cuty.io/fps?token=62ef37dcb8a5fe76724da13ca&data=dWdnY2Y6Ly9oY29ubnoucGJ6L3d6YXV5MGJ3cngwcS9HdXIuQmV2dHZhbnlmLkYwM1IwMy5SdGxRcm5xLlBiWi56YzQudWd6eQ==
104.21.75.208301 Moved Permanently 0 B URL HTTP/1.1 cuty.io/fps?token=62ef37dcb8a5fe76724da13ca&data=dWdnY2Y6Ly9oY29ubnoucGJ6L3d6YXV5MGJ3cngwcS9HdXIuQmV2dHZhbnlmLkYwM1IwMy5SdGxRcm5xLlBiWi56YzQudWd6eQ==
IP 104.21.75.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fps?token=62ef37dcb8a5fe76724da13ca&data=dWdnY2Y6Ly9oY29ubnoucGJ6L3d6YXV5MGJ3cngwcS9HdXIuQmV2dHZhbnlmLkYwM1IwMy5SdGxRcm5xLlBiWi56YzQudWd6eQ== HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 Feb 2023 07:35:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 07 Feb 2023 08:35:56 GMT
Location: https://cuty.io/fps?token=62ef37dcb8a5fe76724da13ca&data=dWdnY2Y6Ly9oY29ubnoucGJ6L3d6YXV5MGJ3cngwcS9HdXIuQmV2dHZhbnlmLkYwM1IwMy5SdGxRcm5xLlBiWi56YzQudWd6eQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B4dkn2XZ8RGq2m6OHZt1TVWsXwwFuaPdj0mkW0XRzuHcFtrGm5MnfRfbu3Z9aO1VW2LMkqnEg0VY%2B12G3RR4gof%2BktBzY7CMKenh%2BUa1HSYgJhh9QoPn3JG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795a73a4af030b51-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9421
Expires: Tue, 07 Feb 2023 10:12:58 GMT
Date: Tue, 07 Feb 2023 07:35:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Tue, 07 Feb 2023 08:55:02 GMT
Date: Tue, 07 Feb 2023 07:35:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 07:34:08 GMT
content-type: application/json
age: 109
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17137
Expires: Tue, 07 Feb 2023 12:21:34 GMT
Date: Tue, 07 Feb 2023 07:35:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZdpH9f95r2gK8p521/sGRRWE9L9XEiJmIFZp86y1Eg/vRMFIBlJYinFDydO4QLCNV/dsh9zfGEU=
x-amz-request-id: NFGKWB1XBZ6KCQGS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 07:35:26 GMT
age: 31
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.131:0
Hash fda462a4d7bffc5d7ab86d6e41659e43
5185fce7a412bc9826dcb8700fc94a133ef02dfd
2a56a3720f68f965d0818c66b7c924aa00883ed0c2c2791eb9573d73c4f86919
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 07:35:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.131:0
Hash fda462a4d7bffc5d7ab86d6e41659e43
5185fce7a412bc9826dcb8700fc94a133ef02dfd
2a56a3720f68f965d0818c66b7c924aa00883ed0c2c2791eb9573d73c4f86919
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 06:51:19 GMT
age: 2678
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/vgst28AgDis
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/vgst28AgDis
IP 142.250.74.131:0
Hash e7b8b650859e8f89a3703df68bb7c38a
5d2405e118e52d16baaafde5192dbd7e9ac7fc41
c9b9f18552e80d29f93360ff76e679908048a9fed56540b93e41b3fb71229db8
POST /s/gts1p5/vgst28AgDis HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6370
Expires: Tue, 07 Feb 2023 09:22:07 GMT
Date: Tue, 07 Feb 2023 07:35:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0c18b789b296a2b3cc9adb04c94e6f7
a0fa241f813c414178f5dffd30d5c2b82d16669b
95ec61ae9d1384fdbcee256ec441d6db4e3243ed3f8e1801b3607ce3c2e1e3f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.179.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.179.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HrDa9xIdnJbUJULnJtghBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RvJK7SEwRRfNOoPBU8yfz6xKf64=
www.google.com/recaptcha/api.js
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash c40fb3e99bdf4c051379206b381f995b
3cf6ce4a866abbd13ce857357061a1cfa3a27690
0c45a6582686059e9d82919355c239be284c5740680f56332419ce0516280183
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 07 Feb 2023 07:35:58 GMT
date: Tue, 07 Feb 2023 07:35:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.131:0
Hash fda462a4d7bffc5d7ab86d6e41659e43
5185fce7a412bc9826dcb8700fc94a133ef02dfd
2a56a3720f68f965d0818c66b7c924aa00883ed0c2c2791eb9573d73c4f86919
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.131:0
Hash fda462a4d7bffc5d7ab86d6e41659e43
5185fce7a412bc9826dcb8700fc94a133ef02dfd
2a56a3720f68f965d0818c66b7c924aa00883ed0c2c2791eb9573d73c4f86919
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cuty.io/images/public/paypal.png
104.21.75.208200 OK 20 kB URL HTTP/2 cdn.cuty.io/images/public/paypal.png
IP 104.21.75.208:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb3c2365bc4ab68c2a218330f9fd0fd7
963ed20ac545ee6feaaa4eb34f67bad4c90cdee2
8d3a352fb65a6e167dac3019fc3e148fc6f82d99df7ad55192019055658035c8
GET /images/public/paypal.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/webp
content-length: 19980
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=24721
content-disposition: inline; filename="paypal.webp"
vary: Accept
etag: "63b16742-6091"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3183398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeM3t4nfBBO0HBsb3gZ%2FEUxPGvq68VCaRTxrxOfJE1GOJf9fHku6SNhBPx%2B9aa%2B90Gji8Pk4yO%2Bb1ct7upHZ6igkoZ7UjBz0FSXkrzdX8oNLKIsG3%2Bx24fiJ1yQZ6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73acceb2fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/locale-es.png
104.21.75.208200 OK 13 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-es.png
IP 104.21.75.208:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash cd2f27e52bb7592e28676a86a3309158
796b9f96cbd568743713d06478e26c8e690e3723
0e656966f1958200ae6fbba050fc6eaebb9b1c60edaaffca31d26525bc59c826
GET /images/shared/locale-es.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 12579
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
etag: "63c5a2df-3123"
expires: Thu, 25 Jan 2024 23:00:22 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 981563
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7f%2BAZpV286y5wJNayYdqxG4a%2BIF8kwRKXvOodmXZdZpEzZKKkP5oyUTmlncPHrIZiJzWnuebvIVJQAREvS1%2BxZNGPfENF70ngj8wlDMF89qy55mbCLdBe3%2BIf2cOqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accebafabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/locale-en.png
104.21.75.208200 OK 12 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-en.png
IP 104.21.75.208:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d1b5bc04aa5077c8a9869038892ac2f6
afbdc646898379e1128e9f3bc0fc309519ac1eb7
7abc5fbdfccc6e7fc7799d95f11b2f598b13a49fc65f84ca4ef31aac340b76c4
GET /images/shared/locale-en.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/webp
content-length: 11930
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=24647
content-disposition: inline; filename="locale-en.webp"
vary: Accept
etag: "63b16742-6047"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3183398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXX97BmK5pAredbPluXbedh8cKS2jq18J7VuVYFxkIaQLOYxdg%2FpnrZbOyoM0fJoPu%2FfZJI1v1652JdDr4Faf%2BwoL7huwgSOYW%2BtpvhoUggOARBMFuxWtISvKo9lUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73acceb6fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/airtm.png
104.21.75.208200 OK 1.6 kB URL HTTP/2 cdn.cuty.io/images/public/airtm.png
IP 104.21.75.208:0
File type PNG image data, 173 x 90, 8-bit colormap, non-interlaced\012- data
Hash 7b0b20bc9885600d544beb5507f52790
ff99e3b5e4430ffb2b932a656e618e18f0446ab4
1980165840ae0a9250250bd0ce68b119ac6182ee847b8e3991928a720943d224
GET /images/public/airtm.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 1558
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-616"
expires: Fri, 12 Jan 2024 18:18:59 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1680555
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2Y3uvCVY8PmkNcPqd8QEsCXLtsza60La86UlK0TTmwHQmPBxgdQtHl0zt8pgfMrciVwa5%2BE%2FqjjAbGYpPWZNn4Po%2FzAudQpIMhE03M4GIC4o3ESyoz2B27Ckb7biA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73acceb5fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/advcash.png
104.21.75.208200 OK 5.2 kB URL HTTP/2 cdn.cuty.io/images/public/advcash.png
IP 104.21.75.208:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d9122c103141e49c1438e1ddb2a53ae5
e52ec053fc378f00b0801bdad231bcf7ae328c4a
9bdb61517912bacfb8d34df7371cf1af713c93a9094b5b27c7e45752b0999b87
GET /images/public/advcash.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/webp
content-length: 5176
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8141
content-disposition: inline; filename="advcash.webp"
vary: Accept
etag: "63b16742-1fcd"
expires: Mon, 01 Jan 2024 10:59:14 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3183398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zpG3%2Bcc2tHbL7cvs9y3Cv006OMYLeUAKiiA436HDbGwz0LFp3KFT4I0I87NVsJZLxjeBPo67ZLD4xUyJrGNAw5CqJGRVQLkOmn4PH7cc6XTun85YqJ293v4P115cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73acceb4fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/locale-fr.png
104.21.75.208200 OK 16 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-fr.png
IP 104.21.75.208:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash d5c12041f2ddd200c2c881e5be833179
52ca2be8bf29666646ce347a5d0ef3f6cd547ca9
8c1d20e07e73934ea05d1a1990ad742073d9c674d81b09c2f76fa08eaf286eaf
GET /images/shared/locale-fr.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 16411
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-401b"
expires: Fri, 12 Jan 2024 18:04:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1657642
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pc91OJtTm9uwcVyNzwtWa540OmFDwrxzYBAWsdU%2FtyyIRDf8S1xb4af6zY8KRR82stXp7rX1q5L8P8ZamoNUl5%2BYGgmN9a8Rde%2BGvo7aeuqNG3HBeGzGyh%2BKBNJMzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accebefabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/locale-ar.png
