Report - cuty.io/5FoV6IO

Report Overview

Visited public
2024-12-31 04:51:13
Tags
URL
cuty.io/5FoV6IO
Finishing URL
cety.app/5FoV6IO
IP / ASN
172.67.75.140
#13335 CLOUDFLARENET
Title
Shorten Links And Earn Money | cuty.io

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ghb.console.adtarget.com.tr	70305	2019-09-30	2020-05-22	2024-12-28	1.3 kB	2.1 kB	185.239.172.170
script.4dex.io	2135	2018-04-02	2018-07-23	2024-12-26	763 B	22 kB	104.26.9.169
www.google.com	7	1997-09-15	2015-05-10	2024-12-25	372 B	1.6 kB	142.250.74.164
csync.smilewanted.com	5015	2015-10-05	2019-08-06	2024-12-26	1.0 kB	7.6 kB	104.22.30.209
pugmarktagua.com	unknown	2024-04-27	2024-07-16	2024-12-23	367 B	1.2 kB	23.109.170.244
fstatic.netpub.media	974484	2021-06-11	2022-01-24	2024-12-28	8.2 kB	2.3 MB	104.26.4.26
www.gstatic.com	unknown	2008-02-11	2012-05-29	2024-12-25	440 B	561 kB	142.250.74.131
ghb.adtelligent.com	5527	2003-02-08	2019-05-01	2024-12-26	442 B	0 B	0.0.0.0
static.smilewanted.com	13718	2015-10-05	2016-09-03	2024-12-26	439 B	50 kB	104.22.30.209
cuty.io	unknown	2021-10-19	2022-02-14	2024-12-29	471 B	54 kB	172.67.75.140
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-25	387 B	106 kB	142.250.74.168
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-12-25	452 B	56 kB	104.16.80.73
rvisofoseveralyear.com	unknown	2024-11-07	2024-12-30	2024-12-30	2.0 kB	2.9 kB	104.21.32.1
ghb1.adtelligent.com	6699	2003-02-08	2020-04-04	2024-12-28	441 B	1.4 kB	167.235.37.234
cadmus.script.ac	unknown	2020-03-18	2023-03-09	2024-12-26	379 B	400 B	104.18.22.145
accounts.google.com	81	1997-09-15	2012-05-23	2024-12-25	3.5 kB	16 kB	64.233.164.84
ad.360yield.com	657	2009-06-02	2012-11-28	2024-12-29	878 B	494 B	52.29.174.68
pbjs.e-planning.net	6444	2002-09-23	2021-10-09	2024-12-29	671 B	241 B	193.3.178.4
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-25	1.6 kB	148 kB	142.250.74.99
gpp.netpub.media	unknown	2021-06-11	2024-12-11	2024-12-25	807 B	3.0 kB	104.26.4.26
onetag-sys.com	1840	2015-04-05	2015-04-08	2024-12-25	3.8 kB	3.2 kB	51.38.120.206
prebid.smilewanted.com	7767	2015-10-05	2019-07-25	2024-12-26	2.6 kB	2.6 kB	104.22.30.209
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-25	459 B	13 kB	142.250.74.106
istkechaukrguk.com	unknown	2024-11-07	2024-12-30	2024-12-30	1.8 kB	4.4 kB	3.164.230.37
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-12-25	455 B	1.6 kB	151.101.65.229
cety.app	unknown	2024-02-15	2024-03-14	2024-12-23	6.0 kB	67 kB	104.26.7.238
id.a-mx.com	7152	2021-07-01	2021-07-16	2024-12-27	583 B	259 B	79.127.227.46
ghb2.adtelligent.com	10421	2003-02-08	2020-04-01	2024-12-28	443 B	3.9 kB	167.235.37.234
cdn.cuty.io	unknown	2021-10-19	2022-12-28	2024-12-29	11 kB	1.0 MB	104.26.7.56
dcbbwymp1bhlf.cloudfront.net	unknown	2008-04-25	2024-01-03	2024-12-24	1.1 kB	113 kB	54.230.241.35
mp.4dex.io	2629	2018-04-02	2019-01-03	2024-12-26	441 B	1.8 kB	104.18.34.178
hb-api.omnitagjs.com	4152	2013-12-04	2017-06-26	2024-12-30	1.3 kB	1.8 kB	185.255.84.150
exe.io	154401	2014-08-07	2019-05-30	2024-12-28	351 B	7.3 kB	104.21.32.1
prebid.a-mo.net	1148	2017-09-08	2020-07-14	2024-12-26	2.3 kB	1.5 kB	163.5.194.35
ukankingwithea.com	unknown	2024-01-01	2024-09-05	2024-12-25	1.5 kB	209 kB	104.21.112.1
pagead2.googlesyndication.com	101	2003-01-21	2012-05-21	2024-12-25	395 B	790 B	142.250.74.66

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-31	medium	pugmarktagua.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (33)

	URL	From	Size	First Seen	Last Seen
	cdn.cuty.io/js/layouts/base.js?id=c9af373408ef250e890e1cfc6dee6e27	ScriptElement	106 kB	2024-11-29	2025-04-26
Pretty URL cdn.cuty.io/js/layouts/base.js?id=c9af373408ef250e890e1cfc6dee6e27 IP 104.26.7.56 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-29 14:51 Last Seen2025-04-26 05:29 Times Seen200 Hash c9af373408ef250e890e1cfc6dee6e27 ca025f52dcdc8df8800d67dec78f77e12d47ba25 64add08eb8cfca89e77a603efab7d27884f402af1b868dea4c4e9eddfcf17763 Loading...

	cety.app/5FoV6IO	ScriptElement	137 B	2024-06-14	2025-06-23
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-06-14 21:34 Last Seen2025-06-23 20:31 Times Seen709 Hash ce3c6c91583912d465bfb227ebe3195b d311ab64071f1d4e574e70e1f977a5519ebf32bc dfd654ee36c9dcabb9e5f23054f77fff5968d4aa29dd66bf296c9286fb18b552 Loading...

	cety.app/5FoV6IO	ScriptElement	237 B	2024-12-22	2025-01-05
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-22 03:21 Last Seen2025-01-05 20:43 Times Seen43 Hash a31cec4c5f4436a3154f9b1bc8a007d2 2b2a2b951ebabaa2f3622726c3cd24328722891b e01dea8ad5dee96ce02695d637033e1af1d55332dbb1493c06d1ce566ecfbd5e Loading...

	cadmus.script.ac/dahhc4ozyvjm6/script.js	ScriptElement	3 B	2023-03-07	2025-06-20
Pretty URL cadmus.script.ac/dahhc4ozyvjm6/script.js IP 104.18.22.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-06-20 08:41 Times Seen5872 Hash b519d08ef66fd54910edbedba6181ec2 8d06436c33a3086259f2f1ccaf03425707eeff17 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860 Loading...

	cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=feb56f52dc16955bcf984886eddb68b8	ScriptElement	3.0 kB	2024-11-29	2025-04-26
Pretty URL cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=feb56f52dc16955bcf984886eddb68b8 IP 104.26.7.56 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-29 14:51 Last Seen2025-04-26 05:29 Times Seen196 Hash feb56f52dc16955bcf984886eddb68b8 5a09c88aa68e7539c9ed86642f32024cacaac616 2e06d31fc20688f3d0b3c9e380adfe1a78d5d8a3c151e0c393a87c841d13421d Loading...

	www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js	ScriptElement	560 kB	2024-12-12	2025-06-19
Pretty URL www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 06:57 Last Seen2025-06-19 09:28 Times Seen9383 Hash 19ddac3be88eda2c8263c5d52fa7f6bd c81720778f57c56244c72ce6ef402bb4de5f9619 b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6 Loading...

	fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1	ScriptElement	739 B	2024-12-11	2025-06-23
Pretty URL fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1 IP 104.26.4.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-11 18:21 Last Seen2025-06-23 20:31 Times Seen712 Hash aaee79c1ad6d5d6ce8c18aa000285386 3c20aa1526d0d2a123a665e563b3b7427b3b33cb 078ca4194bef5fc3c8e4c9e79f0f65254c1bf602d7c8ad4d589a60052a618074 Loading...

	unknown	EventHandler	21 B	2023-04-10	2025-06-24
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 22:51 Last Seen2025-06-24 04:53 Times Seen5894 Hash e56ddbb05a974a6bc5ea44661e509a21 448d4cb69f9441e10731b1ff4aa9dc81502589bd 1759e8c6c2ce9c987245281cd33bb9260ce82e31b604131a5da486db89369913 Loading...

	cety.app/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.7 kB	2024-12-31	2024-12-31
Pretty URL cety.app/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 04:44 Last Seen2024-12-31 04:59 Times Seen3 Hash 9ebe65c0507abaf798a51b0681c0fe8e 9663bdc232d292a51734420f296c7177dfcee286 d6d49bd05ce8ab04d17a939d076380af17dcaef4a3c5b9011d09720841a93aa5 Loading...

	fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275	ScriptElement	213 kB	2024-12-26	2025-01-01
Pretty URL fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275 IP 104.26.4.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-26 18:32 Last Seen2025-01-01 06:39 Times Seen18 Hash 9a054791207bd9bf786a5e3f333efd08 030e3d0b5801c13276dd8d5391fb18846b81b902 e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde Loading...

	fstatic.netpub.media/renderer/prebid_241216.js	ScriptElement	681 kB	2024-12-20	2025-04-06
Pretty URL fstatic.netpub.media/renderer/prebid_241216.js IP 104.26.4.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 17:32 Last Seen2025-04-06 03:38 Times Seen586 Hash 8e95e7a8fe634790d50e7da1f895e075 b80f5a78c1a450fb57be84061f84d1c1f7411a3e 792b9a55a780caaeccdd056084e57fe644b87caa9ba71062c6b3008726c1daac Loading...

	script.4dex.io/localstore.js	ScriptElement	1.4 kB	2024-04-16	2025-03-04
Pretty URL script.4dex.io/localstore.js IP 104.26.9.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:06 Last Seen2025-03-04 09:41 Times Seen3091 Hash 00a8e13a83b2bbab51af8e55f52be363 57340eb5c07e50d96f4a04bd4c220f0f24cec649 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7 Loading...

	cety.app/5FoV6IO	ScriptElement	309 B	2024-11-24	2025-02-02
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-24 16:22 Last Seen2025-02-02 15:18 Times Seen108 Hash 19268dd94ab4f7013b5c6bda02155bac dddf653cc43af07490eb54207b0d0d8c9d9740cc 78757eea68771cc3f1717a317224dc13b993a083a224a9833becbd2f104402f3 Loading...

	www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP	ScriptElement	307 kB	2024-12-31	2024-12-31
Pretty URL www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 04:51 Last Seen2024-12-31 04:51 Times Seen1 Hash 126132af96a0fff52a9efeb364462c59 64fb2616403526b56aa7e082680cfdec3d249d88 e53d688c50a2f33964bc6e309077fec47457b589e7caa774edf8e1e3cd3f8b03 Loading...

	cety.app/5FoV6IO	ScriptElement	921 B	2024-12-31	2024-12-31
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-31 04:51 Last Seen2024-12-31 04:51 Times Seen1 Hash 63d30df62d284faaa974c27efc400f3e 9e5a0475e537965ed6e2579a26d32e829060ce05 43f1b6993383ad7f38c8fb86926699bc12caf240e68b6af4d9e38d77f2482d90 Loading...

	unknown	ScriptElement	236 B	2024-12-31	2024-12-31
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 04:51 Last Seen2024-12-31 04:51 Times Seen1 Hash fb2aedde7fd97dd5e8553cb4f439a222 d75ebbad69d156f5ddf382202d4065f515751aa1 a1e5e17693029cf60433b462a8b3d18b4aff574f8419eab0539c4852bef876c1 Loading...

	csync.smilewanted.com/	ScriptElement	0 B	0001-01-01	2025-06-24
Pretty URL csync.smilewanted.com/ IP 104.22.30.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-24 05:05 Times Seen5094501 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	pugmarktagua.com/1clkn/60028	ScriptElement	6 B	2023-03-07	2025-06-24
Pretty URL pugmarktagua.com/1clkn/60028 IP 23.109.170.244 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-24 00:30 Times Seen13309 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	www.google.com/recaptcha/api.js	ScriptElement	870 B	2024-12-12	2025-06-02
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 17:12 Last Seen2025-06-02 17:27 Times Seen2291 Hash 959fca740c230726e5a7cdf2b7603468 1fa3eb9690cb728a4ba96846bd8eac87fa914073 1a7a8da967879cf8c53e114c331242c5d44c39d4b4778a0824bc2f363504c3a5 Loading...

	unknown	Function	63 kB	2024-12-18	2025-01-07
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-12-18 17:06 Last Seen2025-01-07 08:23 Times Seen372 Hash 89172a01dfdab396df5f5c7af2810379 d39d6826e3bd2714b9de6f65f1ebe76bc3399c23 e04ce83d1b9f3e96519d513e43e2cf0523236d1ecf54566cadc638f0b5217918 Loading...

	static.smilewanted.com/js/decode_consent/decode_consent.js	ScriptElement	50 kB	2023-03-07	2025-06-23
Pretty URL static.smilewanted.com/js/decode_consent/decode_consent.js IP 104.22.30.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-06-23 21:34 Times Seen2799 Hash 00ff8001302d3748ba139466fc3910c1 8210e702fe525e6cddc84758ec51e96a4d703186 eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f Loading...

	unknown	Function	79 B	2023-04-11	2025-06-24
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-06-24 05:05 Times Seen115866 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	cdn.cuty.io/js/public/links/first.js?id=546df8a8f0170b68416d0c1c965c0a02	ScriptElement	251 kB	2024-11-29	2025-04-26
Pretty URL cdn.cuty.io/js/public/links/first.js?id=546df8a8f0170b68416d0c1c965c0a02 IP 104.26.7.56 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-29 14:51 Last Seen2025-04-26 05:29 Times Seen197 Hash 546df8a8f0170b68416d0c1c965c0a02 a7a6eecbb9fcf9e57dda2bfdba3c6a0de5fe03c3 9df24d9ea7afa866b5d63f852768172f00fab5accdf1cda2168276adb6e5b42e Loading...

	dcbbwymp1bhlf.cloudfront.net/?wbbcd=1083537	ScriptElement	343 kB	2024-12-31	2024-12-31
Pretty URL dcbbwymp1bhlf.cloudfront.net/?wbbcd=1083537 IP 54.230.241.35 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 04:51 Last Seen2024-12-31 04:51 Times Seen1 Hash 1e7e6ae4b98ffa55fac0b405b37d7402 829f887c9c635e00a8889d01be77ee1d6520ec30 d21f6edd43265667853c93818e3d133cc623da03260a14bd10aa5656d7d18806 Loading...

	gpp.netpub.media/17356206470080.8198763007354506/run.js?v=17356206470080.8198763007354506	ScriptElement	251 B	2024-02-21	2025-06-23
Pretty URL gpp.netpub.media/17356206470080.8198763007354506/run.js?v=17356206470080.8198763007354506 IP 104.26.4.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-21 20:01 Last Seen2025-06-23 20:31 Times Seen1694 Hash 54f643b0fa8a7d71cb117679a6fbb2ce 573d440c0f9fa4cf53e85cf86a86eba173933a1c 851d2ece063bcac9a5addec55308a32557f978d2daf3950395fc3dc41e9e9336 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-06-24
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-06-24 04:53 Times Seen67330 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	cdn.cuty.io/js/public/layouts/app.js?id=c6f3544d59459ef4967d8d8075ae7bcc	ScriptElement	344 kB	2024-11-29	2025-04-26
Pretty URL cdn.cuty.io/js/public/layouts/app.js?id=c6f3544d59459ef4967d8d8075ae7bcc IP 104.26.7.56 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-29 14:51 Last Seen2025-04-26 05:29 Times Seen199 Hash c6f3544d59459ef4967d8d8075ae7bcc 38158ff9afeb5863e1a0af48629c0c4edffbdf39 6ec014c7c59ce411116b34d1d6b266dd7f5b7059f3fbd6e259f16576b8a5c684 Loading...

	cety.app/5FoV6IO	ScriptElement	18 kB	2024-11-17	2025-02-24
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-17 22:53 Last Seen2025-02-24 05:22 Times Seen120 Hash 25e549623835ce65da0c5be7b05a9b9b 125af0337f4696e13e1b5ae81f5046d518aabddf d7cb8e242116f8b08385db54d19caa1b1554f2b51c8264199165c6b77fb7028a Loading...

	exe.io/ac.js	ScriptElement	17 kB	2024-07-26	2025-02-24
Pretty URL exe.io/ac.js IP 104.21.32.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 07:56 Last Seen2025-02-24 05:22 Times Seen373 Hash eca4a9d80e5d3cd11ca5f94dea632381 5b007c7f33f6dbdb6cc9ad6399b60434ab469596 a41046a5a81790220c3f6d56e1853f943400f6bf9a0f5b4b9eeef0a970be042a Loading...

	unknown	Function	37 B	2023-04-11	2025-06-24
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-24 05:05 Times Seen279787 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	cety.app/5FoV6IO	ScriptElement	940 B	2023-03-07	2025-06-23
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-06-23 20:31 Times Seen1129 Hash 42175884120f91f242aa2d5515f1de7b 3eb45b5bf15215929da2a4bcad6eb0e746e4d73b 34d16f7aa086ce0a14258b0fa068809862e834c814ba90fd43313a28226418b6 Loading...

	cety.app/5FoV6IO	ScriptElement	206 B	2023-03-07	2025-06-23
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-06-23 20:31 Times Seen1122 Hash e0fc14532e503d280903dd1ce95fd37f daf67e514c6cd78b60d05a41be8eccc1a2272917 ba9ae3d626e5f61353ad036dfdc2310f6a7cbb728d8994c421a79f8d82c336be Loading...

