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1927065184933&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=26052402166.552002&dvp_tukv=1141545902791.023&dvp_tuid=939123496535&jurtd=179781648 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:42 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/07/2023 20:49:42
Pragma: no-cache
Vary: Accept-Encoding
code.createjs.com/1.0.0/createjs.min.js
95.101.10.9200 OK 65 kB URL HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP 95.101.10.9:0
ASN #20940 Akamai International B.V.
Hash 744293cf41e45d032dafb55c76341753
4866f496ea21d5e5b16f2f002ec8f95d386c50ae
5b10eeb0431c9d4523f6bf3a3caa0365f124c53301beb4019b0b0127bfd5954e
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Wed, 08 Feb 2023 21:04:41 GMT
date: Wed, 08 Feb 2023 20:49:41 GMT
x-n: S
X-Firefox-Spdy: h2
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=83acab537f2d4d0caf4be8accc592973&dup=&eoid=1000&cbust=1675889438043729
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=83acab537f2d4d0caf4be8accc592973&dup=&eoid=1000&cbust=1675889438043729
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=83acab537f2d4d0caf4be8accc592973&dup=&eoid=1000&cbust=1675889438043729 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=83acab537f2d4d0caf4be8accc592973&akipv6=&dup=&eoid=1000
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: keep-alive
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=098fed51ee0e4a4b911d9e45afc9e690&dup=&eoid=1000&cbust=1675889438052723
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=098fed51ee0e4a4b911d9e45afc9e690&dup=&eoid=1000&cbust=1675889438052723
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=098fed51ee0e4a4b911d9e45afc9e690&dup=&eoid=1000&cbust=1675889438052723 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=098fed51ee0e4a4b911d9e45afc9e690&akipv6=&dup=&eoid=1000
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: keep-alive
cdn.flashtalking.com/116327/4069571/images/Group171472.png
205.185.216.10200 OK 48 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069571/images/Group171472.png
IP 205.185.216.10:0
File type PNG image data, 802 x 802, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c628e9acdc55344312932fc53e51890
544de55aac5ac7e8d94f23754372ed1a545beffd
dba335650002392562f88e326f52e0a88b3a1a9b9262b795b2c1b5dac900a476
GET /116327/4069571/images/Group171472.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069571/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: Keep-Alive
ETag: "1664411220"
Cache-Control: max-age=1175
Content-Length: 47662
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:00 GMT
Accept-Ranges: bytes
x-amz-id-2: bW+hXwy4qvPLrpz3Sw29IYRfeCRqcbuD2JiDCms6pNrxOxijQEsOBPCHgKqmbQDfX/v3cLs1d9o=
x-amz-request-id: CK2X6413QJ6V53DJ
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675889381.dop023.sk1.t,1675889381.cds212.sk1.shn,1675889382.dop023.sk1.t,1675889382.cds210.sk1.c
cdn.flashtalking.com/116327/4069571/images/MaskGroup171153.png
205.185.216.10200 OK 82 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069571/images/MaskGroup171153.png
IP 205.185.216.10:0
File type PNG image data, 642 x 674, 8-bit/color RGB, non-interlaced\012- data
Hash aa80b743045113baa5a45756cc258c01
d1ec09f5074cd7612fb0cc06e5a02eab6ef40d19
d3b39584486be12795fc5a5e3b7184ffc43f9ce6995f8a27b535f589d46af75b
GET /116327/4069571/images/MaskGroup171153.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069571/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: Keep-Alive
ETag: "1664411220"
Cache-Control: max-age=583
Content-Length: 82376
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:00 GMT
Accept-Ranges: bytes
x-amz-id-2: xlwivOaFzfc8r7fURCaziSaMW2BEyP796fYzlRMtagWuCHt+U0QECSGRa3br2SMzMsFfH9UdmbE=
x-amz-request-id: CK2RTMF8XV37SCQ1
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675889381.dop023.sk1.t,1675889381.cds212.sk1.shn,1675889382.dop023.sk1.t,1675889382.cds212.sk1.c
tpsc-eu3.doubleverify.com/event.png?impid=83acab537f2d4d0caf4be8accc592973&akipv6=&dup=&eoid=1000
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=83acab537f2d4d0caf4be8accc592973&akipv6=&dup=&eoid=1000