104.21.75.208200 OK 51 kB URL HTTP/2 cdn.cuty.io/images/shared/locale-ar.png
IP 104.21.75.208:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash c81b22802da2b0f2d79452c15098ddb3
abd99b0b24da4d6d74513bb6b2b3311289a3dacc
7b93d647c94f9591b74af237bd20641b982004b56285802a69a2d83fa4b3b8a5
GET /images/shared/locale-ar.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 51070
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
etag: "63c5a2df-c77e"
expires: Fri, 26 Jan 2024 23:06:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 291113
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mo9Vy%2Far6dUSnKLRELxxragSp5fvG1doijajqV7c%2F%2BDKQVhOMhDb0loYhjB2854VgrFR5zvM8gbsfOGz4T4W6hcQzUAJdTXhH%2B4V194w8Z85KWm%2F5uVc219LK5tsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accebdfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/facebook-icon.png
104.21.75.208200 OK 170 B URL HTTP/2 cdn.cuty.io/images/shared/facebook-icon.png
IP 104.21.75.208:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 92619173676942ddb284d1520af0129c
ae57393f65b60bb02f0324882da4bfcd78a1426a
1d4073de5206d5aec02fedc9178f938e07f91fe49d4ba4ea246b90a800f0b124
GET /images/shared/facebook-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/webp
content-length: 170
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=409
content-disposition: inline; filename="facebook-icon.webp"
vary: Accept
etag: "63b16742-199"
expires: Mon, 01 Jan 2024 10:59:14 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3183398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71toTQEYcWaGjVHlmNlwNDkOwZUniw9tlSKF83SXaGHfPKAh0YxONoesdYNnb24athDBH5exmKb9m%2FDXTI2l3IkYvNxKBjlaVyQtsiQ9D6plAuTHO%2BWDhkmm2Y%2Bz%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73accec4fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/perfectMoney.png
104.21.75.208200 OK 202 kB URL HTTP/2 cdn.cuty.io/images/public/perfectMoney.png
IP 104.21.75.208:0
File type PNG image data, 5000 x 1023, 8-bit/color RGBA, non-interlaced\012- data
Size 202 kB (202386 bytes)
Hash 4d75a89e0baae4c6032c0fa68053830f
c9a28f03bf0e3fbbb2807db76921973872d8b390
0e007c0179add623da4b02762178d86c0d3ef3c69e8284b62f8d2e34380e0dbf
GET /images/public/perfectMoney.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 202386
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-31692"
expires: Fri, 05 Jan 2024 18:13:01 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2707002
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weZ6s0O5ehXl0e4zeivuUVJU1e%2FAWBmU81hNs0E%2FNgWkVkRfwe11cNTHmpdvJQH8v6Sk0tzoQ6muGme6YjgADe0ah9ZbbmViY6qfqrTc2CFFYn8EOnxZpCw9Anj46A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73acceb3fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cuty.io/images/shared/twitter-icon.png
104.21.75.208200 OK 338 B URL HTTP/2 cdn.cuty.io/images/shared/twitter-icon.png
IP 104.21.75.208:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 331226924d21ce8f0a925233062c71b7
748c71308741f5a28d16fd7fa5e2520093ad6d14
9c2b2f6b92ebb279b34f7fbcc2bfd81829c036330f015badc93a007d91bd3263
GET /images/shared/twitter-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/webp
content-length: 338
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=809
content-disposition: inline; filename="twitter-icon.webp"
vary: Accept
etag: "63b16742-329"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3183398
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rh9ZI9cRIeqOr%2B1R3M5dTE7Bx9666LcIgqzQ4KWhQiSIZfFziL1OWhUfP7r3SYs4of%2BClfIFNFaG3osMudPnZcLYNuxZYKCDhDAReJN%2B5NqNQpJdj4A0FriW3fahzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73accec5fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.131:0
Hash fda462a4d7bffc5d7ab86d6e41659e43
5185fce7a412bc9826dcb8700fc94a133ef02dfd
2a56a3720f68f965d0818c66b7c924aa00883ed0c2c2791eb9573d73c4f86919
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
142.250.74.40200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
IP 142.250.74.40:0
File type ASCII text, with very long lines (21849)
Hash f8915ac7da71a4260501763bdacc69b0
32710370e0e5fadc8953bd319a11171d210ebf0a
b34526bcae484c88fecaed358a5a1848068af8fa8d583d8addaa33c0254926f4
GET /gtag/js?id=G-GGDCMPL4QP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 07:35:58 GMT
expires: Tue, 07 Feb 2023 07:35:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/money-tree.png
104.21.75.208200 OK 28 kB URL HTTP/2 cdn.cuty.io/images/public/money-tree.png
IP 104.21.75.208:0
File type PNG image data, 166 x 261, 8-bit/color RGBA, non-interlaced\012- data
Hash b9c1f6949e61fdf5272ce94b2d297eec
c60dda0dea1215405f6c2fba5f30ab6c92efc1d0
bb8ce1ceb98f2a5be933d8bd813e774cd03d3d37d54ac00fa6c6534a99a45dae
GET /images/public/money-tree.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 27646
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-6bfe"
expires: Fri, 12 Jan 2024 19:11:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1654034
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHJfzqvhWlnNBGPRthJxQ3TEjY2IbGC3bREGvw%2FurU2YvGB56L0qWjBB1Hp18iD65NHrMxyoLfjNofwOTi4j%2F0RtSB4rjIMvx2XzIhPhrWeeQir%2BiVmXLHy1lCw%2ByA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accecbfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3457aea7fb3945233bec0d90b7e12439
1a2ef67e07b0f9af8643b090468b3e49e3d22a3b
a96860dd5aac146291314e457844a4f873c1ad3a479cc94cbe5418e65d60a6b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3829
Cache-Control: max-age=127026
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Etag: "63e13d9b-116"
Expires: Wed, 08 Feb 2023 18:53:04 GMT
Last-Modified: Mon, 06 Feb 2023 17:49:15 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15ae94cc5c55a67d02468a976eef8129
fb66bab3e50853b69aaa6177d1bab5841529b32d
ae656f6d230c8c3a79ca237dc04d199ecf23e9ccfacd6088dae67be2f1add5e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2866
Cache-Control: max-age=160232
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Etag: "63e1c314-118"
Expires: Thu, 09 Feb 2023 04:06:30 GMT
Last-Modified: Tue, 07 Feb 2023 03:18:44 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
cdn.cuty.io/images/public/bitcoin.png
104.21.75.208200 OK 31 kB URL HTTP/2 cdn.cuty.io/images/public/bitcoin.png
IP 104.21.75.208:0
File type PNG image data, 2000 x 417, 8-bit colormap, non-interlaced\012- data
Hash c072d65a81198a616ea588f4654f1cfb
53ec193adf51c7fcb1a642f680443d90bb3ce91d
391c02102b6a7cce91c572feec8533ecf7b26f7fa1d040ffd940660221abfc4f
GET /images/public/bitcoin.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 30766
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-782e"
expires: Fri, 05 Jan 2024 18:01:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2812875
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVZ2eqZNfzgRf7QxautJfKOXzRpBgLlA8yhf%2FzvyPDa65zeMqLOcsTttIX3uvkbJlXrYptCTavZuPnTgNX9rutRvGhKGa8mnXhuj3JabdQD%2FSacdT3WTpKtcq5Tfug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accecdfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/payeer.png
104.21.75.208200 OK 1.4 kB URL HTTP/2 cdn.cuty.io/images/public/payeer.png
IP 104.21.75.208:0
File type PNG image data, 167 x 35, 8-bit colormap, non-interlaced\012- data
Hash 076721e6bc9e7ebd04612c544a59e3ce
777b33fdf4ec2212b9613e50d46e203d54163dbb
6602b89e29d6eeb6f85296cffc62529106f8481cb7376a082dc931461844283d
GET /images/public/payeer.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 1390
last-modified: Tue, 03 Jan 2023 22:11:44 GMT
etag: "63b4a820-56e"
expires: Fri, 05 Jan 2024 18:28:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2707002
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bQ%2FfHOIv0VAT1b%2Boq80M5kjofYZNtAttMOChHJCmD2gcZ6XyXamBvrbbl8eUwp3ngiKECri%2F6J7ACAj%2Belq%2BBRxf6s8CzTESt4mSv7F%2FXDvmNZ1R%2FqY3YOqshVm6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accecefabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/linkedin-icon.png
104.21.75.208200 OK 228 kB URL HTTP/2 cdn.cuty.io/images/shared/linkedin-icon.png
IP 104.21.75.208:0
File type PNG image data, 976 x 970, 8-bit/color RGBA, non-interlaced\012- data
Size 228 kB (227769 bytes)
Hash c25b56612bfcb856e442fcb4fa58d958
10caff4d659c98702bd44b334e124402ef9649b4
53016dc352cde2e291cd6b4ba2fddf3cf5f4aec3c1cc75af07302ef63409222c
GET /images/shared/linkedin-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 227769
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
etag: "63c5a2df-379b9"
expires: Fri, 26 Jan 2024 23:40:47 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 324007
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=238edqreuircNIolIz8iypRkylNI4VImuQzLOSIQWMLVs0OOd%2FnVLvGiCRSINQiA9EdFy9FU52tS7iMnk8YN4FPfjLNwqSKiGB6%2Fh6MoMqwGhzRFzxOfQ78IFyZy%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accec6fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/COU25Czd9wE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/COU25Czd9wE
IP 142.250.74.131:0
Hash fda462a4d7bffc5d7ab86d6e41659e43
5185fce7a412bc9826dcb8700fc94a133ef02dfd
2a56a3720f68f965d0818c66b7c924aa00883ed0c2c2791eb9573d73c4f86919
POST /s/gts1p5/COU25Czd9wE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cuty.io/images/public/heading-background.png
104.21.75.208200 OK 97 kB URL HTTP/2 cdn.cuty.io/images/public/heading-background.png
IP 104.21.75.208:0
File type PNG image data, 1440 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash 5093929f0b4530ad1f101639d6a191d8