	cety.app/5FoV6IO	ScriptElement	0 B	0001-01-01	2025-06-24
Pretty URL cety.app/5FoV6IO IP 104.26.7.238 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-24 05:05 Times Seen5094501 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (122)

URL IP Response Size

GET cdn.cuty.io/images/shared/facebook-icon.png

104.26.7.56

200 OK

170 B

URL GET HTTP/2
cdn.cuty.io/images/shared/facebook-icon.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
170 B (170 bytes)
Hash
92619173676942ddb284d1520af0129c
ae57393f65b60bb02f0324882da4bfcd78a1426a
1d4073de5206d5aec02fedc9178f938e07f91fe49d4ba4ea246b90a800f0b124

HTTP Headers

GET /images/shared/facebook-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 170
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=409
content-disposition: inline; filename="facebook-icon.webp"
vary: Accept
etag: "669cb8d1-199"
expires: Thu, 31 Jul 2025 08:17:16 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 13206663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txNFDUlV%2BuYRBj920URHTcsTOv%2BazQ2ShFtKW5Al4IkkLZZD3jwTi1fZixPj5qyVf2JGjMalSlZ9MfUronFcnZs3PI4x9XNrK3ePXw8NqWrHesXBI1CruZ%2BAZ9AJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ab77131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=78&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/twitter-icon.png

104.26.7.56

200 OK

338 B

URL GET HTTP/2
cdn.cuty.io/images/shared/twitter-icon.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
338 B (338 bytes)
Hash
331226924d21ce8f0a925233062c71b7
748c71308741f5a28d16fd7fa5e2520093ad6d14
9c2b2f6b92ebb279b34f7fbcc2bfd81829c036330f015badc93a007d91bd3263

HTTP Headers

GET /images/shared/twitter-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 338
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=809
content-disposition: inline; filename="twitter-icon.webp"
vary: Accept
etag: "669cb8d1-329"
expires: Thu, 31 Jul 2025 08:17:16 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 13206663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GOz6hA0d1hVTQuyma16WeuNadQFkMmdmHmWBE9eoX5R4LNuUhMqdABYGIDXmat0HyByQywm8mxZSKcHAamFHOk%2BYX%2FbrvjZPwIMo78X9hzdrv53yBZpDFwvAqhGk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ab87131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=79&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/money-tree.png

104.26.7.56

200 OK

14 kB

URL GET HTTP/2
cdn.cuty.io/images/public/money-tree.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
14 kB (14144 bytes)
Hash
626352d6c10a1ceb07fd2c015ee635b9
6b08878e47aa4e2d01b19d7946725c940b72bcbb
9b970714e53d7d5997c41c829a228656db9618f78a319c1a5ba5d53586cac0da

HTTP Headers

GET /images/public/money-tree.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 14144
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=27646
content-disposition: inline; filename="money-tree.webp"
vary: Accept
etag: "669cb8d1-6bfe"
expires: Thu, 31 Jul 2025 08:17:16 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 13206663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6bi6UGDkBl%2Fgf14MpAliG95zodN5q%2BEejvcgOFk2DScGze60USUGnJUHHXQqxsE8JaP%2BDNUSaKYVfG4bPAhNP3El9D7Uh8YTnmpJRcb4QVkUqMy1oliggtrE%2BAm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5abd7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=81&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/payeer.png

104.26.7.56

200 OK

926 B

URL GET HTTP/2
cdn.cuty.io/images/public/payeer.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
926 B (926 bytes)
Hash
14bc908d2f1c77118a96d6e8821e5bfb
325ed9dca40bb20e7e35007a005b5962572f7bdb
ef3ee9f0cf812b2aa58fc284ec4f9022a933d650adfde283868c4629f1a9e2ff

HTTP Headers

GET /images/public/payeer.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 926
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1390
content-disposition: inline; filename="payeer.webp"
vary: Accept
etag: "669cb8d1-56e"
expires: Thu, 31 Jul 2025 08:17:18 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 13206663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbKi3VIWCvrUMhMnXDl1YmTPvH044lr0ntkB7Qq0CotDQZ9glKiTDLmuJ9PC00Bw3v%2Bv6ywbEa5CLngWBos1CyGsuK6MPLwBeGwf1iEE6bispJkofWwXbC4yYVdp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ac07131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=60&recv=27&lost=0&retrans=1&sent_bytes=67926&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=85&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/usdt.png

104.26.7.56

200 OK

24 kB

URL GET HTTP/2
cdn.cuty.io/images/public/usdt.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (23754 bytes)
Hash
16432451e996fdc0d6a27b04d8c415f6
d9c9827fee1aa62e7a0564d86247a9595601f6ca
e7812c8098e3159dd0956be59e33608ef3d61d70f5b696383a270160fe047818

HTTP Headers

GET /images/public/usdt.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 23754
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=67278
content-disposition: inline; filename="usdt.webp"
vary: Accept
etag: "669cb8d1-106ce"
expires: Fri, 24 Oct 2025 15:54:05 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 5625140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmLyl6KVy1rYlGzweR0A4iAOaweCokUtmiFBy9SP6OlDhzXiVcz0Pyrst3t4Y2vvrXgdY961cFWJsOMS0imR4R2yT9Qgygh49QPygss1Fj17oc94v49iMnuDVF1m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5abf7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=82&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/bitcoin.png

104.26.7.56

200 OK

25 kB

URL GET HTTP/2
cdn.cuty.io/images/public/bitcoin.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
25 kB (24738 bytes)
Hash
5a58f6ad797f982c14f200a04fd59d30
b4f5e106bc8518c87cb7988b322721e4e9aa9352
53f6e1e8b214b663fb9b6ea01616d304f12901a28a2810c9776aa6b616f8f395

HTTP Headers

GET /images/public/bitcoin.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 24738
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=30766
content-disposition: inline; filename="bitcoin.webp"
vary: Accept
etag: "6736ee3d-782e"
expires: Thu, 20 Nov 2025 18:16:15 GMT
last-modified: Fri, 15 Nov 2024 06:46:21 GMT
cf-cache-status: HIT
age: 3189183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJFXU9WKns208vjX8K4902YQNGsGtb2wxCZKZx7ltvd1A1aLiokPXlAZe6tx05G%2FBI07UL3Z1PO589KxJA5nVOOnaG5hN1ts2WQ4wCgvSbRg8Cnot0nCY5rOnrQ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5abe7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=80&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/paypal.png

104.26.7.56

200 OK

20 kB

URL GET HTTP/2
cdn.cuty.io/images/public/paypal.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
20 kB (19980 bytes)
Hash
cb3c2365bc4ab68c2a218330f9fd0fd7
963ed20ac545ee6feaaa4eb34f67bad4c90cdee2
8d3a352fb65a6e167dac3019fc3e148fc6f82d99df7ad55192019055658035c8

HTTP Headers

GET /images/public/paypal.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 19980
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=24721
content-disposition: inline; filename="paypal.webp"
vary: Accept
etag: "67485f94-6091"
expires: Fri, 05 Dec 2025 04:12:57 GMT
last-modified: Thu, 28 Nov 2024 12:18:28 GMT
cf-cache-status: HIT
age: 1042329
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTg2dJRfivetOyy7V%2B5D1rDlmzBB%2FLnkqUgXYFGFPThxTLGdn%2Bw3k7ObNAvuWqozRRubv9Ce%2BYSmacx68u1PEXXPhRqYcU7q0beOZIB%2F1aBYDgCp7vTJUBDlJP9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ac17131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=82&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/linkedin-icon.png

104.26.7.56

200 OK

88 kB

URL GET HTTP/2
cdn.cuty.io/images/shared/linkedin-icon.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
88 kB (87734 bytes)
Hash
97cdaa305fe5c5550de8910320d799fc
d64f75fed751e5c440fdc40fb6e634ee555e8173
eb331aeac999a1242826e84a01ba1f94a267d00df88581b1e1f16a552f9f8c11

HTTP Headers

GET /images/shared/linkedin-icon.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 87734
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=227769
content-disposition: inline; filename="linkedin-icon.webp"
vary: Accept
etag: "6736ee3d-379b9"
expires: Thu, 20 Nov 2025 16:53:04 GMT
last-modified: Fri, 15 Nov 2024 06:46:21 GMT
cf-cache-status: HIT
age: 3189183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avX6FmfS8wdgxXL5H%2BioLEeaqJkbesK9DinySG4CA%2B5KMRfMFfiRTBtrYQvKdlhi4GxyMZVPKoDbz16NQ9CwEBT%2Bs4Bk4YzbmLCl04EZBld1L6vWfDEFzNNaw9y7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ab97131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=79&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/perfectMoney.png

104.26.7.56

200 OK

126 kB

URL GET HTTP/2
cdn.cuty.io/images/public/perfectMoney.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
PNG image data, 5000 x 1023, 8-bit colormap, non-interlaced
Size
126 kB (126441 bytes)
Hash
8d435c00f5d38bf2ad537537c2b90e1d
7dce3f69511cf85555ae648f947eb9aacd3ad0a0
b21c3beb884572eb72f619bd87a5f2b9548ab81f15215f59af6e83195f49f2d1