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=83acab537f2d4d0caf4be8accc592973&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 02/07/2023 20:49:42
Pragma: no-cache
tpsc-eu3.doubleverify.com/event.png?impid=098fed51ee0e4a4b911d9e45afc9e690&akipv6=&dup=&eoid=1000
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=098fed51ee0e4a4b911d9e45afc9e690&akipv6=&dup=&eoid=1000
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=098fed51ee0e4a4b911d9e45afc9e690&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 02/07/2023 20:49:42
Pragma: no-cache
secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
2.18.172.49200 OK 6.0 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
IP 2.18.172.49:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d675694ab4d4d2eb56cca854c25d9c36
34174b9397a3cb289f892f1f98ccc51a63698360
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
GET /oba/icon/consumer-privacy-logo.png HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Content-Type: image/png
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 721542519 721664610
Accept-Ranges: bytes
Content-Length: 5953
Cache-Control: max-age=323
Expires: Wed, 08 Feb 2023 20:55:05 GMT
Date: Wed, 08 Feb 2023 20:49:42 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
tpsc-eu3.doubleverify.com/event.png?impid=83acab537f2d4d0caf4be8accc592973&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=601&eoid=15&msrjs=3508&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=11&tetms=3&msltms=40&vltms=601&sei=145&vetms=33&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1045&isumms=1045&nvr=2&isgmmims=1045&isgmv4mims=1045&elmtp=1&isbxdms=2666&b0=1721&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&lftb=1721&sftb=1721&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=1045&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3661&cbust=1675889441044221
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=83acab537f2d4d0caf4be8accc592973&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=601&eoid=15&msrjs=3508&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=11&tetms=3&msltms=40&vltms=601&sei=145&vetms=33&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1045&isumms=1045&nvr=2&isgmmims=1045&isgmv4mims=1045&elmtp=1&isbxdms=2666&b0=1721&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&lftb=1721&sftb=1721&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=1045&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3661&cbust=1675889441044221
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=83acab537f2d4d0caf4be8accc592973&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=601&eoid=15&msrjs=3508&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=11&tetms=3&msltms=40&vltms=601&sei=145&vetms=33&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1045&isumms=1045&nvr=2&isgmmims=1045&isgmv4mims=1045&elmtp=1&isbxdms=2666&b0=1721&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&lftb=1721&sftb=1721&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=1045&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3661&cbust=1675889441044221 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Wed, 08 Feb 2023 20:49:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/07/2023 20:49:45
Pragma: no-cache
tpsc-eu3.doubleverify.com/event.png?impid=098fed51ee0e4a4b911d9e45afc9e690&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=215&eoid=14&msrjs=3508&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=11&tetms=4&msltms=29&vltms=215&sei=146&vetms=35&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=22&isumms=22&nvr=2&isgmmims=22&isgmv4mims=22&elmtp=1&isbxdms=2362&b0=2441&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&lftb=2441&sftb=2441&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=22&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3264&cbust=1675889441052705
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=098fed51ee0e4a4b911d9e45afc9e690&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=215&eoid=14&msrjs=3508&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=11&tetms=4&msltms=29&vltms=215&sei=146&vetms=35&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=22&isumms=22&nvr=2&isgmmims=22&isgmv4mims=22&elmtp=1&isbxdms=2362&b0=2441&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&lftb=2441&sftb=2441&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=22&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3264&cbust=1675889441052705