437d251f18b6473d2d56e1f6dc92d5d907509924
d2f1a492a7dd6129ab6b1819a6df840311762f3f3f90d5f44596c94a3d355e9a
GET /images/public/heading-background.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/png
content-length: 96971
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origSize=107203, status=webp_bigger
etag: "63b16742-1a2c3"
expires: Mon, 01 Jan 2024 10:59:14 GMT
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
cf-cache-status: HIT
age: 3183404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKuqE4wR%2FwDJQ5UMpSbnCTOfMQrQhKepZFeGUCbCWhVT3826Zwcduy3FND8hlkSwuSx8jjfNQB3vmTzrjGiqivwYr41SoWRwvfYM2SBTicV4brtsk8ntPs9CWchg7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73ad6f34fabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
asacdn.com/script/suv4.js
172.67.201.216200 OK 35 kB URL HTTP/2 asacdn.com/script/suv4.js
IP 172.67.201.216:0
File type Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Hash b284e29a9936be22cd343d7f7d0ecbcb
1e53dcd12e5dcc48079ff1e8e4675c0fbc5ef64b
91f936ed6e1405a30dde72ff686c389498c62044ebc2ab7fd1e3214078de8507
GET /script/suv4.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdujewSgkPWJRiHT8zbsyxnNxRL0JC5GL-2zcTAk0XqFCixmmy80Oj8p2rassUBnj2q7LlIPI8Jt2cnn7ZKen2e15Qtc-UVm
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1675341533963984
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100703
x-goog-hash: crc32c=+rzzmw==, md5=8RmTt9jAmXa4EVe7f6U10g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 07:55:44 GMT
cache-control: public, max-age=14400
age: 1074
last-modified: Thu, 02 Feb 2023 12:38:54 GMT
etag: W/"f11993b7d8c09976b81157bb7fa535d2"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZi92OKNMj3x%2FUJA1qCwsx0vQJ92vlC3pRAqXOtJ2V2t7NSrlNArlf4lp%2F1jVjb7uQBIcaNh1VpNiof2%2FDv8nFeon%2FH0RAvv0d%2BBrWpVjslXLKMybt73Wlx794TF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73ad5aa8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15ae94cc5c55a67d02468a976eef8129
fb66bab3e50853b69aaa6177d1bab5841529b32d
ae656f6d230c8c3a79ca237dc04d199ecf23e9ccfacd6088dae67be2f1add5e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2866
Cache-Control: max-age=160232
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Etag: "63e1c314-118"
Expires: Thu, 09 Feb 2023 04:06:30 GMT
Last-Modified: Tue, 07 Feb 2023 03:18:44 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfe521a7fbd6a3b0b43d0360f616e231
2f119a97e5bf2fe8a97a4c51dea3e3e6b9a57162
8800e417b1899de7974f88077af9fbad4f60a39b89aade0f75fbfec56592d424
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8800E417B1899DE7974F88077AF9FBAD4F60A39B89AADE0F75FBFEC56592D424"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3002
Expires: Tue, 07 Feb 2023 08:26:00 GMT
Date: Tue, 07 Feb 2023 07:35:58 GMT
Connection: keep-alive
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutty.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 09:38:52 GMT
expires: Sat, 03 Feb 2024 09:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
age: 338226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/x.svg
104.21.75.208200 OK 630 B URL HTTP/2 cdn.cuty.io/images/shared/x.svg
IP 104.21.75.208:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash fed56d1c616eb3f2d2e6a16c233371b7
cbba4fe0a0a172369bc28e31799fcb2837dcf602
29d26484b70f229f4f7928f9c33f79756e2b472e17504d3612c7b37a60ba4818
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/x.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-d1"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3183404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0D%2BoHExhCfE90K3SU9fhpnjBXg0BEs1kvJq4Y42FN2NWupUCV7rNaz%2BYT2CcCuv3Fk619uop2bU3%2FpfLf5IHrHldVMpmMx5sDhtr%2BF1LIbgyBkL73lKlWM0RgKbc1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accec3fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nannieslamaic.com/1clkn/60028
172.255.6.92200 OK 26 B URL HTTP/1.1 nannieslamaic.com/1clkn/60028
IP 172.255.6.92:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/60028 HTTP/1.1
Host: nannieslamaic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 07:35:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 08-Feb-2023 07:35:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Wed, 08-Feb-2023 07:35:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4e8402169d82eae3cc8340e949f59374
b11e16b86e1b5bbc931c9d671abe568166beaf38
4dae25654af7690b9bdd24fef3f0d3d40df14974af5ac79571ccaa561e156347
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 07:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 17:22:29 GMT
Expires: Sat, 11 Feb 2023 17:22:28 GMT
Etag: "b11e16b86e1b5bbc931c9d671abe568166beaf38"
Cache-Control: max-age=380189,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a73aebcdbb505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4e8402169d82eae3cc8340e949f59374
b11e16b86e1b5bbc931c9d671abe568166beaf38
4dae25654af7690b9bdd24fef3f0d3d40df14974af5ac79571ccaa561e156347
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 07:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 17:22:29 GMT
Expires: Sat, 11 Feb 2023 17:22:28 GMT
Etag: "b11e16b86e1b5bbc931c9d671abe568166beaf38"
Cache-Control: max-age=380189,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a73ae3e7ab512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3457aea7fb3945233bec0d90b7e12439
1a2ef67e07b0f9af8643b090468b3e49e3d22a3b
a96860dd5aac146291314e457844a4f873c1ad3a479cc94cbe5418e65d60a6b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6276
Cache-Control: max-age=129473
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Etag: "63e13d9b-116"
Expires: Wed, 08 Feb 2023 19:33:51 GMT
Last-Modified: Mon, 06 Feb 2023 17:49:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
live.demand.supply/e/e.js?e=ll&d=625&cs=c&dsReferer=Y3V0dHkuYXBwL0daRVJzTGpI
104.16.134.22200 OK 25 kB URL HTTP/2 live.demand.supply/e/e.js?e=ll&d=625&cs=c&dsReferer=Y3V0dHkuYXBwL0daRVJzTGpI
IP 104.16.134.22:0
Hash 3985f42ec21b3862e3787a96fe7a3ddd
b76acc7bbd9be99c269aa58f3545deb3377f475e
18975dfa16b5a4fad294282803870e2c504c3322a445ce8c514a9eef7d5bb7e4
HEAD /e/e.js?e=ll&d=625&cs=c&dsReferer=Y3V0dHkuYXBwL0daRVJzTGpI HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GNH5VQZCDDVTPFB7T2W7TM18
cf-cache-status: HIT
age: 545274
accept-ranges: bytes
set-cookie: __cf_bm=uAaFjSDE2vIDD_K7mzvqnJShDGUKWBFvXidb4LVx9vc-1675755358-0-AaUPSDwJNXAwshPqI0bARDk76p/XI08n6JoU8YstuRgNI7oQ5DBZlP3dI+gyZ+/lehd38rFUbcRbgw4VwgLgYy8=; path=/; expires=Tue, 07-Feb-23 08:05:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73af8abf0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0dHkuYXBwL0daRVJzTGpI
104.16.134.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=fs&dsReferer=Y3V0dHkuYXBwL0daRVJzTGpI
IP 104.16.134.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=Y3V0dHkuYXBwL0daRVJzTGpI HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GNN40JMWXW15DE1R3FSH39KR
cf-cache-status: HIT
age: 545275
accept-ranges: bytes
set-cookie: __cf_bm=VhWak40dphmnodVFSsr4GP5oPi.Rjrs7XvtU0AnBW6o-1675755358-0-Ad3bUFShDSJKd1Aw0DfedzM+FxgVUbSjJuhowXoIXjh5DEC/VFDNrGIj5/1eHLWpYaEO5hsiOjgjy2aosMeQ/D0=; path=/; expires=Tue, 07-Feb-23 08:05:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73afbad20b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
youradexchange.com/ut/hb.php?cb=0.38873892117794584
35.190.41.116204 No Content 0 B URL HTTP/2 youradexchange.com/ut/hb.php?cb=0.38873892117794584
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.38873892117794584 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 947
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: openresty
date: Tue, 07 Feb 2023 07:35:58 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4e8402169d82eae3cc8340e949f59374
b11e16b86e1b5bbc931c9d671abe568166beaf38
4dae25654af7690b9bdd24fef3f0d3d40df14974af5ac79571ccaa561e156347
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 07:35:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 17:22:29 GMT
Expires: Sat, 11 Feb 2023 17:22:28 GMT
Etag: "b11e16b86e1b5bbc931c9d671abe568166beaf38"
Cache-Control: max-age=380189,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 795a73b00e3eb505-OSL
cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
104.21.75.208200 OK 11 kB URL HTTP/2 cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
IP 104.21.75.208:0
File type ASCII text, with very long lines (52522), with no line terminators
Hash 1d8853e0423d44420ad095c2bb33889c
5fcc249133c9519b717106def23669daadda274e
9721c5c942c9d16e1d889d8fe2c3ca591bc6db229ea0fe47fc450b6f71297768
GET /css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: text/css
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=52548
etag: W/"63ac510a-cd44"
expires: Mon, 01 Jan 2024 10:59:13 GMT
last-modified: Wed, 28 Dec 2022 14:22:02 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 3183404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh5B%2BJKuyhkx4WRWXfCQC5hkOzYS2Nrwb%2FRGHeKo4aQfhHuulT4IveY6SSc3liFFkNNPl2AlMGqclxqnFzjIPebGENlQ8XPfZerpRex7%2B6uTJYcMBU5dVc4OmgYwMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73acceb0fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
youradexchange.com/script/suurl4.php?r=5890046&cbur=0.9858695319149335&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&cbpage=https%3A%2F%2Fcutty.app%2FGZERsLjH&cbref=&cbdescription=&cbkeywords=cuty%2C%20url%20shortener%2C%20shorten%20urls%2C%20best%20url%20shortener%2C%20shorten%20links%20and%20earn%20money%2C%20url%20shortener%20online%2C%20earn%20money%2C%20earn%20money%20online&cbcdn=asacdn.com&aggr=0