HTTP Headers

GET /images/public/perfectMoney.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 126441
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=202386
content-disposition: inline; filename="perfectMoney.webp"
vary: Accept
etag: "669cb8d1-31692"
expires: Thu, 31 Jul 2025 08:17:17 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 13206663
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q89F0Dx75Xv0p7%2Fmq49%2BVi2xEzV4CgV8hxoAaFTBr5gIwZh9c%2Ffr6Wg9cWd%2BmJSULRSP7wQSaEYh2dS9%2F8jtJf9kGb5gssXbB5zeLNnRGaefHTDOgDLVr%2FYlH2jE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ac27131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=60&recv=27&lost=0&retrans=1&sent_bytes=67926&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=84&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/locale-en.png

104.26.7.56

200 OK

12 kB

URL GET HTTP/2
cdn.cuty.io/images/shared/locale-en.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11930 bytes)
Hash
d1b5bc04aa5077c8a9869038892ac2f6
afbdc646898379e1128e9f3bc0fc309519ac1eb7
7abc5fbdfccc6e7fc7799d95f11b2f598b13a49fc65f84ca4ef31aac340b76c4

HTTP Headers

GET /images/shared/locale-en.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 11930
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=24647
content-disposition: inline; filename="locale-en.webp"
etag: "67485f94-6047"
expires: Thu, 18 Dec 2025 23:15:48 GMT
last-modified: Thu, 28 Nov 2024 12:18:28 GMT
strict-transport-security: max-age=31536000
vary: Accept
cf-cache-status: HIT
age: 957584
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJfQxzw8laIF%2FLUskNVUsmInjZvbN3ggUftOYxDyU9o%2BfrZ2L4nAKq%2BVFNzZy2n%2FiYrfmWmtDgiKMSKOpyUvG4ePGBi8hsFy6WoriVIPMR1HkHTNcXdtziUa%2F0ph"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e7ac97131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1821&min_rtt=381&rtt_var=380&sent=322&recv=116&lost=0&retrans=1&sent_bytes=430766&recv_bytes=2691&delivery_rate=67541170&cwnd=236&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=95&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/locale-fr.png

104.26.7.56

200 OK

7.3 kB

URL GET HTTP/2
cdn.cuty.io/images/shared/locale-fr.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.3 kB (7294 bytes)
Hash
cc93ee217247413cda270774895caa30
dadc023303b3bd66fc34e727c024a80c00f83ab4
747301c91b3cd0bdfb73d20667dba2e134d5ee1cb0223e915cafe8041547754a

HTTP Headers

GET /images/shared/locale-fr.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 7294
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=16411
content-disposition: inline; filename="locale-fr.webp"
vary: Accept
etag: "669cb8d1-401b"
expires: Fri, 24 Oct 2025 15:55:03 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 5815032
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bd1RwaN49ZYp7mFIWyDhyKHepDccmbFGpVrjqB%2F6dJWgENhtcdsMrmnWzvezcu3lBASsoNG03JWAMikby759Xni1XmDVYXXrjqGzy5rMn5m0n5IcrI5e%2B%2FvFcm%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68ecada7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6371&min_rtt=381&rtt_var=10435&sent=336&recv=151&lost=0&retrans=1&sent_bytes=444112&recv_bytes=3245&delivery_rate=85827915&cwnd=220&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=146&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/locale-es.png

104.26.7.56

200 OK

4.7 kB

URL GET HTTP/2
cdn.cuty.io/images/shared/locale-es.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.7 kB (4670 bytes)
Hash
7905c98c891df4ae028112ba5bd9c80d
f82d09cf53e2859b04f33e00c37c4e3de1f28ce6
749a8255aac90e55bbe475ac318f7906b45a1e907df4088215ff01e49ce3a659

HTTP Headers

GET /images/shared/locale-es.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 4670
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=12579
content-disposition: inline; filename="locale-es.webp"
vary: Accept
etag: "669cb8d1-3123"
expires: Thu, 31 Jul 2025 08:17:15 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 13206664
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YisrDbgMGPgAYlSrJFmfe1nf6GZPXRxDqRNe5J8fmeojVARGNLncPxwweWZNT2vK%2FIqN8eWHxomA8TcYoKp2rT5ByD2D%2FKIaK3rcLGJ0H1Kpq7Qd%2BShjkjYNPf2i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68ecad87131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6371&min_rtt=381&rtt_var=10435&sent=344&recv=151&lost=0&retrans=1&sent_bytes=452082&recv_bytes=3245&delivery_rate=85827915&cwnd=220&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=146&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/locale-ar.png

104.26.7.56

200 OK

21 kB

URL GET HTTP/2
cdn.cuty.io/images/shared/locale-ar.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
RIFF (little-endian) data, Web/P image
Size
21 kB (20858 bytes)
Hash
811804c93b384a702071194d18c5ffab
b281b885df997fccfca6ee2ccad6dca679fca09e
844ac31e673fa73a526714091e4b31e3214c203e08aebb046ba113d71e679052

HTTP Headers

GET /images/shared/locale-ar.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 20858
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=51070
content-disposition: inline; filename="locale-ar.webp"
vary: Accept
etag: "669cb8d1-c77e"
expires: Thu, 31 Jul 2025 08:17:15 GMT
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
cf-cache-status: HIT
age: 13206664
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dp5za2xg7Tuis4NEYwePkhmBS9%2FzL5xkD%2BwTEMEEgX%2Fx%2F88Oh43UTAaTyxDW3q%2BBDhtyP85x8S7y4VWbZQ1UsMK8LoF9EV9jS%2FJRBJPs1pOHh6G14NMt%2BQzh2s4J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68ecad97131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3561&min_rtt=381&rtt_var=5681&sent=350&recv=156&lost=0&retrans=1&sent_bytes=457334&recv_bytes=3245&delivery_rate=85827915&cwnd=220&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=147&x=0"
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP

142.250.74.168

200 OK

105 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFA:A6:D6:5C:A6:DC:BE:D1:9A:34:42:70:3B:66:13:21:40:A4:C9:E4
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type
JavaScript source, ASCII text, with very long lines (3835)
Size
105 kB (104696 bytes)
Hash
126132af96a0fff52a9efeb364462c59
64fb2616403526b56aa7e082680cfdec3d249d88
e53d688c50a2f33964bc6e309077fec47457b589e7caa774edf8e1e3cd3f8b03

HTTP Headers

GET /gtag/js?id=G-GGDCMPL4QP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Dec 2024 04:50:46 GMT
expires: Tue, 31 Dec 2024 04:50:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 104696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.cuty.io/js/public/links/first.js?id=546df8a8f0170b68416d0c1c965c0a02

104.26.7.56

200 OK

151 kB

URL GET HTTP/2
cdn.cuty.io/js/public/links/first.js?id=546df8a8f0170b68416d0c1c965c0a02
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
gzip compressed data, from Unix
Size
151 kB (150678 bytes)
Hash
11e286f964fcf62a0c121b0abba3c98f
c46ac5b4c07eb97e88bdc688e69352562677e242
c5b18102fa74b3e0c350f584bd8716ea860edd61da121b76e57a71b32c9dd72d

HTTP Headers

GET /js/public/links/first.js?id=546df8a8f0170b68416d0c1c965c0a02 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 12:18:27 GMT
vary: Accept-Encoding
etag: W/"67485f93-3d56d"
expires: Fri, 28 Nov 2025 12:18:30 GMT
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 2824333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q70wrZxLcTLumpzwaJ%2FT9%2BsW1QP9sdWl7ufujOtTkVULP6sPpXWY2Ht1xk84nL3eldVGi5KKOpXsgmA1BAzawxFMzxj4JtGGRGvRUl5JjwF4QWUcKbZLidDhnBsM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68ecadc7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3561&min_rtt=381&rtt_var=5681&sent=367&recv=156&lost=0&retrans=1&sent_bytes=478818&recv_bytes=3245&delivery_rate=85827915&cwnd=220&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=147&x=0"
X-Firefox-Spdy: h2

GET dcbbwymp1bhlf.cloudfront.net/?wbbcd=1083537

54.230.241.35

200 OK

112 kB

URL GET HTTP/2
dcbbwymp1bhlf.cloudfront.net/?wbbcd=1083537
IP
54.230.241.35:443
ASN
#16509 AMAZON-02

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (38488)
Size
112 kB (111908 bytes)
Hash
1e7e6ae4b98ffa55fac0b405b37d7402
829f887c9c635e00a8889d01be77ee1d6520ec30
d21f6edd43265667853c93818e3d133cc623da03260a14bd10aa5656d7d18806

HTTP Headers

GET /?wbbcd=1083537 HTTP/1.1
Host: dcbbwymp1bhlf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 111908
date: Tue, 31 Dec 2024 04:50:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PATuo6G__s34CeaNcOq3WPYJCWpPBquW76EDX8ZPh-ZsRR2KMQmMrQ==
X-Firefox-Spdy: h2

GET pugmarktagua.com/1clkn/60028

23.109.170.244

200 OK

26 B

URL GET HTTP/1.1
pugmarktagua.com/1clkn/60028
IP
23.109.170.244:443
ASN
#7979 SERVERS-COM