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=098fed51ee0e4a4b911d9e45afc9e690&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=215&eoid=14&msrjs=3508&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=11&tetms=4&msltms=29&vltms=215&sei=146&vetms=35&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=22&isumms=22&nvr=2&isgmmims=22&isgmv4mims=22&elmtp=1&isbxdms=2362&b0=2441&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&lftb=2441&sftb=2441&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=22&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3264&cbust=1675889441052705 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://4c74ae17b2d8596bc9314a01df2f749e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Wed, 08 Feb 2023 20:49:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/07/2023 20:49:45
Pragma: no-cache
cutty.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79673ba4ca3d0b3d
104.26.13.177200 OK 0 B URL HTTP/2 cutty.app/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79673ba4ca3d0b3d
IP 104.26.13.177:0
GET /cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=79673ba4ca3d0b3d HTTP/1.1
Host: cutty.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlVLQzl6YzBhT1NXSUpBbnpNU2RNcFE9PSIsInZhbHVlIjoiYll0OUI0Q0hrV1dXNXRvbFdYZWJtNU5FMERhcStDci9ldnpmUXZhZmtOL3c3WHhmYmZsMWZ3dk00UTFNbnVHSkRRV2hBUVpCU05pbjhYYlQvQWd6ckRxb0tSSHBqa2tpWWhCcTR2dzdEUEJHdG1SWXpMb1VPWkFQRndEMUM1U0siLCJtYWMiOiIwNzI1NmNmMjVmNjVmNDcyZWY0ZDQwZTljYTlhYTA4MGVmZDMzZWYxMzA5MTgxZjhkNmFjZDhiM2E1ZTFmMmMyIiwidGFnIjoiIn0%3D; cuty_session=eyJpdiI6IllMUlQ3TUhQbmswbjdYYUI1YW05L1E9PSIsInZhbHVlIjoidHlyUEF4bjRJclFMMGtPR0N4UHRTblhVSWg0cmhURnRJdG5USlUyZzRRbm9vNW80Z0pqakp2TE10UjdwZGh0UWNTb1JwV0lSZFIwdlhZQWlGOUF2U2pUUzFOeHdGd1lmRWxDTDhVRWNrcSsvaWk1TVFNdlk4bVNwbFd6aEhPOFoiLCJtYWMiOiJlNzE4MDlhYmY1NTA1ODIwYTUyYzI1YzUwNGVlM2U5YTIxYzlmYmI0YTdjYzcxOTllNzg3M2FmYmVkNzEwZDczIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:39 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUMvZHbFBQO9xI2JdFAAk1g%2Bm1va5%2B9Mi7Bzzp8YB4wSxBesA7x5nu2A%2BPs8%2Bm0l9EWCiLZthcL%2Bg9d%2BICw9MzO100G2ReG8pUwaW3O3vjskLMrLeS5uT2nklw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673bab1a1e0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cutty.app/please
104.26.13.177200 OK 0 B IP 104.26.13.177:0
GET /please HTTP/1.1
Host: cutty.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
cache-control: must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: -1
x-frame-options: SAMEORIGIN, SAMEORIGIN
set-cookie: XSRF-TOKEN=eyJpdiI6IlVLQzl6YzBhT1NXSUpBbnpNU2RNcFE9PSIsInZhbHVlIjoiYll0OUI0Q0hrV1dXNXRvbFdYZWJtNU5FMERhcStDci9ldnpmUXZhZmtOL3c3WHhmYmZsMWZ3dk00UTFNbnVHSkRRV2hBUVpCU05pbjhYYlQvQWd6ckRxb0tSSHBqa2tpWWhCcTR2dzdEUEJHdG1SWXpMb1VPWkFQRndEMUM1U0siLCJtYWMiOiIwNzI1NmNmMjVmNjVmNDcyZWY0ZDQwZTljYTlhYTA4MGVmZDMzZWYxMzA5MTgxZjhkNmFjZDhiM2E1ZTFmMmMyIiwidGFnIjoiIn0%3D; expires=Wed, 15 Feb 2023 20:49:38 GMT; Max-Age=604800; path=/; samesite=lax
cuty_session=eyJpdiI6IllMUlQ3TUhQbmswbjdYYUI1YW05L1E9PSIsInZhbHVlIjoidHlyUEF4bjRJclFMMGtPR0N4UHRTblhVSWg0cmhURnRJdG5USlUyZzRRbm9vNW80Z0pqakp2TE10UjdwZGh0UWNTb1JwV0lSZFIwdlhZQWlGOUF2U2pUUzFOeHdGd1lmRWxDTDhVRWNrcSsvaWk1TVFNdlk4bVNwbFd6aEhPOFoiLCJtYWMiOiJlNzE4MDlhYmY1NTA1ODIwYTUyYzI1YzUwNGVlM2U5YTIxYzlmYmI0YTdjYzcxOTllNzg3M2FmYmVkNzEwZDczIiwidGFnIjoiIn0%3D; expires=Wed, 15 Feb 2023 20:49:38 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kav6o17vWx3TXgtC9A0bdJEsCx5KF5VbRbIwUPzzb3PF8NQDyx7S4zmfupmoNTSrwl5m9%2Bz7%2FoW5jq9ToYfMDVB8KI4w1YCj2CC34Joebm2USAqSUb6AB6vOug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba4ca3d0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/step-2.svg
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/images/public/step-2.svg
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /images/public/step-2.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-607"