35.190.41.116200 OK 165 kB URL HTTP/2 youradexchange.com/script/suurl4.php?r=5890046&cbur=0.9858695319149335&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&cbpage=https%3A%2F%2Fcutty.app%2FGZERsLjH&cbref=&cbdescription=&cbkeywords=cuty%2C%20url%20shortener%2C%20shorten%20urls%2C%20best%20url%20shortener%2C%20shorten%20links%20and%20earn%20money%2C%20url%20shortener%20online%2C%20earn%20money%2C%20earn%20money%20online&cbcdn=asacdn.com&aggr=0
IP 35.190.41.116:0
File type JSON data\012- , ASCII text, with very long lines (1095)
Size 165 kB (164689 bytes)
Hash ad84022f51eaad6e4558a962a072cbd3
9d4937729e183c8aec04b0addb00b6c5c1b89f13
c12feb89110a571f22a9ba87cadd47c8c25e4e110bdb37dc4995d3f8d9bf27e9
GET /script/suurl4.php?r=5890046&cbur=0.9858695319149335&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&cbpage=https%3A%2F%2Fcutty.app%2FGZERsLjH&cbref=&cbdescription=&cbkeywords=cuty%2C%20url%20shortener%2C%20shorten%20urls%2C%20best%20url%20shortener%2C%20shorten%20links%20and%20earn%20money%2C%20url%20shortener%20online%2C%20earn%20money%2C%20earn%20money%20online&cbcdn=asacdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cuty.io/js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131
104.21.75.208200 OK 129 kB URL HTTP/2 cdn.cuty.io/js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131
IP 104.21.75.208:0
File type Unicode text, UTF-8 text, with very long lines (65346), with no line terminators
Size 129 kB (128803 bytes)
Hash dcb18d11e66ad95acf1833b6f9808051
4fa7c6379a9fd87f72deefb25652104de536a458
680433238e9ec34cdf82f872f3d8154873a016ce9e6133b2c4bd4d750e850227
Analyzer Verdict Alert fortinet Phishing
GET /js/public/layouts/app.js?id=59b76b5d9a43e5c8987a2f96fb488131 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=343473
etag: W/"63c5a2df-53db1"
expires: Tue, 16 Jan 2024 19:17:53 GMT
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1858626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg6NxvAkiMnjAib8xSCj9Rq4ju7d7SicAJthcl9xhBZGWxil4WtLnIN%2BGxcmLbJcjJhEqUzwi2CgO%2Fdg%2F5Srsb86Sy8wBGAwt9KW2NHvklVrIPXtk47ZLxoXD9OLfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73ad6f32fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 262283a921f231669fd41486228a6e9a
4b96dcb2cd03f53280d2ecf5ccb249b0b32e6e97
13b8cc87c28e0113401d88f89971eb966afde870a3e4be2602ff34942e81862d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP>m=45je3210&_p=247048532&cid=1408020850.1675755407&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675755407&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FGZERsLjH&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP>m=45je3210&_p=247048532&cid=1408020850.1675755407&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675755407&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FGZERsLjH&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-GGDCMPL4QP>m=45je3210&_p=247048532&cid=1408020850.1675755407&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675755407&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FGZERsLjH&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cutty.app
date: Tue, 07 Feb 2023 07:35:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/logo.svg
104.21.75.208200 OK 2.6 kB URL HTTP/2 cdn.cuty.io/images/shared/logo.svg
IP 104.21.75.208:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1008)
Hash a15e429cde89e0788e3c5ad099252a2a
4c9610b6fa78bf93324eefe4179206b84bc15eff
fc579cc1ff2912cc891129f5898bd2d8d5177dd9b2cff4f2a3442bf97da829fc
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/logo.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-175a"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3183404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpfE75qnR8JLm1%2BnTKFa%2B4zyXJsiuieqJRFeyWv%2BMHHSL4AXzMvjG93UVIhFamv%2Fra7fG6wGEzOck%2BJw87pR%2FkqaBnOyf%2B3ZHt%2FSFVf59KMcgUPTLMrgyqZ0D4ILHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73acceccfabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12956
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 07:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12956
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 07:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12956
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 07:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12956
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 07:35:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12956
Expires: Tue, 07 Feb 2023 11:11:55 GMT
Date: Tue, 07 Feb 2023 07:35:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z5r7rFH2nEro98p7U4_Lz8xIrX_bnU7ntAc46ytGzL8498buHzsCcg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:26 GMT
age: 34833
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92008e687831334af1cdbf4b8a57579f
e6ff750f12836637adf5b253d64c2102fdf3c180
39af3e630e0271b54139849c1b596efbdc69a23ce943e5330341d49f77798c7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd09b3928-4257-4aee-9978-7c13c20b5a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7183
x-amzn-requestid: 02695a8d-2ab8-4d77-bfbe-f99418d8ef00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f78YOGsyoAMF5wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17434-2614cef4059e7fd5009cb46d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:42:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbUWAiTEzfmIOkYgKdBEYxEnRky5wA7ajMWumei7fXeIqLN9B-riBw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:27 GMT
age: 34832
etag: "e6ff750f12836637adf5b253d64c2102fdf3c180"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88178e0f623494e30ece4da4eed04d60
7f016d87157a577e4ad4e4cf6c854a0489f8571a
e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6384
x-amzn-requestid: 5f91a438-31d9-42ca-96b4-71344cc736c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77IcE2-oAMFbZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17235-1ce1ebfa4e9ae6053434c48d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: li__CyiikZFRNF7c8_9Kbi18VJ39UzJiNgP9z141MCUFVPnYAEXPCg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 22:24:59 GMT
age: 33060
etag: "7f016d87157a577e4ad4e4cf6c854a0489f8571a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg
IP 34.120.237.76:0
Hash 8637fd0725bb905589aa470a0ca208e9
f84eb062e37989f6b7e73f628eeeb31f9cf202bc
a9a73c91da3e86380443186638c5f05a45fc71fe7d7957fcae0c698d841aa59a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32cb7a16-13bc-4d42-8e17-7be2a40cfc82.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6316
x-amzn-requestid: 879578cc-a58a-4516-a7cd-68850553762b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpc79ECLIAMFclw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0eb2-57141dcf1c5595110f5f572e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:03:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ARr-i9j3ruIxZ123Ae2bEk_c2s_5Zs7fhrn4UXphw_jOYrtvq9OMVg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 16:55:00 GMT
age: 52859
etag: "2e54c22fb83981e2690161cd521e4fc3998e9c16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7926951f-dd16-4029-a877-933fa5d3c0f5.png
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7926951f-dd16-4029-a877-933fa5d3c0f5.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf292b03a5db7eb8e0660a518f41233c
8fa486cdecffff8a663da2df88227ee784c298a2
cfc5efb92068bdeeda5c95f9851213b14afa76776486d0493cf4c05b30453cf0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7926951f-dd16-4029-a877-933fa5d3c0f5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5634
x-amzn-requestid: 632886dc-5740-40ae-b91f-f0bc1578ac2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpdrbGvaoAMF_4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0fe2-4e20757b045beab314bdf92e;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xCFj9HPjTNZgRqRW4qwDUe2duq7q24zyMZSuIa6Nw7QjeouM11_ziw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 15:41:08 GMT
age: 57291
etag: "8fa486cdecffff8a663da2df88227ee784c298a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eedb4de12585c70ddb5b8f94fe6a59e2
83c9437e71a0a03b3e8ff652155a85eafa76cdda
d4493a30f62e9ad224b3595ba3af8a322e2d4a3d9238a1847973f962bdcc0c82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ada2635-3335-4f49-9e7f-22d2ae016030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4227
x-amzn-requestid: b45f2ab7-0102-4542-9514-54fb93a0e27f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77sTH4jIAMFnsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1731b-4a24bcb1102e58543cd81343;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ovhdLaEGaDSC8X0F9VamLw0KyBPWkxfYg5pssOT8NOZP4IBtNk6Gfw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:55:19 GMT
etag: "83c9437e71a0a03b3e8ff652155a85eafa76cdda"
content-type: image/jpeg
age: 34840
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=cutty.app
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=cutty.app
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cutty.app HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 07 Feb 2023 07:35:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=cutty.app
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=cutty.app
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=cutty.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 07 Feb 2023 07:35:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2e90fb4abc4adea51d5da8fca3895c90