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subjectpugmarktagua.com
FingerprintA1:66:9D:5E:C1:30:81:FE:8F:09:A4:E4:5A:30:1F:9E:51:46:8C:F3
ValidityThu, 14 Nov 2024 20:05:56 GMT - Wed, 12 Feb 2025 20:05:55 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/60028 HTTP/1.1
Host: pugmarktagua.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Dec 2024 04:50:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Wed, 01-Jan-2025 04:50:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Wed, 01-Jan-2025 04:50:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET cdn.cuty.io/images/public/step-1.svg

104.26.7.56

200 OK

732 B

URL GET HTTP/2
cdn.cuty.io/images/public/step-1.svg
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
SVG Scalable Vector Graphics image
Size
732 B (732 bytes)
Hash
ad1cdcda9f493e8994f2739b5f67b12d
b8253611982449d9922a5ddb8084de304e5b56fc
99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3

HTTP Headers

GET /images/public/step-1.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Nov 2024 12:18:28 GMT
etag: W/"67485f94-658"
expires: Sat, 29 Nov 2025 03:00:29 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1113809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2YkVtSJKZJlCs%2BB%2B0O%2FxhUsQD6Hf1A4Sd3JgCqaX8zaVO0rOh%2BbxpvmP4dMBTiCxCj23sThFMG%2B19WDhNdjgHSoR5rpiAhmEO6WClppSX1Ep8OTurFKMBFus7pQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68e5aba7131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=79&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620646193

104.26.4.26

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620646193
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/4be6ffb143031765ec52eb449458a122.min.js?1735620646193 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
cache-control: max-age=3600
expires: Tue, 31 Dec 2024 05:50:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWoit1RZnDinroQxQRp3%2FNo%2FFSu%2FIyE0nbc%2BdeV%2B4qPAJny%2BLAdXp%2F0X3J%2FMSF4ebFSEpvh%2B%2Bd%2F86q99V%2FmGGx1JqVkgSuav%2Bk4B4WXNdXCdrsl2Zz6vRNhl6%2B96dCekIh0WN4SY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a690a98956c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=587&min_rtt=356&rtt_var=388&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4153&recv_bytes=1319&delivery_rate=7567944&cwnd=256&unsent_bytes=0&cid=d5ad0187b82cf742&ts=46&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620646196

104.26.4.26

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620646196
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/4be6ffb143031765ec52eb449458a122.min.js?1735620646196 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
cache-control: max-age=3600
expires: Tue, 31 Dec 2024 05:50:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tBh1DbYtO15cmDe1OBgF98f%2Fz86hTkXjXGgEFNqGgDP0SgykXQuPYWvMSMcpMinmheZUfMyrnzYyXf%2BgJ6hvylWeOiDB9TonzeQyb1eqjxSYj4tuLjd2t1Vm3M7%2FfFxDTxevjn1k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a690a98e56c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=902&min_rtt=356&rtt_var=921&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4820&recv_bytes=1428&delivery_rate=7567944&cwnd=256&unsent_bytes=0&cid=d5ad0187b82cf742&ts=54&x=0"
X-Firefox-Spdy: h2

GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.80.73

200 OK

55 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
Fingerprint68:D3:62:56:06:F9:32:39:3B:2D:19:7E:B1:45:4B:2C:76:5F:73:C6
ValidityMon, 30 Dec 2024 10:58:15 GMT - Sun, 30 Mar 2025 11:58:10 GMT

File type
gzip compressed data, from Unix
Size
55 kB (55327 bytes)
Hash
33aa2cf211f338a74a8fc203902e1c5f
89483bb9a1e91d3dd34346be02db56dcd886f185
d731296a4c66948297b3aa1126c1c0c1f8a98fc2e02b1aab666248587ab77f2a

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68ecf00568b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 22:56:01 GMT
expires: Sat, 27 Dec 2025 22:56:01 GMT
cache-control: public, max-age=31536000
age: 280485
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 22:56:01 GMT
expires: Sat, 27 Dec 2025 22:56:01 GMT
cache-control: public, max-age=31536000
age: 280485
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET rvisofoseveralyear.com/dk9DcXdZcCACSiwZGQkTRHoRExwgDBs3RgAcFhUWICIFNiYwd2UFHhJyckFPRXpwRlEGJidMRlA8NxADAzx+QFEfISUeSlA5fkBZRXttQkFYe2UESkdpNwEWEXJyVwcCOy9MRkF8dkdFRnl3R0JAeg

104.21.32.1

204 No Content

0 B

URL GET HTTP/2
rvisofoseveralyear.com/dk9DcXdZcCACSiwZGQkTRHoRExwgDBs3RgAcFhUWICIFNiYwd2UFHhJyckFPRXpwRlEGJidMRlA8NxADAzx+QFEfISUeSlA5fkBZRXttQkFYe2UESkdpNwEWEXJyVwcCOy9MRkF8dkdFRnl3R0JAeg
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectrvisofoseveralyear.com
Fingerprint8C:A7:F3:B6:0B:62:C3:5C:53:3B:59:B3:A6:41:30:07:22:A0:0D:D3
ValidityFri, 08 Nov 2024 08:12:55 GMT - Thu, 06 Feb 2025 08:12:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dk9DcXdZcCACSiwZGQkTRHoRExwgDBs3RgAcFhUWICIFNiYwd2UFHhJyckFPRXpwRlEGJidMRlA8NxADAzx+QFEfISUeSlA5fkBZRXttQkFYe2UESkdpNwEWEXJyVwcCOy9MRkF8dkdFRnl3R0JAeg HTTP/1.1
Host: rvisofoseveralyear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:50:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=he%2FEqQquN8HtGBIHSG4aYi%2BvfVwkdcC0Ukgr26AsXHc1%2BJLngYrZ02AvRb%2FharwojzbenYCOZSw6eG1np%2BJt696J8PzkU6BbAHmRBKIjRhFsw7Ssf64f4e6uXlorY9n2yUgAdcrMok%2FD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a691fc93b4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=739&min_rtt=412&rtt_var=533&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3233&recv_bytes=1366&delivery_rate=7621052&cwnd=254&unsent_bytes=0&cid=2f596bcf61481c23&ts=141&x=0"
X-Firefox-Spdy: h2

GET rvisofoseveralyear.com/MndEVGUdSCcnWFcxJ2E/dyUFDhJeJSdkXFwzEhpcYyB8BDABNmIgDFZKdWRcAUBwZ0NCHiBpVBQEMDURRwR5ZUNbGSI7WBQBeWVLAUNqZ1McQ2IhWANRMCQEVUp1chVGAyhpVAVEcWJXAkFwYlAKTw

104.21.32.1

204 No Content

0 B

URL GET HTTP/2
rvisofoseveralyear.com/MndEVGUdSCcnWFcxJ2E/dyUFDhJeJSdkXFwzEhpcYyB8BDABNmIgDFZKdWRcAUBwZ0NCHiBpVBQEMDURRwR5ZUNbGSI7WBQBeWVLAUNqZ1McQ2IhWANRMCQEVUp1chVGAyhpVAVEcWJXAkFwYlAKTw
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectrvisofoseveralyear.com
Fingerprint8C:A7:F3:B6:0B:62:C3:5C:53:3B:59:B3:A6:41:30:07:22:A0:0D:D3
ValidityFri, 08 Nov 2024 08:12:55 GMT - Thu, 06 Feb 2025 08:12:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MndEVGUdSCcnWFcxJ2E/dyUFDhJeJSdkXFwzEhpcYyB8BDABNmIgDFZKdWRcAUBwZ0NCHiBpVBQEMDURRwR5ZUNbGSI7WBQBeWVLAUNqZ1McQ2IhWANRMCQEVUp1chVGAyhpVAVEcWJXAkFwYlAKTw HTTP/1.1
Host: rvisofoseveralyear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:50:46 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzc%2FoZSKRHQlDHg3IFegEQNjQeEVh6%2FED9i14xFLasgO4LSiNjCXKqRsEd6phG%2FRhv7KJ1Rgy8LtEwr9N4kUx4u9QJ05aspEDrmQlZgfBlilj6p24Ce4m40om4fy7hYpy975KDL4%2FOwW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a691fc96b4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=739&min_rtt=412&rtt_var=533&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3810&recv_bytes=1366&delivery_rate=7621052&cwnd=254&unsent_bytes=0&cid=2f596bcf61481c23&ts=146&x=0"
X-Firefox-Spdy: h2

GET istkechaukrguk.com/Nm9adEFXDTkZfldSOFI0RANnUXNwSmgyJVUNOAM4Wx9rFilaCXQXLVkaPhIzWQEuWi9TG39GB2QNDxdwZCgTOwpwHDMsE10aDywtYjcCQAZVXgARGGM6aDY2QlkMHQRhKR0YFHgtEDgNYzYoMAMHWT81Mn0hLTIVcgUpJAN3DGMxKkUVDg0DUDcNMht8Pi0/JF4iMjAAA1kYMwhyLAkhCFUqCy4PBwAsLDZzHQ8OAHwsHk0lfxgyOAxaPW8wNn9WAjcmeSsdPQl3Az4wJU4taCEqY0poMgN+ORIsJmM+PhgIdCM2BzlxBDJFA2IXOyM5USs5MSVTLQhZAwQ6Mkw5cyc5Hhd+KjgQBEImPiUUXC0tQDJhAhwlCgU6HBAXfAs+ExcHPWtNcmMWaiUCdSk7JARSCRslOU87HEUpZyc2IGdcHDUaMQsiFRwbcAkQLSN1XSME