expires: Mon, 01 Jan 2024 10:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3317423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be%2FDrXpGhD0kMc798hrpP6uC4CG%2BeKbHZWEFd14sk7L2V3lqbY3Xwk%2BmCXdGQTJtrYlAPAJymsyfUOz0PU%2FVrlrI6AKb9iVnhtmUHfEus%2BKt6FlfwB0S1Jjn4wCmbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe150b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/logo.svg
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/images/shared/logo.svg
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/logo.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-175a"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3317424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPOfptKstBrtTwkeEn6dX7tZL57cOKWunK%2BNwAJR4v3oe%2FWaGtVc2%2FPCFBiE4DeuwKR3YyELlkbRsTRFc6%2FzcRovn6y5hTEt72O0MA6EYoMp%2F6U%2FiHeiBWRnNAbZxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba8af280b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/js/layouts/base.js?id=bc813ca38dc4dbda754827e747c2432c
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/js/layouts/base.js?id=bc813ca38dc4dbda754827e747c2432c
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /js/layouts/base.js?id=bc813ca38dc4dbda754827e747c2432c HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63c5a2df-1a0b0"
expires: Tue, 16 Jan 2024 19:17:53 GMT
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1992646
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaunVrZPCLsA6zdxralMqbhcLbSLsrKHHd2kctzylDqQxkB9XE%2FAi%2F%2BEz8IOmKLcaTC5q5fcpv6YD0NUtEI1ays8XMFkcjdeMxc6kXWjRX8Mu0kv03GLT8lCsr52zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba8ff9b0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
asacdn.com/script/suv4.js
172.67.201.216200 OK 0 B URL HTTP/2 asacdn.com/script/suv4.js
IP 172.67.201.216:0
GET /script/suv4.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdujewSgkPWJRiHT8zbsyxnNxRL0JC5GL-2zcTAk0XqFCixmmy80Oj8p2rassUBnj2q7LlIPI8Jt2cnn7ZKen2e15Qtc-UVm
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1675341533963984
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100703
x-goog-hash: crc32c=+rzzmw==, md5=8RmTt9jAmXa4EVe7f6U10g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 08 Feb 2023 20:59:02 GMT
cache-control: public, max-age=14400
age: 975
last-modified: Thu, 02 Feb 2023 12:38:54 GMT
etag: W/"f11993b7d8c09976b81157bb7fa535d2"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9HsIvNHGHMK3f5f7knuwRGnN58VX%2BZi7P1rapO8loe10VSu28ZDeDpgvlk%2BMu651cDhPgA9RvPB63pv1QNuExl22YtyJPxMpYO4fpbgANHU2wrf4eP2vVmfDN%2Bb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba92c350b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cutty.app/cdn-cgi/challenge-platform/h/g/cv/result/79673ba4ca3d0b3d
104.26.13.177200 OK 0 B URL HTTP/2 cutty.app/cdn-cgi/challenge-platform/h/g/cv/result/79673ba4ca3d0b3d
IP 104.26.13.177:0
POST /cdn-cgi/challenge-platform/h/g/cv/result/79673ba4ca3d0b3d HTTP/1.1
Host: cutty.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 411
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/please
Cookie: XSRF-TOKEN=eyJpdiI6IlVLQzl6YzBhT1NXSUpBbnpNU2RNcFE9PSIsInZhbHVlIjoiYll0OUI0Q0hrV1dXNXRvbFdYZWJtNU5FMERhcStDci9ldnpmUXZhZmtOL3c3WHhmYmZsMWZ3dk00UTFNbnVHSkRRV2hBUVpCU05pbjhYYlQvQWd6ckRxb0tSSHBqa2tpWWhCcTR2dzdEUEJHdG1SWXpMb1VPWkFQRndEMUM1U0siLCJtYWMiOiIwNzI1NmNmMjVmNjVmNDcyZWY0ZDQwZTljYTlhYTA4MGVmZDMzZWYxMzA5MTgxZjhkNmFjZDhiM2E1ZTFmMmMyIiwidGFnIjoiIn0%3D; cuty_session=eyJpdiI6IllMUlQ3TUhQbmswbjdYYUI1YW05L1E9PSIsInZhbHVlIjoidHlyUEF4bjRJclFMMGtPR0N4UHRTblhVSWg0cmhURnRJdG5USlUyZzRRbm9vNW80Z0pqakp2TE10UjdwZGh0UWNTb1JwV0lSZFIwdlhZQWlGOUF2U2pUUzFOeHdGd1lmRWxDTDhVRWNrcSsvaWk1TVFNdlk4bVNwbFd6aEhPOFoiLCJtYWMiOiJlNzE4MDlhYmY1NTA1ODIwYTUyYzI1YzUwNGVlM2U5YTIxYzlmYmI0YTdjYzcxOTllNzg3M2FmYmVkNzEwZDczIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:39 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=iuBYCFvNe8kvwC30EPAGzZzjXjQAy.LOijEXXXntV2Q-1675889379-0-ATGg0zpgwsU+yF/wAq8AwccJS18rltBfE+w4Sr4Nc0lguNnjWWk8ZkNPpR5Qf698WgKs0KrMr4Uln+/IjC55Wq63ymrwyuYRotTmbOaNttYqgDCbCEzSgbOBdEWiLBnCgRwY6aVOL1j0N008Wx42O0oh+vPQMTQ/m2xkU3qrMMGWnIpX1bX0ofKm4pQ2Ouxd1q3S99Z6gJVzvy3DWPW8YAkAg5Iwtk3/ZZROB1Ds4pUZ; path=/; expires=Wed, 08-Feb-23 21:19:39 GMT; domain=.cutty.app; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zytJosSw6gTlVvSbVSq%2F1jujXJ13%2BZCh166UGXShQAoLSef%2BQRyj%2BiXleid%2B2IGvTIVdFzZzVWtWG85LODswgyhUGbcdUzgZzoZ1qxfY6CUDkGigJLELhc3PkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673badacf60b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/x.svg