9ea128cefd8a4e91bc93a306cdafdcf5c0b99a40
6de37bd6d8e446c4e3b2d739ad311f23c403bb59c6adbfade793b274da3b5f28
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
172.217.21.161200 OK 2.7 kB URL HTTP/2 ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Tue, 07 Feb 2023 07:35:59 GMT
expires: Wed, 07 Feb 2024 07:35:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2f48592c9ce931276d6e5e6e7e342cc3
55bfae3bef5fb97c8262eb622a54a0f603d41ec9
36472b536e89d8c01926bcdb2e23240f69f0bd7cde3b39a53a75b0a804291fd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 66228d5106831fb71b8a20f3d30988aa
3e5d7e7a0525bf3b132f27b3603191aa564f8c60
ed61ef533f66cce8f7e61e85001ddf171c8c632a0ee71e75c395db9f1974caaf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Last-Modified: Tue, 07 Feb 2023 06:54:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
cdn.id5-sync.com/api/1.0/esp.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.53.86:0
File type ASCII text, with very long lines (59496)
Hash 377270b98f9ef5aae4f04dcdf7b86ada
d51eff71bf7318988198ac41150fa78543199d0b
11d721a7e404de8c5275b33e5bbcfc790d63f3edc903c655b57537dc13223c06
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:59 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1941
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 795a73b6eff7b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 941a5a80a69c3a396f0f350128676b25
295fcba959a659c281134a5b4ba39bd4cdeb4b57
73c5b5af42987f2c1db814c8a60bd54396be522836601025a89904c5994b57a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 941a5a80a69c3a396f0f350128676b25
295fcba959a659c281134a5b4ba39bd4cdeb4b57
73c5b5af42987f2c1db814c8a60bd54396be522836601025a89904c5994b57a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 941a5a80a69c3a396f0f350128676b25
295fcba959a659c281134a5b4ba39bd4cdeb4b57
73c5b5af42987f2c1db814c8a60bd54396be522836601025a89904c5994b57a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 941a5a80a69c3a396f0f350128676b25
295fcba959a659c281134a5b4ba39bd4cdeb4b57
73c5b5af42987f2c1db814c8a60bd54396be522836601025a89904c5994b57a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 941a5a80a69c3a396f0f350128676b25
295fcba959a659c281134a5b4ba39bd4cdeb4b57
73c5b5af42987f2c1db814c8a60bd54396be522836601025a89904c5994b57a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301242213000/amp4ads-v0.mjs
172.217.21.161200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301242213000/amp4ads-v0.mjs
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash e69a282437c2fecf650a1a9e3d74ac25
4f74af852f8b469c96c0b4772e21405a18dc6567
2dd9818be574ad81e7841351d05c7a17776133168e003b575a4adbb711c5ba2b
GET /rtv/012301242213000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61710
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:12:41 GMT
expires: Tue, 06 Feb 2024 18:12:41 GMT
cache-control: public, max-age=31536000
etag: "f7fde309d00c7e4f"
content-type: text/javascript; charset=UTF-8
age: 48198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301242213000/v0/amp-ad-exit-0.1.mjs
172.217.21.161200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301242213000/v0/amp-ad-exit-0.1.mjs
IP 172.217.21.161:0
File type ASCII text, with very long lines (14751)
Hash 14b409217a0b2a45c78ccf0e6194d07f
cfc4e7ca7ba09aa75474d4d3bc92ecb5a20bc642
e655e124c9241cd096aef731470dace69ec92b2dda2f96d99e4bdfc066939b6f
GET /rtv/012301242213000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:12:41 GMT
expires: Tue, 06 Feb 2024 18:12:41 GMT
cache-control: public, max-age=31536000
etag: "ba49594f66f11825"
content-type: text/javascript; charset=UTF-8
age: 48198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301242213000/v0/amp-analytics-0.1.mjs
172.217.21.161200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301242213000/v0/amp-analytics-0.1.mjs
IP 172.217.21.161:0
File type ASCII text, with very long lines (65534)
Hash ee931a9494b5c28839f8ffda5f4ee803
b43560b30647e0200962e52b833705e0b5fd461e
e840a2867a7f50da3f4b2d2c3c3fb03ea9882d1704a8d82750fbf974b93233c5
GET /rtv/012301242213000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28871
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:12:41 GMT
expires: Tue, 06 Feb 2024 18:12:41 GMT
cache-control: public, max-age=31536000
etag: "02f301facbbd58b4"
content-type: text/javascript; charset=UTF-8
age: 48198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301242213000/v0/amp-form-0.1.mjs
172.217.21.161200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301242213000/v0/amp-form-0.1.mjs
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash 6c9f946ec3339e6c892925177aad5b49
3a9deb0b13e02a25cb88ec4cf3ad5fa241031b93
77013996fda345256a8b632f49033a6b3c638199cf0bcef1b2239b15759c630e
GET /rtv/012301242213000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12945
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:12:41 GMT
expires: Tue, 06 Feb 2024 18:12:41 GMT
cache-control: public, max-age=31536000
etag: "bb31e5f5c223d9c1"
content-type: text/javascript; charset=UTF-8
age: 48198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutty.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 14:34:21 GMT
expires: Fri, 02 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 406899
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 941a5a80a69c3a396f0f350128676b25
295fcba959a659c281134a5b4ba39bd4cdeb4b57
73c5b5af42987f2c1db814c8a60bd54396be522836601025a89904c5994b57a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96712aeae562ade92e53a7f44af41877
bb012ee0f08d602747f47da8ba9028dfd6358129
ea2efb35d357a6f317f71355a394a3fcf962686faba6a42410878df7ceb01fcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA2EFB35D357A6F317F71355A394A3FCF962686FABA6A42410878DF7CEB01FCB"
Last-Modified: Tue, 07 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3442
Expires: Tue, 07 Feb 2023 08:33:22 GMT
Date: Tue, 07 Feb 2023 07:36:00 GMT
Connection: keep-alive
id5-sync.com/api/esp/increment?counter=no-config
141.95.98.65204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 141.95.98.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://cutty.app
access-control-allow-credentials: true
date: Tue, 07 Feb 2023 07:35:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
googleads.g.doubleclick.net/xbbe/pixel?d=CNmn4QIQiOrnAhin8LbgATAB&v=APEucNUEABZ-BZSCuRjEWu-fxSDfQY4avolmWApRWQ0LuUQWD78I14ZI4v0sHwlRk61aRb91qlw-nyu4TpEuj6uVqZL69gb6BuKHV9v3V7HENKn0JuZsxxjTOrfPjKBvqE-Ro1D2TQvu7awrGVWk2n0s2E8MjfFg8yhjOC6g87FN0w82GTFg8pvB82crCVTskfWWKwvJTBh9kfeQtIL2ovYmVPbmXX8Xfg
142.250.74.2200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CNmn4QIQiOrnAhin8LbgATAB&v=APEucNUEABZ-BZSCuRjEWu-fxSDfQY4avolmWApRWQ0LuUQWD78I14ZI4v0sHwlRk61aRb91qlw-nyu4TpEuj6uVqZL69gb6BuKHV9v3V7HENKn0JuZsxxjTOrfPjKBvqE-Ro1D2TQvu7awrGVWk2n0s2E8MjfFg8yhjOC6g87FN0w82GTFg8pvB82crCVTskfWWKwvJTBh9kfeQtIL2ovYmVPbmXX8Xfg
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CNmn4QIQiOrnAhin8LbgATAB&v=APEucNUEABZ-BZSCuRjEWu-fxSDfQY4avolmWApRWQ0LuUQWD78I14ZI4v0sHwlRk61aRb91qlw-nyu4TpEuj6uVqZL69gb6BuKHV9v3V7HENKn0JuZsxxjTOrfPjKBvqE-Ro1D2TQvu7awrGVWk2n0s2E8MjfFg8yhjOC6g87FN0w82GTFg8pvB82crCVTskfWWKwvJTBh9kfeQtIL2ovYmVPbmXX8Xfg HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 07:36:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Feb-2023 07:51:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 07:36:00 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CNmn4QIQiOrnAhiH3rbgATAB&v=APEucNW_2A8fYpwtz21J_3H7hLTY_9feLAX0CNIp-bpnrW3QI4_u0FDKKtVMIwH_nHDLW4r6H-0CI0In9eZvmZcesOaXfjjw34jXB7hJFz0vAPhgI2KHdE1TV5uN5VWQhqfsaQv4PFWEeKaD8LnELHggdeLukNeHxoxckEIPpR0H6Xz_bYcq2gmG2eBL-LT-TDMvKLuvRcdoIWOMP9oOXP_9D5cGACHiAQ
142.250.74.2200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CNmn4QIQiOrnAhiH3rbgATAB&v=APEucNW_2A8fYpwtz21J_3H7hLTY_9feLAX0CNIp-bpnrW3QI4_u0FDKKtVMIwH_nHDLW4r6H-0CI0In9eZvmZcesOaXfjjw34jXB7hJFz0vAPhgI2KHdE1TV5uN5VWQhqfsaQv4PFWEeKaD8LnELHggdeLukNeHxoxckEIPpR0H6Xz_bYcq2gmG2eBL-LT-TDMvKLuvRcdoIWOMP9oOXP_9D5cGACHiAQ
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CNmn4QIQiOrnAhiH3rbgATAB&v=APEucNW_2A8fYpwtz21J_3H7hLTY_9feLAX0CNIp-bpnrW3QI4_u0FDKKtVMIwH_nHDLW4r6H-0CI0In9eZvmZcesOaXfjjw34jXB7hJFz0vAPhgI2KHdE1TV5uN5VWQhqfsaQv4PFWEeKaD8LnELHggdeLukNeHxoxckEIPpR0H6Xz_bYcq2gmG2eBL-LT-TDMvKLuvRcdoIWOMP9oOXP_9D5cGACHiAQ HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 07:36:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Feb-2023 07:51:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 07:36:00 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
216.58.207.198200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 216.58.207.198:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 05:58:24 GMT
expires: Wed, 08 Feb 2023 05:58:24 GMT
cache-control: public, max-age=86400
age: 5856
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16a00010059b5807d3bc9183a12afe36
9db7a4959203fd4aad2fd5507d906b94d58a872e