3.164.230.37

200 OK

1.2 kB

URL GET HTTP/2
istkechaukrguk.com/Nm9adEFXDTkZfldSOFI0RANnUXNwSmgyJVUNOAM4Wx9rFilaCXQXLVkaPhIzWQEuWi9TG39GB2QNDxdwZCgTOwpwHDMsE10aDywtYjcCQAZVXgARGGM6aDY2QlkMHQRhKR0YFHgtEDgNYzYoMAMHWT81Mn0hLTIVcgUpJAN3DGMxKkUVDg0DUDcNMht8Pi0/JF4iMjAAA1kYMwhyLAkhCFUqCy4PBwAsLDZzHQ8OAHwsHk0lfxgyOAxaPW8wNn9WAjcmeSsdPQl3Az4wJU4taCEqY0poMgN+ORIsJmM+PhgIdCM2BzlxBDJFA2IXOyM5USs5MSVTLQhZAwQ6Mkw5cyc5Hhd+KjgQBEImPiUUXC0tQDJhAhwlCgU6HBAXfAs+ExcHPWtNcmMWaiUCdSk7JARSCRslOU87HEUpZyc2IGdcHDUaMQsiFRwbcAkQLSN1XSME
IP
3.164.230.37:443
ASN
#0

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerAmazon
Subjectistkechaukrguk.com
Fingerprint43:0D:3E:FB:97:85:66:73:AF:E2:47:3A:F0:28:A3:B4:D9:D3:36:77
ValidityWed, 13 Nov 2024 00:00:00 GMT - Fri, 12 Dec 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3039), with no line terminators
Size
1.2 kB (1192 bytes)
Hash
7f971b6056cd3869bc9d4b37cf52cd76
d9a45b2154dc849d02c23794c0df9b33bd98f979
db86557771a31e9a4f1ff79d352f8ee88810c764148f0a93ecebe5c7d391a360

HTTP Headers

GET /Nm9adEFXDTkZfldSOFI0RANnUXNwSmgyJVUNOAM4Wx9rFilaCXQXLVkaPhIzWQEuWi9TG39GB2QNDxdwZCgTOwpwHDMsE10aDywtYjcCQAZVXgARGGM6aDY2QlkMHQRhKR0YFHgtEDgNYzYoMAMHWT81Mn0hLTIVcgUpJAN3DGMxKkUVDg0DUDcNMht8Pi0/JF4iMjAAA1kYMwhyLAkhCFUqCy4PBwAsLDZzHQ8OAHwsHk0lfxgyOAxaPW8wNn9WAjcmeSsdPQl3Az4wJU4taCEqY0poMgN+ORIsJmM+PhgIdCM2BzlxBDJFA2IXOyM5USs5MSVTLQhZAwQ6Mkw5cyc5Hhd+KjgQBEImPiUUXC0tQDJhAhwlCgU6HBAXfAs+ExcHPWtNcmMWaiUCdSk7JARSCRslOU87HEUpZyc2IGdcHDUaMQsiFRwbcAkQLSN1XSME HTTP/1.1
Host: istkechaukrguk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1192
date: Tue, 31 Dec 2024 04:50:46 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=uCNvSIgUJFSXZKU6fVpW/hG4Z6Cg2bLchJ68ZdnDtJYCazXTk2ON6s3O40XBWwzJC3E9aJt7BgLT7SVQNv735BHDqo5fxoCWWb3r9gAOMgRLQRYeaRDdp3iEZaiR; Expires=Tue, 07 Jan 2025 04:50:46 GMT; Path=/
AWSALBCORS=uCNvSIgUJFSXZKU6fVpW/hG4Z6Cg2bLchJ68ZdnDtJYCazXTk2ON6s3O40XBWwzJC3E9aJt7BgLT7SVQNv735BHDqo5fxoCWWb3r9gAOMgRLQRYeaRDdp3iEZaiR; Expires=Tue, 07 Jan 2025 04:50:46 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 7146458eabc0c79851363d3a7ad4d72c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: 2ulnGGG-lo6pO_ctSVGyIxwjy6rawbgqWfM-kfDWVz7jr8JWncwGQg==
X-Firefox-Spdy: h2

GET fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1

104.26.4.26

307 Temporary Redirect

169 B

URL GET HTTP/2
fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
c2f0b06c1140ce9f7ad48858f9f34354
0e7d03830d70c77948ca229ba3e2c2f645fe8acf
7108fef32b066dcb8e074d4114e8614cfb6f1efeb9497c0b0268b7b4039f22bc

HTTP Headers

GET /extra/cmp/cmp-gdpr.js?v=1 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 307 Temporary Redirect
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: text/html
content-length: 169
location: https://gpp.netpub.media/init.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bplju%2Fj18pOtY3OM1Nb%2FlsRYZi1omQQJldIeS7G2tR225yWrGfQXByc9lO%2BxXjfDp5ujtnqqKArNhVP6mJGaQTxoG2mH5k6LzX9ETBSpyDxngicvvVz9DGiur7tgQmVT2J3eefnc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a6932a6056c7-OSL
X-Firefox-Spdy: h2

GET istkechaukrguk.com/dGJzYmoVABAPVRVfEUQfBg5OR1gyR0EkDhcAERUTGRJCAAIYBF0BBhsXFwQYGwwHTAQRFlZQLDs0NSdbFlI6UToYETkEOTVWJjQgDjg0CS0jDDUIDkQ3FygQPhElBQVGLitbPzwYORslRDsyLikmESkzXhsjJwYQNhgcLCksUzksA0BTMCRTHy03IAg3KkobJDIRPgRYIlElIxkTAyQ3PjMYOlUlEwU3LgA9DisFBUIyNzgMJzYQUwgyBTItLkRbJDNfGjgbASslOjkaMwM0Oy0HIgU2JB01ASQvLDUbAFQgMVM4AS0lEjc0ARA7Hjc7LCMxGjMDTyYGJDwkGgYsLlIWDy8XMR0gAToOMi8hIBZDIBMYFSklKzI6QCwBLSAxBgkeK0cwHRsJPBsBJToiMB4uGgcEMDckACArUggADQQEXyMDACEENQoSLTo7

3.164.230.37

200 OK

1.2 kB

URL GET HTTP/2
istkechaukrguk.com/dGJzYmoVABAPVRVfEUQfBg5OR1gyR0EkDhcAERUTGRJCAAIYBF0BBhsXFwQYGwwHTAQRFlZQLDs0NSdbFlI6UToYETkEOTVWJjQgDjg0CS0jDDUIDkQ3FygQPhElBQVGLitbPzwYORslRDsyLikmESkzXhsjJwYQNhgcLCksUzksA0BTMCRTHy03IAg3KkobJDIRPgRYIlElIxkTAyQ3PjMYOlUlEwU3LgA9DisFBUIyNzgMJzYQUwgyBTItLkRbJDNfGjgbASslOjkaMwM0Oy0HIgU2JB01ASQvLDUbAFQgMVM4AS0lEjc0ARA7Hjc7LCMxGjMDTyYGJDwkGgYsLlIWDy8XMR0gAToOMi8hIBZDIBMYFSklKzI6QCwBLSAxBgkeK0cwHRsJPBsBJToiMB4uGgcEMDckACArUggADQQEXyMDACEENQoSLTo7
IP
3.164.230.37:443
ASN
#0

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerAmazon
Subjectistkechaukrguk.com
Fingerprint43:0D:3E:FB:97:85:66:73:AF:E2:47:3A:F0:28:A3:B4:D9:D3:36:77
ValidityWed, 13 Nov 2024 00:00:00 GMT - Fri, 12 Dec 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3035), with no line terminators
Size
1.2 kB (1189 bytes)
Hash
f99c8364c123d48fd5c9d42a6f4c375e
343db6e5c2c3ee74d2f812d1c8fe2a61e87665ed
867fad646b5d9749f98e4470e25a40c5c8589a3d2a543b383c74d8de4622c713