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/images/shared/x.svg
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/x.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-d1"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3317424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GT4JBSGx2KknQL4OLX1Q4hrO9sZWQEjC57p9IqNk%2BfEQ7hWcpMnxyPJJM1XJKsnEX6vqg7%2B4nmIaUr7%2BP8PPy%2Fv4GC1H9iL6amAGwM0zGstNC9hRRrbvIbaYgkjd8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe0e0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
172.67.38.106200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 172.67.38.106:0
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:40 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: zGwaZsc4b1Xdq36RQoBXzW7xIMpQpR0J6hdT+iKg8uOmhXbra7Avgo/LCI+b+0ZJF9W7j9y26FI=
x-amz-request-id: 3M26VMMGDBVE57TX
last-modified: Wed, 08 Feb 2023 10:52:00 GMT
etag: W/"877eb782031ec8e3300d3d2664adf813"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 2725
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 79673bb35de2b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/step-3.svg
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/images/public/step-3.svg
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /images/public/step-3.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-45b"
expires: Mon, 01 Jan 2024 10:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3317423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XsECnR6csQlB9a0CeL5g9n4TZnJe2zug9Fk2jmUZoM08%2FUKHUfeKalP2rZg1tA8MkFsZP9yfayuaFCtBUUA2hcM1TWBoHsk9eE5eWBr7hbScAyOfAIieYUZ2boNSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe180b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/step-1.svg
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/images/public/step-1.svg
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /images/public/step-1.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-658"
expires: Mon, 01 Jan 2024 10:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3317423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYlNv4Az2WDKJrL9f43jYPtnG5O7FZRQBPbiwKFvdswOo4lxSZdfhOneBJ%2BQoh%2F3luI5DisJAWUwv5WUxSacWgmLyR%2B6OjwH8SKV1zgbxPesNagM0hmawqDqdmRScg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe140b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63c5a2df-c19"
expires: Tue, 16 Jan 2024 19:17:53 GMT
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1992646
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOU5arlUPEvAayKTwIKk1oi8UqpB42CKzen%2B7IBzpnOloExjJSAtG2YKj4z45BTlhJZUVYhrtg93nBv3z1HSnJO2WrolccxMFyxvMayBVtvhWsi88g%2B%2FDFGj%2FcoycQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba7fe070b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=343473
etag: W/"63c5a2df-53db1"
expires: Tue, 16 Jan 2024 19:17:53 GMT
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1992646
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpLlC1u2gDwN3MJuB7Igrp6onRxF%2FKECR2aAvTL5uj13epyf4wgG8uCpJOhJRqssRVvkN%2FuxRTmWXxYVbSAPEetIYUPwHcjcEITGST%2BJVxaLoiVowiV6ZPTYyy3c%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79673ba8af2b0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/arrow-down.svg
172.67.181.253200 OK 0 B URL HTTP/2 cdn.cuty.io/images/shared/arrow-down.svg
IP 172.67.181.253:0
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/arrow-down.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:49:38 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-dc"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1792733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZISoXh0b6uwNAAClyI6DAKZVK46sk2P0KNW%2FmE3WTBvqrqoTVOnlI0mdIO%2BK33XkbKfCiMCxculzfAHcEqDZHlMAT82PTkai30t%2BzQayFDfXWfPR71Np72g8vmqgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79673ba7fe080b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2