3fedb9ff11e2b06dd50e1446a857dcd33f8caa2fefa62bc6ce8fc1af172965f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 07:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwfaX58Xvi92zAlkYNsnAWp3B9z06Bp91jEUm1dSRewksaPUfc1b_m7qJ__66Ji-bjIxF_HDD45RtKvj7pRAkcQ85-QAUDg7ye7E1qk5Fw8uBt1aqNOvhcnszgMCl-hT2b1GQG_VAADn2SiYA7X4bJyTTmJ38jhtj__uYdjfzP5T36JLe4YHchwhc0HuuzP5FXNhuVg3frt41MHFO8cwsVd-HiOQBRuCTrU4mELZEVw-9b7TRRJpkJFlcd8lz18cEKczAPRN6GrHv4vxXFK_5zCqcHND9T2wsovRsROC64tigoI1v-pXAz9ZiyHIS-cLuiOULCrfGmV9YZVCuV0uJ6kcLV8GMld_q_3uFGmnqAqdGLEAMjdpZZ_L2dwlhTIlWOOGK8H3_alf5g_tpyQaVlZG3rCaNW-5noVr4HgCBGOGEPQ9xiYoLqGFYXoiIx8yV9gVA8DCKzZcwz3sZmDKT12zrykROJqLKHP_LWU1KX5go_Ah6XDnW1aSP5gNZW-HLxhjARYXlfU1_k9os3-be78p9o1iRpBBjdawnmDxWmIbo9bVc5g38E-5Ym1wPXEnwy4vuI81t1jqRGK82Iq24qI8jTFRPvh01lAu5qJqb8HORN5TnWUGfvHdMbN4Y8GAT4EW0i5c2M2He7DhhdApsN0yBFJ3uUxkOtt6mP9nUF28ZHVOCYRHE4i40zrlSKc_6vzf0pKTfYICmtCKUv33vppLkyd6BXnuJZL0y4nOhfjBLoj2T_Xn8t-ol0FTVdFctdLuVzT3dOvxZwlf8lQwq313MYxXmBYBTmO0civzeAcGqRPFtC8GNRBa8USCGh0K-Z0KIqRfWVMopXG1tO1myo7GopSyextjb0UF7xLQkyL_UiE8Y9sxEl9YATtXHpGoLIVex_WDAyUfjAJzMDSemjQGl1kKIzbmSjZ-XboNi68NBmcBqOR7U49N2WmGYAENqDOk6D6IR8OF4r3k3BjLwNKihu2NIqPsFQqAOOJr6b4IJNegXKTwYNo7aejrOBFf_Pu-5hVB6nQV_23Z0dGQiKxzU4sIG0oky5eKoG57--nJj9SQiBRw3b0SPdi3G-YKP1M_KOKCri3pubKAzTNtyk0edg6p5pLKzFw5TNBYhcHLRDsBPtLUS5XFRjOdaKhzvlUlK_Trrm2Ay9SjbDhXX9rRoqvUQg1nYUQRhzGUunZxhUzv8ALtuhqF_wGhE&sai=AMfl-YRWERTt1U6figa0MuF8kcebM3gG9rjDySGwTycCYsNz3BQEg2dkvU-V1N7UOZz-raGmDWqhvV8wCAzaBj2ML2Vnjn880KJpHkmQLRbZbR6Hm_uiNI-zB82oetq64kAaeGMdsTipWZgBuu0FSqpeUdV9NonFNTrdFbQw7yMH6YAX91LzNKcGAp3lQMckk9ZJvF9obYDXSSG8I_IgdwHtvPC_N4m05VvzYipUhE1pwYcsOSSlOJeceOPN3G055TlzqszFfLghXAMvWENIKYDFSsWMYm8WPxwa-6BrjydveA&sig=Cg0ArKJSzG57qYW3d87VEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=136&cisv=r20230202.81802&arae=0&ftch=1&adurl=
142.250.74.162200 OK 867 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwfaX58Xvi92zAlkYNsnAWp3B9z06Bp91jEUm1dSRewksaPUfc1b_m7qJ__66Ji-bjIxF_HDD45RtKvj7pRAkcQ85-QAUDg7ye7E1qk5Fw8uBt1aqNOvhcnszgMCl-hT2b1GQG_VAADn2SiYA7X4bJyTTmJ38jhtj__uYdjfzP5T36JLe4YHchwhc0HuuzP5FXNhuVg3frt41MHFO8cwsVd-HiOQBRuCTrU4mELZEVw-9b7TRRJpkJFlcd8lz18cEKczAPRN6GrHv4vxXFK_5zCqcHND9T2wsovRsROC64tigoI1v-pXAz9ZiyHIS-cLuiOULCrfGmV9YZVCuV0uJ6kcLV8GMld_q_3uFGmnqAqdGLEAMjdpZZ_L2dwlhTIlWOOGK8H3_alf5g_tpyQaVlZG3rCaNW-5noVr4HgCBGOGEPQ9xiYoLqGFYXoiIx8yV9gVA8DCKzZcwz3sZmDKT12zrykROJqLKHP_LWU1KX5go_Ah6XDnW1aSP5gNZW-HLxhjARYXlfU1_k9os3-be78p9o1iRpBBjdawnmDxWmIbo9bVc5g38E-5Ym1wPXEnwy4vuI81t1jqRGK82Iq24qI8jTFRPvh01lAu5qJqb8HORN5TnWUGfvHdMbN4Y8GAT4EW0i5c2M2He7DhhdApsN0yBFJ3uUxkOtt6mP9nUF28ZHVOCYRHE4i40zrlSKc_6vzf0pKTfYICmtCKUv33vppLkyd6BXnuJZL0y4nOhfjBLoj2T_Xn8t-ol0FTVdFctdLuVzT3dOvxZwlf8lQwq313MYxXmBYBTmO0civzeAcGqRPFtC8GNRBa8USCGh0K-Z0KIqRfWVMopXG1tO1myo7GopSyextjb0UF7xLQkyL_UiE8Y9sxEl9YATtXHpGoLIVex_WDAyUfjAJzMDSemjQGl1kKIzbmSjZ-XboNi68NBmcBqOR7U49N2WmGYAENqDOk6D6IR8OF4r3k3BjLwNKihu2NIqPsFQqAOOJr6b4IJNegXKTwYNo7aejrOBFf_Pu-5hVB6nQV_23Z0dGQiKxzU4sIG0oky5eKoG57--nJj9SQiBRw3b0SPdi3G-YKP1M_KOKCri3pubKAzTNtyk0edg6p5pLKzFw5TNBYhcHLRDsBPtLUS5XFRjOdaKhzvlUlK_Trrm2Ay9SjbDhXX9rRoqvUQg1nYUQRhzGUunZxhUzv8ALtuhqF_wGhE&sai=AMfl-YRWERTt1U6figa0MuF8kcebM3gG9rjDySGwTycCYsNz3BQEg2dkvU-V1N7UOZz-raGmDWqhvV8wCAzaBj2ML2Vnjn880KJpHkmQLRbZbR6Hm_uiNI-zB82oetq64kAaeGMdsTipWZgBuu0FSqpeUdV9NonFNTrdFbQw7yMH6YAX91LzNKcGAp3lQMckk9ZJvF9obYDXSSG8I_IgdwHtvPC_N4m05VvzYipUhE1pwYcsOSSlOJeceOPN3G055TlzqszFfLghXAMvWENIKYDFSsWMYm8WPxwa-6BrjydveA&sig=Cg0ArKJSzG57qYW3d87VEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=136&cisv=r20230202.81802&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
File type gzip compressed data, max compression\012- data
Hash 24851c0efa2c9b66158d70795ffc379d
1b05f46bd3d99d099590ba60bbe94531c263bbd7
148325b604c4796f351380447c89a07bd90e296b35f44e205180522ac8cf844c
GET /pcs/view?xai=AKAOjstwfaX58Xvi92zAlkYNsnAWp3B9z06Bp91jEUm1dSRewksaPUfc1b_m7qJ__66Ji-bjIxF_HDD45RtKvj7pRAkcQ85-QAUDg7ye7E1qk5Fw8uBt1aqNOvhcnszgMCl-hT2b1GQG_VAADn2SiYA7X4bJyTTmJ38jhtj__uYdjfzP5T36JLe4YHchwhc0HuuzP5FXNhuVg3frt41MHFO8cwsVd-HiOQBRuCTrU4mELZEVw-9b7TRRJpkJFlcd8lz18cEKczAPRN6GrHv4vxXFK_5zCqcHND9T2wsovRsROC64tigoI1v-pXAz9ZiyHIS-cLuiOULCrfGmV9YZVCuV0uJ6kcLV8GMld_q_3uFGmnqAqdGLEAMjdpZZ_L2dwlhTIlWOOGK8H3_alf5g_tpyQaVlZG3rCaNW-5noVr4HgCBGOGEPQ9xiYoLqGFYXoiIx8yV9gVA8DCKzZcwz3sZmDKT12zrykROJqLKHP_LWU1KX5go_Ah6XDnW1aSP5gNZW-HLxhjARYXlfU1_k9os3-be78p9o1iRpBBjdawnmDxWmIbo9bVc5g38E-5Ym1wPXEnwy4vuI81t1jqRGK82Iq24qI8jTFRPvh01lAu5qJqb8HORN5TnWUGfvHdMbN4Y8GAT4EW0i5c2M2He7DhhdApsN0yBFJ3uUxkOtt6mP9nUF28ZHVOCYRHE4i40zrlSKc_6vzf0pKTfYICmtCKUv33vppLkyd6BXnuJZL0y4nOhfjBLoj2T_Xn8t-ol0FTVdFctdLuVzT3dOvxZwlf8lQwq313MYxXmBYBTmO0civzeAcGqRPFtC8GNRBa8USCGh0K-Z0KIqRfWVMopXG1tO1myo7GopSyextjb0UF7xLQkyL_UiE8Y9sxEl9YATtXHpGoLIVex_WDAyUfjAJzMDSemjQGl1kKIzbmSjZ-XboNi68NBmcBqOR7U49N2WmGYAENqDOk6D6IR8OF4r3k3BjLwNKihu2NIqPsFQqAOOJr6b4IJNegXKTwYNo7aejrOBFf_Pu-5hVB6nQV_23Z0dGQiKxzU4sIG0oky5eKoG57--nJj9SQiBRw3b0SPdi3G-YKP1M_KOKCri3pubKAzTNtyk0edg6p5pLKzFw5TNBYhcHLRDsBPtLUS5XFRjOdaKhzvlUlK_Trrm2Ay9SjbDhXX9rRoqvUQg1nYUQRhzGUunZxhUzv8ALtuhqF_wGhE&sai=AMfl-YRWERTt1U6figa0MuF8kcebM3gG9rjDySGwTycCYsNz3BQEg2dkvU-V1N7UOZz-raGmDWqhvV8wCAzaBj2ML2Vnjn880KJpHkmQLRbZbR6Hm_uiNI-zB82oetq64kAaeGMdsTipWZgBuu0FSqpeUdV9NonFNTrdFbQw7yMH6YAX91LzNKcGAp3lQMckk9ZJvF9obYDXSSG8I_IgdwHtvPC_N4m05VvzYipUhE1pwYcsOSSlOJeceOPN3G055TlzqszFfLghXAMvWENIKYDFSsWMYm8WPxwa-6BrjydveA&sig=Cg0ArKJSzG57qYW3d87VEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=136&cisv=r20230202.81802&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 07:36:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Feb-2023 07:51:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 07:36:00 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9cbzqWUFVWhOCd4Jd40_G8LJrVX0dBdIyJNky4ESQ8AKpi14HhzTZzkyUtNj6moFWUZEXXHuf1L794io4y80Uanr3qHtfDhDYhzLedtipehGSxfpvVNrJ9rlXDi7GaX1YH9pshfTEP1DZW2r9NHpdNvOiAZ1j3yn-oinMHIHolNsd5iNEuBtKWb49biuNbFwEcE1kdLNq6q34GDUDfdZ1-9YPVBLYzTz6jm4FysujrJcZv48Jz1hCOee9blYxccAGsLNa1jK67uXl627-vnT8i20WiwIoANuujkYp5gXr6GTQzqL0Zj3ut_CNelFP5UQzgxN6OvK2FQgLhB4Gei5t8R_-ADeFcZWy4VhN3D5nMZK9fwNwSmf1P_9pY6jJXBFCTRW-IZ5aX00yT4rGZ6nTIM69c-JcM92Xp_0DsKB1_OToT7xvrPM4oQQIEBa3kO_eeuWLOXkaWzJob9C29iqKEwa5p170AunlF2dpnNtRtvUKjuG1vC2Hr5cF5uigPjsRY2VyGsfL_GIRn8ZiwIKdsTUQt6amB__XyyVJ_If6HB9MVUwU6vHLO-V-AY6EH-A7TgrAVH-gtUo3QZ788OB1XRp3-sI9S-7J265JlEarQmg-txUXgIUtRnLgNy4MFx-z5Pcdx0NlXk3Om5fBrNjxU_61UPcqZRNSgoPiNEs1bkLQ1Z7D1shqecqgc7dxg__oZtm08v3SkhKOKP92siZPuJZHMLpLOV7X04LxmbygJOjDt2CALwtykYfnGypTduuNmdmBRPKiYmFIpYvxCyY5RQvVRGUeEjQ3xrEr4QjqCC8h_Oy2RTD3vHzeNdUeGQHhXiJAvkZ8EWz2kFMaPK09Eqbkb2BC3eP_-JhQlGPC0GoaYKI3lPqa9h2BjBs0c56PdwV04PIY1WMSfST8kDVnXe8vQi8dl_SBKcw04UabgPDbCCxZVREGUJArmRBIGGtAEHyBQLhaNu8KTYcrgD6PRZnPt5h8easo2t8eKsiDGO8gdy4bLVMUgC5UBsYb2MtF5rzYqoSyhQrn_1tbxbGaRZuFmBsgk6ju4-JOX4SaKcTx_bWAbiEsLBf63OZjVAKkj__sfxSwn_Uex1bwZeQKJuGOy-4CKqnTNlGHG148xMb7zyl-YvZx6DuQUKeD9z-UoAIO0Bn4oSL8KbqT9nzlZ5PnYbBWQqM2Du8iCfjBCaW4qxP43-Nf95tFuuw&sai=AMfl-YQslmwT6RdPqCbtA8h_jKA4EW1R8GCvzlMQ8mj8oCi8WMQfgCHjdNCjrWALvhQwgyp_MfWqABj41sEoWXNt344U2OPkl51XnrfOc2Ogb3mZEYVO8G_1JYD7HcmFUr8lY6NmhPlT-Zq9FrH6O8TOcA3mxmiaF_DwDrcyh3J25-iJrc1v0oYPzwhPF-3rSDJH4O6eMcDtz8IamjUsndWeWayF1dyIHqmTFJaji5xT1ZXPQIuzOZa39K17rn5eIGuu2zoXAPiVG1sqY9Pj4rqSm_FWHYCLCVF9cjcxwfqpE2QF5Q&sig=Cg0ArKJSzPYWNnZToREFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=138&cisv=r20230202.58258&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9cbzqWUFVWhOCd4Jd40_G8LJrVX0dBdIyJNky4ESQ8AKpi14HhzTZzkyUtNj6moFWUZEXXHuf1L794io4y80Uanr3qHtfDhDYhzLedtipehGSxfpvVNrJ9rlXDi7GaX1YH9pshfTEP1DZW2r9NHpdNvOiAZ1j3yn-oinMHIHolNsd5iNEuBtKWb49biuNbFwEcE1kdLNq6q34GDUDfdZ1-9YPVBLYzTz6jm4FysujrJcZv48Jz1hCOee9blYxccAGsLNa1jK67uXl627-vnT8i20WiwIoANuujkYp5gXr6GTQzqL0Zj3ut_CNelFP5UQzgxN6OvK2FQgLhB4Gei5t8R_-ADeFcZWy4VhN3D5nMZK9fwNwSmf1P_9pY6jJXBFCTRW-IZ5aX00yT4rGZ6nTIM69c-JcM92Xp_0DsKB1_OToT7xvrPM4oQQIEBa3kO_eeuWLOXkaWzJob9C29iqKEwa5p170AunlF2dpnNtRtvUKjuG1vC2Hr5cF5uigPjsRY2VyGsfL_GIRn8ZiwIKdsTUQt6amB__XyyVJ_If6HB9MVUwU6vHLO-V-AY6EH-A7TgrAVH-gtUo3QZ788OB1XRp3-sI9S-7J265JlEarQmg-txUXgIUtRnLgNy4MFx-z5Pcdx0NlXk3Om5fBrNjxU_61UPcqZRNSgoPiNEs1bkLQ1Z7D1shqecqgc7dxg__oZtm08v3SkhKOKP92siZPuJZHMLpLOV7X04LxmbygJOjDt2CALwtykYfnGypTduuNmdmBRPKiYmFIpYvxCyY5RQvVRGUeEjQ3xrEr4QjqCC8h_Oy2RTD3vHzeNdUeGQHhXiJAvkZ8EWz2kFMaPK09Eqbkb2BC3eP_-JhQlGPC0GoaYKI3lPqa9h2BjBs0c56PdwV04PIY1WMSfST8kDVnXe8vQi8dl_SBKcw04UabgPDbCCxZVREGUJArmRBIGGtAEHyBQLhaNu8KTYcrgD6PRZnPt5h8easo2t8eKsiDGO8gdy4bLVMUgC5UBsYb2MtF5rzYqoSyhQrn_1tbxbGaRZuFmBsgk6ju4-JOX4SaKcTx_bWAbiEsLBf63OZjVAKkj__sfxSwn_Uex1bwZeQKJuGOy-4CKqnTNlGHG148xMb7zyl-YvZx6DuQUKeD9z-UoAIO0Bn4oSL8KbqT9nzlZ5PnYbBWQqM2Du8iCfjBCaW4qxP43-Nf95tFuuw&sai=AMfl-YQslmwT6RdPqCbtA8h_jKA4EW1R8GCvzlMQ8mj8oCi8WMQfgCHjdNCjrWALvhQwgyp_MfWqABj41sEoWXNt344U2OPkl51XnrfOc2Ogb3mZEYVO8G_1JYD7HcmFUr8lY6NmhPlT-Zq9FrH6O8TOcA3mxmiaF_DwDrcyh3J25-iJrc1v0oYPzwhPF-3rSDJH4O6eMcDtz8IamjUsndWeWayF1dyIHqmTFJaji5xT1ZXPQIuzOZa39K17rn5eIGuu2zoXAPiVG1sqY9Pj4rqSm_FWHYCLCVF9cjcxwfqpE2QF5Q&sig=Cg0ArKJSzPYWNnZToREFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=138&cisv=r20230202.58258&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsv9cbzqWUFVWhOCd4Jd40_G8LJrVX0dBdIyJNky4ESQ8AKpi14HhzTZzkyUtNj6moFWUZEXXHuf1L794io4y80Uanr3qHtfDhDYhzLedtipehGSxfpvVNrJ9rlXDi7GaX1YH9pshfTEP1DZW2r9NHpdNvOiAZ1j3yn-oinMHIHolNsd5iNEuBtKWb49biuNbFwEcE1kdLNq6q34GDUDfdZ1-9YPVBLYzTz6jm4FysujrJcZv48Jz1hCOee9blYxccAGsLNa1jK67uXl627-vnT8i20WiwIoANuujkYp5gXr6GTQzqL0Zj3ut_CNelFP5UQzgxN6OvK2FQgLhB4Gei5t8R_-ADeFcZWy4VhN3D5nMZK9fwNwSmf1P_9pY6jJXBFCTRW-IZ5aX00yT4rGZ6nTIM69c-JcM92Xp_0DsKB1_OToT7xvrPM4oQQIEBa3kO_eeuWLOXkaWzJob9C29iqKEwa5p170AunlF2dpnNtRtvUKjuG1vC2Hr5cF5uigPjsRY2VyGsfL_GIRn8ZiwIKdsTUQt6amB__XyyVJ_If6HB9MVUwU6vHLO-V-AY6EH-A7TgrAVH-gtUo3QZ788OB1XRp3-sI9S-7J265JlEarQmg-txUXgIUtRnLgNy4MFx-z5Pcdx0NlXk3Om5fBrNjxU_61UPcqZRNSgoPiNEs1bkLQ1Z7D1shqecqgc7dxg__oZtm08v3SkhKOKP92siZPuJZHMLpLOV7X04LxmbygJOjDt2CALwtykYfnGypTduuNmdmBRPKiYmFIpYvxCyY5RQvVRGUeEjQ3xrEr4QjqCC8h_Oy2RTD3vHzeNdUeGQHhXiJAvkZ8EWz2kFMaPK09Eqbkb2BC3eP_-JhQlGPC0GoaYKI3lPqa9h2BjBs0c56PdwV04PIY1WMSfST8kDVnXe8vQi8dl_SBKcw04UabgPDbCCxZVREGUJArmRBIGGtAEHyBQLhaNu8KTYcrgD6PRZnPt5h8easo2t8eKsiDGO8gdy4bLVMUgC5UBsYb2MtF5rzYqoSyhQrn_1tbxbGaRZuFmBsgk6ju4-JOX4SaKcTx_bWAbiEsLBf63OZjVAKkj__sfxSwn_Uex1bwZeQKJuGOy-4CKqnTNlGHG148xMb7zyl-YvZx6DuQUKeD9z-UoAIO0Bn4oSL8KbqT9nzlZ5PnYbBWQqM2Du8iCfjBCaW4qxP43-Nf95tFuuw&sai=AMfl-YQslmwT6RdPqCbtA8h_jKA4EW1R8GCvzlMQ8mj8oCi8WMQfgCHjdNCjrWALvhQwgyp_MfWqABj41sEoWXNt344U2OPkl51XnrfOc2Ogb3mZEYVO8G_1JYD7HcmFUr8lY6NmhPlT-Zq9FrH6O8TOcA3mxmiaF_DwDrcyh3J25-iJrc1v0oYPzwhPF-3rSDJH4O6eMcDtz8IamjUsndWeWayF1dyIHqmTFJaji5xT1ZXPQIuzOZa39K17rn5eIGuu2zoXAPiVG1sqY9Pj4rqSm_FWHYCLCVF9cjcxwfqpE2QF5Q&sig=Cg0ArKJSzPYWNnZToREFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=142&cbvp=1&cstd=138&cisv=r20230202.58258&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 