HTTP Headers

GET /dGJzYmoVABAPVRVfEUQfBg5OR1gyR0EkDhcAERUTGRJCAAIYBF0BBhsXFwQYGwwHTAQRFlZQLDs0NSdbFlI6UToYETkEOTVWJjQgDjg0CS0jDDUIDkQ3FygQPhElBQVGLitbPzwYORslRDsyLikmESkzXhsjJwYQNhgcLCksUzksA0BTMCRTHy03IAg3KkobJDIRPgRYIlElIxkTAyQ3PjMYOlUlEwU3LgA9DisFBUIyNzgMJzYQUwgyBTItLkRbJDNfGjgbASslOjkaMwM0Oy0HIgU2JB01ASQvLDUbAFQgMVM4AS0lEjc0ARA7Hjc7LCMxGjMDTyYGJDwkGgYsLlIWDy8XMR0gAToOMi8hIBZDIBMYFSklKzI6QCwBLSAxBgkeK0cwHRsJPBsBJToiMB4uGgcEMDckACArUggADQQEXyMDACEENQoSLTo7 HTTP/1.1
Host: istkechaukrguk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1189
date: Tue, 31 Dec 2024 04:50:46 GMT
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
set-cookie: AWSALB=t+EMgJhUhXSAwvvkeic+erO1yb3l4bY7bTYTUd15EgdS1GFxrsgNp91sbGqZ6wDnoP5AmXsJLH5xTy7ekEkD6ke7lO7u+fzORDIoaRuvoT3rDTwiwSRMWm+2Bjp6; Expires=Tue, 07 Jan 2025 04:50:46 GMT; Path=/
AWSALBCORS=t+EMgJhUhXSAwvvkeic+erO1yb3l4bY7bTYTUd15EgdS1GFxrsgNp91sbGqZ6wDnoP5AmXsJLH5xTy7ekEkD6ke7lO7u+fzORDIoaRuvoT3rDTwiwSRMWm+2Bjp6; Expires=Tue, 07 Jan 2025 04:50:46 GMT; Path=/; SameSite=None
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 7146458eabc0c79851363d3a7ad4d72c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: AUBZg7B9Ka1W9n47iO_MFzVtVp1GDJm4I9Uw-jpo4q1r5j-um9zp3g==
X-Firefox-Spdy: h2

dcbbwymp1bhlf.cloudfront.net/RbUc1RGIOKFsiXRkuUXlTXX4Gc1ZeYUU2Bwt6ViEWFGlUNBJLLUYrDB16eAsKNwFTDjsPBAc9EkszTyBfXWFZJQwKehMhDA56BGIDCSUIcEQZN1ovXwErUzAJCD9dIwhLMlR5DwI9XCgODGIHAldDdxB2UkU/BHVHXgUQdlIBLlsxGkh1BTxaWxgDcEdeBR-B2Uh8xEHcjVHEbdEtIdQUjBw4sWmFQK3UFdVJddgV1R193Uy0QCCFaPEdfAQxyTF1hQHlT

54.230.241.35

200 OK

504 B

URL
dcbbwymp1bhlf.cloudfront.net/RbUc1RGIOKFsiXRkuUXlTXX4Gc1ZeYUU2Bwt6ViEWFGlUNBJLLUYrDB16eAsKNwFTDjsPBAc9EkszTyBfXWFZJQwKehMhDA56BGIDCSUIcEQZN1ovXwErUzAJCD9dIwhLMlR5DwI9XCgODGIHAldDdxB2UkU/BHVHXgUQdlIBLlsxGkh1BTxaWxgDcEdeBR-B2Uh8xEHcjVHEbdEtIdQUjBw4sWmFQK3UFdVJddgV1R193Uy0QCCFaPEdfAQxyTF1hQHlT
IP
54.230.241.35:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62
ValidityTue, 30 Jul 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

File type
ASCII text, with very long lines (697), with no line terminators
Size
504 B (504 bytes)
Hash
2a7be2ffd6f3219f922cefc4ef7194f8
c1629bb486252422bc3603073475607a12fb1b14
0772e4f553c0ff5c05d4c46fe63d47314486982f2e18ff8c2e55860106fc2294

HTTP Headers

GET /RbUc1RGIOKFsiXRkuUXlTXX4Gc1ZeYUU2Bwt6ViEWFGlUNBJLLUYrDB16eAsKNwFTDjsPBAc9EkszTyBfXWFZJQwKehMhDA56BGIDCSUIcEQZN1ovXwErUzAJCD9dIwhLMlR5DwI9XCgODGIHAldDdxB2UkU/BHVHXgUQdlIBLlsxGkh1BTxaWxgDcEdeBR-B2Uh8xEHcjVHEbdEtIdQUjBw4sWmFQK3UFdVJddgV1R193Uy0QCCFaPEdfAQxyTF1hQHlT HTTP/1.1
Host: dcbbwymp1bhlf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://istkechaukrguk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 504
date: Tue, 31 Dec 2024 04:50:47 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3By8YEqpsWwwpLu_chbYfelxUwQAfkiYE41wcv_O4zlKQLtlMikXhQ==
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js

104.26.4.26

302 Found

46 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
data
Size
46 kB (46283 bytes)
Hash
e3392d1666a2be19076b8b6e11c0acc5
5e1fd001f444e46e46c40ca6af234f1c2fe8d680
64c82c5bfd856c5d477adb087cd721e30ff9324dc6fdb7383c67fae1384bc99b

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UlbPb%2BKC8apS2fxLLXXqUYP%2FjeB9eglTTDVblyge7x7a8eKNnL7x7ukGQk89KYao%2BD%2B75MnXvffI4uevzqyRgN3ix6W6Hwh7C1q6lTDbOBTsj30P5jzlkG0feSzCx%2F5LyXAvOdlj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a690e99a56c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=908&min_rtt=356&rtt_var=702&sent=17&recv=17&lost=0&retrans=0&sent_bytes=6876&recv_bytes=1722&delivery_rate=7567944&cwnd=256&unsent_bytes=358&cid=d5ad0187b82cf742&ts=115&x=0"
X-Firefox-Spdy: h2

GET gpp.netpub.media/init.js

104.26.4.26

200 OK

906 B

URL GET HTTP/2
gpp.netpub.media/init.js
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (752), with CRLF line terminators
Size
906 B (906 bytes)
Hash
fa888b39ecd7c93a9890f0a87daaa698
c9c3b4181d84be93f6e654e35cd727f9236254ae
702281afd2c449c3b3943ac4146ad0e02c44b0faa42b638859c5dfb3b0cdfefd

HTTP Headers

GET /init.js HTTP/1.1
Host: gpp.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 08 Dec 2024 00:36:50 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2FG8Ah%2FxfNAuRyHPk8UzP5pURNnhJVjgkpKMrxZC7PpuB8rewr4%2BY38qVzRksntAZX7eBjYa%2BE40eM92L%2FSS0Dz6oseQgYFmWopvDPoOT1xZSt8XER%2BCCsW%2BquYIY4At%2FdE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a6938a7f56c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1065&min_rtt=356&rtt_var=96&sent=282&recv=114&lost=0&retrans=0&sent_bytes=365430&recv_bytes=2351&delivery_rate=103180144&cwnd=224&unsent_bytes=0&cid=d5ad0187b82cf742&ts=535&x=0"
X-Firefox-Spdy: h2

GET exe.io/ac.js

104.21.32.1

200 OK

6.2 kB

URL GET HTTP/2
exe.io/ac.js
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subjectexe.io
Fingerprint10:AE:98:67:99:AE:F5:A8:79:D8:EF:90:7A:A6:66:E9:7B:CD:C8:EE
ValidityTue, 12 Nov 2024 01:15:30 GMT - Mon, 10 Feb 2025 01:15:29 GMT

File type
JavaScript source, ASCII text, with very long lines (16635), with no line terminators
Size
6.2 kB (6200 bytes)
Hash
eca4a9d80e5d3cd11ca5f94dea632381
5b007c7f33f6dbdb6cc9ad6399b60434ab469596
a41046a5a81790220c3f6d56e1853f943400f6bf9a0f5b4b9eeef0a970be042a

HTTP Headers

GET /ac.js HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: application/javascript
content-length: 6200
x-frame-options: SAMEORIGIN
last-modified: Thu, 25 Jul 2024 23:39:49 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Thu, 30 Jan 2025 04:50:47 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: no-cache
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEOeMl%2BOBjQurZaMVvgV7kPFBl%2Bxtz7zq7g80i8sFsvhfPUI4SVmWK94S3Ad1jgu7eiZU1b%2F1X1DbUwTdh6muVUgHG3FAAGxh4UCGwGJfXtHwlQ4GVHLMkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68ebba3b4ee-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1482&min_rtt=395&rtt_var=2221&sent=7&recv=10&lost=0&retrans=0&sent_bytes=2835&recv_bytes=1148&delivery_rate=5886178&cwnd=253&unsent_bytes=0&cid=05276a93a0128177&ts=1103&x=0"
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241231

151.101.65.229

200 OK

835 B

URL GET HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241231
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JSON text data
Size
835 B (835 bytes)
Hash
99d84d7c7d8071396623a11776199fb8
f6f075a5b20ef5b309049cd6664a3542ba7f8815
2db5ba487a2c56e1c569073b0bf2d3fe666a8a55aa6e9aea32f161322499a5b7

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json?date=20241231 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2286
x-jsd-version-type: version
etag: W/"63a-9vB1pbIO9bMJBJzWZko1Qrp/iBU"
content-encoding: br
accept-ranges: bytes
date: Tue, 31 Dec 2024 04:50:47 GMT
age: 2992
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 835
X-Firefox-Spdy: h2

POST onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1848
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://cety.app
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

POST prebid.smilewanted.com/

104.22.30.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 327
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:50:47 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a6958e52712f-OSL
X-Firefox-Spdy: h2

POST onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1854
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://cety.app
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

POST prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#49981 WorldStream B.V.