07:36:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Feb-2023 07:51:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 07:36:00 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjlfJHJHB3EPrKeZe61EItzmsQGhDJZ9FKPrRNFSCzylRmSExOF8HGxiTefWDAuhGSzBiJ3Q6WGkwx-v6SJvpwLTSSx3hRsqgfl8snn6Nok3-VSvNZb7TdD4_8NIVcHq3mB06ctd8zQXSsh1Z6qjQfaR-_T41ZAEACE81yu9oBCeO45Fgle42HygSA-E6XRckrNcJ3URyV-cXsv20d1PfLnYm6t_qCYCRfFFgGaN-uFjjl5bGxJYp-bLV5QwwzGnlkYNP82fw4uVfJ4vXQJGmWFH8Q9E38fgIdLVApdg4haw94URCfQQTozEJQZTB79gu21f8EdnhL8DGcxpwGc49qH1BLzGjdurq3Ou7w1CXf03paqe8-RlSto2LbmZrCvqIQ6Deqmzfn5fHEq27Ujz0ZMUkGqhV96-2tdIjtzVc7AJc9tBz7BYN_uj22as-IQNhcqoUp0UvDGzF0Sy2o5qErK7iC8PFu4xB1SXBFmnHg1r41IHj-w3hUZ092m8leNSO7MuS3n7jrzG8-GX-hsaaYKN2zE7foUw3SSsQnebQzlIzKNdQhsZ_4vuiB-WybU2pzNlTmm8TIETMM9Pgmiat4lgR3TGmPjHEnC0mH2G9J7T7fpV5dot2CixFDWwRrMpNW5au6QM65vn_JxOpJNKbe3X5aECfeTiREC8D7aRFLroU2B9LWBRQHnsY19Kho1x22i3slKRX2As8AGlXm3gA-dLuQ8yjVeHMQlGO4bXUzNwv1FIQUFc7LGzlibx7JPwChwmADY9l-ia1hnrd2BzyT8sd9W1L1L12khBY74qJWNJMEj9TF_n5AfN1s1ste6uXnahYLvH00OJV-0SgWiwxw_s3jCFMdV70Nuy1Cf5dDDlWREC7NLppMNrYEHYXzGiF-v7G-YKAH3pO4c9YJRdqBIl71DfV4eCB6BxurW7ByH7O0-jHqelWgX9WTVqSeNLR6tC_hKv9_pW_og7VcnNEEbgRM3djeTgDCB6swgnFFSpCneqAflZGQG8e9CuaOvOeWV7kAB8CrNq2_AgqO2rW84jDcUdjXkzPcatbETE7PLBysNJmHX2TR8GXGbfAuZstydlrqXwwMgxogBbEtle0yHbMWimCqaefEMLd_4LGh3_nKC8z7d1Y-UhWNa_GTBT3ioRQ7eEFMXu2YbHPoq37DiQYUloZNZMhpNwZ3l_KK8-85AuYizU9Yo7rICtDfO5_GDOd-xg&sai=AMfl-YQq2bq-aWo2PSNMbZ9aeE_MlR4MWLeM9rFMVKGazFzN4umF8G2vGM3zioiIDZw_VXQmnNdE9uBM0TJrWRe1b6L-yUQwlHM1LrOpEtdhrRdOn7WY2JbjuEb7hynI9OLmvd41beHEb7V8-RT6G_YIUEl8B3PsLbQSXpJBy_KCk5siHNXoxVxhwrugDB_TVxiYL79y1ZzJ_mce_qu018fDditean7kl1ZmFgpH_VEpIaBWH4LLlLqt7wa-932laJ0OExaAMKcyFdy1DTcvM_FMJn9Ge6oNU5tTNg8fy041TS5krw&sig=Cg0ArKJSzER1KmRRKMi7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=53&cbvp=1&cstd=49&cisv=r20230202.15228&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstjlfJHJHB3EPrKeZe61EItzmsQGhDJZ9FKPrRNFSCzylRmSExOF8HGxiTefWDAuhGSzBiJ3Q6WGkwx-v6SJvpwLTSSx3hRsqgfl8snn6Nok3-VSvNZb7TdD4_8NIVcHq3mB06ctd8zQXSsh1Z6qjQfaR-_T41ZAEACE81yu9oBCeO45Fgle42HygSA-E6XRckrNcJ3URyV-cXsv20d1PfLnYm6t_qCYCRfFFgGaN-uFjjl5bGxJYp-bLV5QwwzGnlkYNP82fw4uVfJ4vXQJGmWFH8Q9E38fgIdLVApdg4haw94URCfQQTozEJQZTB79gu21f8EdnhL8DGcxpwGc49qH1BLzGjdurq3Ou7w1CXf03paqe8-RlSto2LbmZrCvqIQ6Deqmzfn5fHEq27Ujz0ZMUkGqhV96-2tdIjtzVc7AJc9tBz7BYN_uj22as-IQNhcqoUp0UvDGzF0Sy2o5qErK7iC8PFu4xB1SXBFmnHg1r41IHj-w3hUZ092m8leNSO7MuS3n7jrzG8-GX-hsaaYKN2zE7foUw3SSsQnebQzlIzKNdQhsZ_4vuiB-WybU2pzNlTmm8TIETMM9Pgmiat4lgR3TGmPjHEnC0mH2G9J7T7fpV5dot2CixFDWwRrMpNW5au6QM65vn_JxOpJNKbe3X5aECfeTiREC8D7aRFLroU2B9LWBRQHnsY19Kho1x22i3slKRX2As8AGlXm3gA-dLuQ8yjVeHMQlGO4bXUzNwv1FIQUFc7LGzlibx7JPwChwmADY9l-ia1hnrd2BzyT8sd9W1L1L12khBY74qJWNJMEj9TF_n5AfN1s1ste6uXnahYLvH00OJV-0SgWiwxw_s3jCFMdV70Nuy1Cf5dDDlWREC7NLppMNrYEHYXzGiF-v7G-YKAH3pO4c9YJRdqBIl71DfV4eCB6BxurW7ByH7O0-jHqelWgX9WTVqSeNLR6tC_hKv9_pW_og7VcnNEEbgRM3djeTgDCB6swgnFFSpCneqAflZGQG8e9CuaOvOeWV7kAB8CrNq2_AgqO2rW84jDcUdjXkzPcatbETE7PLBysNJmHX2TR8GXGbfAuZstydlrqXwwMgxogBbEtle0yHbMWimCqaefEMLd_4LGh3_nKC8z7d1Y-UhWNa_GTBT3ioRQ7eEFMXu2YbHPoq37DiQYUloZNZMhpNwZ3l_KK8-85AuYizU9Yo7rICtDfO5_GDOd-xg&sai=AMfl-YQq2bq-aWo2PSNMbZ9aeE_MlR4MWLeM9rFMVKGazFzN4umF8G2vGM3zioiIDZw_VXQmnNdE9uBM0TJrWRe1b6L-yUQwlHM1LrOpEtdhrRdOn7WY2JbjuEb7hynI9OLmvd41beHEb7V8-RT6G_YIUEl8B3PsLbQSXpJBy_KCk5siHNXoxVxhwrugDB_TVxiYL79y1ZzJ_mce_qu018fDditean7kl1ZmFgpH_VEpIaBWH4LLlLqt7wa-932laJ0OExaAMKcyFdy1DTcvM_FMJn9Ge6oNU5tTNg8fy041TS5krw&sig=Cg0ArKJSzER1KmRRKMi7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=53&cbvp=1&cstd=49&cisv=r20230202.15228&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstjlfJHJHB3EPrKeZe61EItzmsQGhDJZ9FKPrRNFSCzylRmSExOF8HGxiTefWDAuhGSzBiJ3Q6WGkwx-v6SJvpwLTSSx3hRsqgfl8snn6Nok3-VSvNZb7TdD4_8NIVcHq3mB06ctd8zQXSsh1Z6qjQfaR-_T41ZAEACE81yu9oBCeO45Fgle42HygSA-E6XRckrNcJ3URyV-cXsv20d1PfLnYm6t_qCYCRfFFgGaN-uFjjl5bGxJYp-bLV5QwwzGnlkYNP82fw4uVfJ4vXQJGmWFH8Q9E38fgIdLVApdg4haw94URCfQQTozEJQZTB79gu21f8EdnhL8DGcxpwGc49qH1BLzGjdurq3Ou7w1CXf03paqe8-RlSto2LbmZrCvqIQ6Deqmzfn5fHEq27Ujz0ZMUkGqhV96-2tdIjtzVc7AJc9tBz7BYN_uj22as-IQNhcqoUp0UvDGzF0Sy2o5qErK7iC8PFu4xB1SXBFmnHg1r41IHj-w3hUZ092m8leNSO7MuS3n7jrzG8-GX-hsaaYKN2zE7foUw3SSsQnebQzlIzKNdQhsZ_4vuiB-WybU2pzNlTmm8TIETMM9Pgmiat4lgR3TGmPjHEnC0mH2G9J7T7fpV5dot2CixFDWwRrMpNW5au6QM65vn_JxOpJNKbe3X5aECfeTiREC8D7aRFLroU2B9LWBRQHnsY19Kho1x22i3slKRX2As8AGlXm3gA-dLuQ8yjVeHMQlGO4bXUzNwv1FIQUFc7LGzlibx7JPwChwmADY9l-ia1hnrd2BzyT8sd9W1L1L12khBY74qJWNJMEj9TF_n5AfN1s1ste6uXnahYLvH00OJV-0SgWiwxw_s3jCFMdV70Nuy1Cf5dDDlWREC7NLppMNrYEHYXzGiF-v7G-YKAH3pO4c9YJRdqBIl71DfV4eCB6BxurW7ByH7O0-jHqelWgX9WTVqSeNLR6tC_hKv9_pW_og7VcnNEEbgRM3djeTgDCB6swgnFFSpCneqAflZGQG8e9CuaOvOeWV7kAB8CrNq2_AgqO2rW84jDcUdjXkzPcatbETE7PLBysNJmHX2TR8GXGbfAuZstydlrqXwwMgxogBbEtle0yHbMWimCqaefEMLd_4LGh3_nKC8z7d1Y-UhWNa_GTBT3ioRQ7eEFMXu2YbHPoq37DiQYUloZNZMhpNwZ3l_KK8-85AuYizU9Yo7rICtDfO5_GDOd-xg&sai=AMfl-YQq2bq-aWo2PSNMbZ9aeE_MlR4MWLeM9rFMVKGazFzN4umF8G2vGM3zioiIDZw_VXQmnNdE9uBM0TJrWRe1b6L-yUQwlHM1LrOpEtdhrRdOn7WY2JbjuEb7hynI9OLmvd41beHEb7V8-RT6G_YIUEl8B3PsLbQSXpJBy_KCk5siHNXoxVxhwrugDB_TVxiYL79y1ZzJ_mce_qu018fDditean7kl1ZmFgpH_VEpIaBWH4LLlLqt7wa-932laJ0OExaAMKcyFdy1DTcvM_FMJn9Ge6oNU5tTNg8fy041TS5krw&sig=Cg0ArKJSzER1KmRRKMi7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=53&cbvp=1&cstd=49&cisv=r20230202.15228&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ade7270e9b808aecf047444636af33eb.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 07:36:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 07-Feb-2023 07:51:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Feb 2023 07:36:00 GMT
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/step-2.svg
104.21.75.208200 OK 0 B URL HTTP/2 cdn.cuty.io/images/public/step-2.svg
IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /images/public/step-2.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-607"
expires: Mon, 01 Jan 2024 10:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3183403
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSWVTy2ow6z2L%2Bf2HML%2Bf3%2FL4Bic8XStlpdAYntPbnIQX96vjg6bFFqlPS0IzoIZ5rfwllkOjptqcs2bQUwF6CKjJi20PU0Ehk2YHZGUDqYyad43tfdlZtLO%2FvsLkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accec8fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc
104.21.75.208200 OK 0 B URL HTTP/2 cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc
IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /js/public/layouts/_partials/nav-links.js?id=cb6ca06ebf3b73dfb125ec3f7db93abc HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
etag: W/"63c5a2df-c19"
expires: Tue, 16 Jan 2024 19:17:53 GMT
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1858626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrgMChyIdRkeU6jMar3%2BMKT3VUDVH97kKGCCL4SEFeiPLBuwNYsNpUE%2BiIc6EocO4dD2dOSK23qqnstb4Z27E2V0u7nOhtc3AvCJ14l%2B9UchJDJd8yoWfQ%2F1MtbVdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73ad6f35fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
104.16.134.22200 OK 0 B URL HTTP/2 live.demand.supply/ds.2.html
IP 104.16.134.22:0
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GNH5VQZFAM2C77ABPCNY7JSA
cf-cache-status: HIT
age: 545275
set-cookie: __cf_bm=p4NbNX5xN.v9L3u4yZeUtoK7x6tN2lpo12w80kc2WqQ-1675755358-0-Aa4dDRHdg+MppP3HI1ORb5Rl5kmrTKWmVda52p8TolNPbc8yXI1VOd/XB6yEZ8PiaF445ruSYqj6Hrp2CYxLsD4=; path=/; expires=Tue, 07-Feb-23 08:05:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73af890e1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/burger.svg
104.21.75.208200 OK 0 B URL HTTP/2 cdn.cuty.io/images/shared/burger.svg
IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/burger.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-cf"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3183404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRRGlVGCCtD8SewrJwl%2F76F56hO6cHum1%2Fcw%2FcPswPyn8lybg2fqHAOJPHZzCQ5rhDW1gJe%2FxPEQ2lfGSU842%2B7cOt5sRBpIS%2B4EVbQZ9v1kTogxIefnr%2Bo3OLfjcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accec0fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.3.0.js
104.16.134.22200 OK 0 B URL HTTP/2 live.demand.supply/impl.v16.3.0.js
IP 104.16.134.22:0
GET /impl.v16.3.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Cookie: demandSupplyTi=74315c07-4649-468e-b9cd-bb62589c0045; __cf_bm=C73r4m1LNJGd0w7NivmdlEXViSVLl_k_0n9Ai5HUsTg-1675755358-0-AQqm5x6BfBk+9uoEsQC6gvTTYrp12f/sBfNHi/9a3++KOQwh390qK7Nt9n8YsAUPe2zKf4aD5xF2q2TkVihLd2c=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=74953
etag: W/"b19940580c70e30455a2254a785a8919-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01GMX2V689ENQZTBQ4NFCNSXD1
cf-cache-status: HIT
age: 1444983
server: cloudflare
cf-ray: 795a73af79081c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuty.io/fps?token=62ef37dcb8a5fe76724da13ca&data=dWdnY2Y6Ly9oY29ubnoucGJ6L3d6YXV5MGJ3cngwcS9HdXIuQmV2dHZhbnlmLkYwM1IwMy5SdGxRcm5xLlBiWi56YzQudWd6eQ==
104.21.75.208302 Found 0 B URL HTTP/2 cuty.io/fps?token=62ef37dcb8a5fe76724da13ca&data=dWdnY2Y6Ly9oY29ubnoucGJ6L3d6YXV5MGJ3cngwcS9HdXIuQmV2dHZhbnlmLkYwM1IwMy5SdGxRcm5xLlBiWi56YzQudWd6eQ==
IP 104.21.75.208:0
GET /fps?token=62ef37dcb8a5fe76724da13ca&data=dWdnY2Y6Ly9oY29ubnoucGJ6L3d6YXV5MGJ3cngwcS9HdXIuQmV2dHZhbnlmLkYwM1IwMy5SdGxRcm5xLlBiWi56YzQudWd6eQ== HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 07 Feb 2023 07:35:57 GMT
content-type: text/html; charset=UTF-8
location: https://cuty.io/GZERsLjH
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IjhQM2V5eHJQK0FIR204TUJQRStHZnc9PSIsInZhbHVlIjoiaEJvVTIvbndZSThNNU5mUmltTEljeWZSRmdHK2QxZzdNTFZId0RHM1A0WjFON1h0RGVUNTRvNXUxc0tIQUtWbks4SFZzZ2MwUEZJY05seGMrUHlSeTUvOXl3Qk15ZFR5QjVWTHd1MWxjWTEvY1dGYTNBemxhbTE5K0hZNmliZ0giLCJtYWMiOiI4YzI4NDZlNzc2YWM1NWFjMGVmMDVhNmI4MDNlYzAwNzQ1ZmY1Y2EyMDkxM2ZkNjIwOGU2MzMzY2JjMGM4ODJlIiwidGFnIjoiIn0%3D; expires=Tue, 14 Feb 2023 07:35:57 GMT; Max-Age=604800; path=/; samesite=lax
cuty_session=eyJpdiI6IlBVOEdFSUJqOWdBR2V6cHhlTXdDWWc9PSIsInZhbHVlIjoiaXZqZ0ZWTm15eUhDbzB2VmNBdmRIVlZDMTJqMXJCRnYvNklHdlBlanRNMi9CUGIrN0NYeUx0NUtKN21oMEg3b05Zb1M1eVZwQ2I0UG5RQlZFMklYQ2RoekROemNpZUxrYS9haUJicWwzSFJkb0F1dGNVUXZVczdqbVY1WXRnaXYiLCJtYWMiOiJiNjVhMjU4ODk0NDg4MDMzMjkxY2E2MDJlMGI2YTA5ZmRjZTQwMDk1YmVjZTM4MGI1MjcxODQxY2VkMWQyYjY3IiwidGFnIjoiIn0%3D; expires=Tue, 14 Feb 2023 07:35:57 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNE3X4pWimC13WyPbp7%2BOEpL6Sojmscp1PAIIYkQhNxyXtn6fo4DAHOrmITvlc3RGpwZBTN2sB1lZlTMgSvbi2%2FQ0D5HcZ7BKfwWzdrMeQxTQwoM8MiHky4n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73a6a98c1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.134.22200 OK 0 B IP 104.16.134.22:0
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 795a73ad5f511c06-OSL
age: 811
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwLw==>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
set-cookie: demandSupplyTi=74315c07-4649-468e-b9cd-bb62589c0045; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=C73r4m1LNJGd0w7NivmdlEXViSVLl_k_0n9Ai5HUsTg-1675755358-0-AQqm5x6BfBk+9uoEsQC6gvTTYrp12f/sBfNHi/9a3++KOQwh390qK7Nt9n8YsAUPe2zKf4aD5xF2q2TkVihLd2c=; path=/; expires=Tue, 07-Feb-23 08:05:58 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/js/public/links/first.js?id=d283d38a711a8751c0103864121763a6
104.21.75.208200 OK 0 B URL HTTP/2 cdn.cuty.io/js/public/links/first.js?id=d283d38a711a8751c0103864121763a6
IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /js/public/links/first.js?id=d283d38a711a8751c0103864121763a6 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=24370
etag: W/"63c5a2df-5f32"
expires: Tue, 16 Jan 2024 19:17:53 GMT
last-modified: Mon, 16 Jan 2023 19:17:51 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: HIT
age: 1858626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S4qS0B7TIr7GcB4ZuL5p7khMpHkshLmb6e2dqFlE1CLNWo1uK6E7nx5J7E6%2Bj%2FhQUSxOkLhICGFjrL0Zf37dbmlWSvFdVV5%2BJSryzR9bCSYe4eejfS%2FswwF4EzyMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73ad6f31fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuty.io/GZERsLjH
104.21.75.208302 Found 0 B IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /GZERsLjH HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjhQM2V5eHJQK0FIR204TUJQRStHZnc9PSIsInZhbHVlIjoiaEJvVTIvbndZSThNNU5mUmltTEljeWZSRmdHK2QxZzdNTFZId0RHM1A0WjFON1h0RGVUNTRvNXUxc0tIQUtWbks4SFZzZ2MwUEZJY05seGMrUHlSeTUvOXl3Qk15ZFR5QjVWTHd1MWxjWTEvY1dGYTNBemxhbTE5K0hZNmliZ0giLCJtYWMiOiI4YzI4NDZlNzc2YWM1NWFjMGVmMDVhNmI4MDNlYzAwNzQ1ZmY1Y2EyMDkxM2ZkNjIwOGU2MzMzY2JjMGM4ODJlIiwidGFnIjoiIn0%3D; cuty_session=eyJpdiI6IlBVOEdFSUJqOWdBR2V6cHhlTXdDWWc9PSIsInZhbHVlIjoiaXZqZ0ZWTm15eUhDbzB2VmNBdmRIVlZDMTJqMXJCRnYvNklHdlBlanRNMi9CUGIrN0NYeUx0NUtKN21oMEg3b05Zb1M1eVZwQ2I0UG5RQlZFMklYQ2RoekROemNpZUxrYS9haUJicWwzSFJkb0F1dGNVUXZVczdqbVY1WXRnaXYiLCJtYWMiOiJiNjVhMjU4ODk0NDg4MDMzMjkxY2E2MDJlMGI2YTA5ZmRjZTQwMDk1YmVjZTM4MGI1MjcxODQxY2VkMWQyYjY3IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Tue, 07 Feb 2023 07:35:57 GMT
content-type: text/html; charset=UTF-8
location: https://cutty.app/GZERsLjH
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImFsU203ZUcyUkNZWHpHbFp2NFQzMFE9PSIsInZhbHVlIjoiMXUrNTdDYUpGSXJ1bEJDTlZIVEIwQS9MbkF6Q2V1Ukl4b24reDBzUjVIOGpabFJDWjJQKzVMS2d6T3ZPQ1UyNTJGcURmcFJJYXlFRzJwUVpsWUlKazJXSHBSbnJqQk9TektHRXVhSlBmc2VSVnJsSXhRWXVqRTZJaVcyWWpwTzAiLCJtYWMiOiI0ZGU5ZDcyZjExMjA0MjIyNGM4NTYyYzliN2M2ZWJjMjQ2NWFhMGYzM2Y5M2IyMTAxY2E0YzljMzMyMzVlNDQ4IiwidGFnIjoiIn0%3D; expires=Tue, 14 Feb 2023 07:35:57 GMT; Max-Age=604800; path=/; samesite=lax
cuty_session=eyJpdiI6InBqalg3NjRPbk8xNFRLN0tFb3pNVnc9PSIsInZhbHVlIjoicTZva0lKNmdmQVBzVW1PMjBvTkRDam5LSm1ZVVJVdTZWaC9DTzRpN011RURBejFIMzJBQWFkQnZocHR6OXJsait4OGVUV2x3T1V4K2xKZEtkMlk5dGgwVDd0VDI5N3grQkdWRDFDZDIrbTRJV1hCU1pXZENBcHVuaG9FcWpscUQiLCJtYWMiOiIwZTBkZjE5ZGQxNjUxZmRjMTNlZWRmMzIxYzc5YWIzZmZlN2IyODhhN2MxNTAxYTE2YWNlMGRhODkzYjEyMjk3IiwidGFnIjoiIn0%3D; expires=Tue, 14 Feb 2023 07:35:57 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldOFSjM5D%2FTpXrL%2Bb%2FIOum8zKIpjnYa7ABFAIahqYrSBznMxBWhKtNSfZRSAk4P1jJs2VvHYTCHmfti5f2pmKHyIP5uiHX51gJtUmJEMdQOT3WkADt%2FEgz8x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73a7fa921c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/shared/arrow-down.svg
104.21.75.208200 OK 0 B URL HTTP/2 cdn.cuty.io/images/shared/arrow-down.svg
IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /images/shared/arrow-down.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-dc"
expires: Mon, 01 Jan 2024 10:59:14 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1658713
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jQJPXkp82SfJ4bh1%2Be8Kh%2BtKwTwQPCJjp3d7plgmKFT4V05r58M5HNpVrmjYtB2YU%2Fk4Oexw3dPF%2FIbWZbc%2BeksgyZnVlarpH91Eo2h0SqO4TF7qlTzu6WVHRpoaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73acceb8fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/step-3.svg
104.21.75.208200 OK 0 B URL HTTP/2 cdn.cuty.io/images/public/step-3.svg
IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /images/public/step-3.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-45b"
expires: Mon, 01 Jan 2024 10:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3183403
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRNYErIsYxt7ief%2FY5dHgPYeJBMArDE7%2Fzw0w6POEkQ9df9jwRQ5cffIvB%2BSs%2FhDUYfpWIW7luAdglSpoEV2MdO%2BSq8Zpe8D%2B1k%2FoxEHLIn5hsYpDfICEgbbNd5M5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accecafabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cuty.io/images/public/step-1.svg
104.21.75.208200 OK 0 B URL HTTP/2 cdn.cuty.io/images/public/step-1.svg
IP 104.21.75.208:0
Analyzer Verdict Alert fortinet Phishing
GET /images/public/step-1.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: image/svg+xml
last-modified: Sun, 01 Jan 2023 10:58:10 GMT
etag: W/"63b16742-658"
expires: Mon, 01 Jan 2024 10:59:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3183403
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDZpndRzhmuyh%2B7dtjejpDdUHA%2F1HmhousuPGqSW%2BP84JQlLQWDpyx6Y7pyrgHa7PC2C3bvH%2BVisH%2FAy%2F0RuDpN5cUibfVCXyZDu%2FeO8rReKipGun5y0s3IuiyXGEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73accec7fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cutty.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675742400
172.67.70.33200 OK 0 B URL HTTP/2 cutty.app/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675742400
IP 172.67.70.33:0
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675742400 HTTP/1.1
Host: cutty.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlNhYUI3ZmFyaStKU2gxdS9mYkJ0dEE9PSIsInZhbHVlIjoibGVNM0owWXpCVnoyaklEMVl1OFgvYWN1ZVBrMVJhV0ZDSGl1TXNzU2tXakNmVTQ5dW1uNi9Ld09kTTJMU3V1WWNBaXNVRnJEWElrN3Y1T0twOWZLVStpcml3cDdkd2ovaTl2ZTEvSlp5VUxTcHpHZmw3YTFBQVFNODlGUmdwS2UiLCJtYWMiOiJjZmY1MzQ1ZTVkMDAyYWU4NjI0ZWI3NTk4OWVmMzA0YmQ5YjM0MmJlNTBmN2I5NzkyNGJhYTVjYzYzNDFmNWU5IiwidGFnIjoiIn0%3D; cuty_session=eyJpdiI6IjZkQzZLZkJuYjJjYVA0cXIvOHZPT1E9PSIsInZhbHVlIjoiSCt6Y2hQU3BWYjFiVHNOR0tNa3lBMjNyKzlwZzkwaEs0NG9tZDdrY3RxUWp0K1BDTUtpVlFwNHo4c0tRaXZmdXovWHVIWXlta0k1cWZIZFhaUVRDbXc4V29BaGRHYUlHMDJJbXE4Sm1uMmlKOEJjekd3VWswdlZZdHcyZWhRTHEiLCJtYWMiOiI2YjYyNGYwMGZjYjA3N2Y5ZmVjMGVkNDBlOGJmODk1NDhiZDA4YjZhY2YyODkwNWVkMjc3ZjkxODRkZmNlOTJjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:58 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-control-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmspAQO4itUbPPBE3ecKn4W2TqFns9SBz6vONqdwHx3vOby5ZyTNNE684G%2FwZAkqHNeNBy3bY2RUk%2FRstDGiqpFtorxwen%2Bmu%2FqspOplsggQJAGj8WBMIPENRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795a73ae9bf7b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwL0daRVJzTGpI
104.16.134.22200 OK 0 B URL HTTP/2 live.demand.supply/p4/v16-2-0/Y3V0dHkuYXBwL0daRVJzTGpI
IP 104.16.134.22:0
GET /p4/v16-2-0/Y3V0dHkuYXBwL0daRVJzTGpI HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Cookie: demandSupplyTi=74315c07-4649-468e-b9cd-bb62589c0045; __cf_bm=C73r4m1LNJGd0w7NivmdlEXViSVLl_k_0n9Ai5HUsTg-1675755358-0-AQqm5x6BfBk+9uoEsQC6gvTTYrp12f/sBfNHi/9a3++KOQwh390qK7Nt9n8YsAUPe2zKf4aD5xF2q2TkVihLd2c=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 07:35:59 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 795a73af79091c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2