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintF6:CA:E4:50:A9:EB:AE:5B:B9:27:67:8E:B6:95:3F:FC:62:FC:94:3B
ValidityFri, 01 Nov 2024 10:42:56 GMT - Thu, 30 Jan 2025 10:42:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1370
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cety.app
cache-control: max-age=0, private, must-revalidate
date: Tue, 31 Dec 2024 04:50:47 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

POST prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#49981 WorldStream B.V.

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintF6:CA:E4:50:A9:EB:AE:5B:B9:27:67:8E:B6:95:3F:FC:62:FC:94:3B
ValidityFri, 01 Nov 2024 10:42:56 GMT - Thu, 30 Jan 2025 10:42:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1368
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cety.app
cache-control: max-age=0, private, must-revalidate
date: Tue, 31 Dec 2024 04:50:47 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

POST prebid.smilewanted.com/

104.22.30.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 332
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:50:47 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a695ee70712f-OSL
X-Firefox-Spdy: h2

POST onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1853
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://cety.app
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

POST prebid.smilewanted.com/

104.22.30.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 331
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:50:47 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a696aebf712f-OSL
X-Firefox-Spdy: h2

POST prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#49981 WorldStream B.V.

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintF6:CA:E4:50:A9:EB:AE:5B:B9:27:67:8E:B6:95:3F:FC:62:FC:94:3B
ValidityFri, 01 Nov 2024 10:42:56 GMT - Thu, 30 Jan 2025 10:42:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1370
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cety.app
cache-control: max-age=0, private, must-revalidate
date: Tue, 31 Dec 2024 04:50:47 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

POST ghb.console.adtarget.com.tr/v2/auction/

185.239.172.170

200 OK

372 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
185.239.172.170:443
ASN
#55081 24SHELLS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint65:EA:C1:EC:E6:F5:56:61:0F:8C:FB:1E:EB:8E:48:C8:D8:35:D1:B1
ValidityMon, 25 Nov 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
JSON text data
Size
372 B (372 bytes)
Hash
3b77671ac3ba8ec194b2b15324e96e02
1765db659b4c7dd54276a048ef0e071fa79a479a
e78c503c427f9005ded617a802fe91b7f7c2e4855b02ec9798d4c1ab1e78bfcc

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 280
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Tue, 31 Dec 2024 04:50:46 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 372
Access-Control-Allow-Origin: https://cety.app
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

POST ghb.console.adtarget.com.tr/v2/auction/

185.239.172.170

200 OK

372 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
185.239.172.170:443
ASN
#55081 24SHELLS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint65:EA:C1:EC:E6:F5:56:61:0F:8C:FB:1E:EB:8E:48:C8:D8:35:D1:B1
ValidityMon, 25 Nov 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
JSON text data
Size
372 B (372 bytes)
Hash
e0914e073eafab6591c8b809f98be990
d9f64c308495c815033ab3c8d7732ee35bee7e2a
9b29ba9ee35ad9d34f287944d7e8afcf6513acdcf8150402bff9aa0a5052803d

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 280
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Tue, 31 Dec 2024 04:50:46 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 372
Access-Control-Allow-Origin: https://cety.app
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

GET fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647273

104.26.4.26

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647273
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/4be6ffb143031765ec52eb449458a122.min.js?1735620647273 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
cache-control: max-age=3600
expires: Tue, 31 Dec 2024 05:50:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CA2m%2BrouEjgpq%2BJuetZp8QwUy1g8e48IgxxOfx35wbjtexJYlQrmG0Nc0COWcwYiqj1phHpWqZH6BvE2fI6M80ejy62vVSpPReEKON%2FKI6fpTxt42vZSPLwXQbCwvvO%2FMLOZldTk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a6973c0f56c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1192&min_rtt=356&rtt_var=303&sent=286&recv=118&lost=0&retrans=0&sent_bytes=367105&recv_bytes=2578&delivery_rate=103180144&cwnd=226&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1101&x=0"
X-Firefox-Spdy: h2

POST ghb.console.adtarget.com.tr/v2/auction/

185.239.172.170

200 OK

372 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
185.239.172.170:443
ASN
#55081 24SHELLS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint65:EA:C1:EC:E6:F5:56:61:0F:8C:FB:1E:EB:8E:48:C8:D8:35:D1:B1
ValidityMon, 25 Nov 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
JSON text data
Size
372 B (372 bytes)
Hash
0f6200c8f9cd0aac46947d2864c85f89
5fb5c14998b12d5691e7ea26288ccfb39aa85265
9aec76c76f8810a004fec430359497de525e6532650808be6bb4aa4610c8e779

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 280
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Tue, 31 Dec 2024 04:50:46 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 372
Access-Control-Allow-Origin: https://cety.app
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

GET fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275

104.26.4.26

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
cache-control: max-age=3600
expires: Tue, 31 Dec 2024 05:50:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BAlo%2FYNNdWTUYaPqgyUcNCGxYcY%2BdHAl%2F6%2B20cIXly%2BYtYBIqE1GyA%2BJt7NivZLFq8pi6Vpg3h%2BvMaUHAogIc3T6PpWQxxnR2YC3u29nZ7Cqt8rdUYYtAohG1zSZP5FFm4%2FvBVlp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a6974c1356c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1188&min_rtt=356&rtt_var=236&sent=289&recv=121&lost=0&retrans=0&sent_bytes=367868&recv_bytes=2905&delivery_rate=103180144&cwnd=210&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1108&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275

104.26.4.26

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/4be6ffb143031765ec52eb449458a122.min.js?1735620647275 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
cache-control: max-age=3600
expires: Tue, 31 Dec 2024 05:50:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBN3mVSOkEuWWNn%2FIpn%2Bc1rxrummAR6U71aJt%2B7CCYRsPjVDD8tU9Vah3lyySpBfWkMMZD5lrUjQcImqZPexEqIoc0P%2Buv6gks074jxOQ0M2Pg4K1KHQLdcu7VowPYdCmsX94kkO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a6974c1456c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1188&min_rtt=356&rtt_var=236&sent=291&recv=121&lost=0&retrans=0&sent_bytes=368539&recv_bytes=2905&delivery_rate=103180144&cwnd=210&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1108&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647276

104.26.4.26

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620647276
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/4be6ffb143031765ec52eb449458a122.min.js?1735620647276 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
cache-control: max-age=3600
expires: Tue, 31 Dec 2024 05:50:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFrTMKSZk2slrFg7ue%2Fw6vGK2GfvWF%2BfjddNcEj80J1IiPFrAMQln1ehZBJeC%2FioPi2p12jt57z66hoFUspEwDZHuJ%2FCHGvS5DxQVen%2BHWeZ0WINK6YN6oG44rguuf3ZyAgFOF4a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a6974c1556c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1188&min_rtt=356&rtt_var=236&sent=293&recv=121&lost=0&retrans=0&sent_bytes=369197&recv_bytes=2905&delivery_rate=103180144&cwnd=210&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1110&x=0"
X-Firefox-Spdy: h2

GET cadmus.script.ac/dahhc4ozyvjm6/script.js

104.18.22.145

200 OK

3 B

URL GET HTTP/2
cadmus.script.ac/dahhc4ozyvjm6/script.js
IP
104.18.22.145:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subjectscript.ac
Fingerprint7A:14:E2:66:89:86:36:17:C6:20:B7:C0:40:EC:B6:C2:96:71:A7:B9
ValidityTue, 17 Dec 2024 14:20:09 GMT - Mon, 17 Mar 2025 14:20:08 GMT

File type
ASCII text
Size
3 B (3 bytes)
Hash
b519d08ef66fd54910edbedba6181ec2
8d06436c33a3086259f2f1ccaf03425707eeff17
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

HTTP Headers

GET /dahhc4ozyvjm6/script.js HTTP/1.1
Host: cadmus.script.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: application/javascript
content-length: 3
age: 0
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a6975ba656c1-OSL
X-Firefox-Spdy: h2

GET script.4dex.io/a/latest/adagio.js

104.26.9.169

200 OK

19 kB

URL GET HTTP/1.1
script.4dex.io/a/latest/adagio.js
IP
104.26.9.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectscript.4dex.io
Fingerprint1A:5F:2D:98:DC:81:4F:BD:35:D7:07:8B:67:60:E7:47:B3:27:27:B5
ValidityWed, 20 Nov 2024 00:00:47 GMT - Tue, 18 Feb 2025 01:00:45 GMT

File type
JavaScript source, ASCII text, with very long lines (62878)
Size
19 kB (19114 bytes)
Hash
3d0b27e2e24dd76a5911852853d2cbad
49f165ee56382f3d98e7751b8acbdedc50dd7fcd
ff99f1c735cb544c31b2b7b0d0921dd70888693219749c3105bdd56a9d341f7d

HTTP Headers

GET /a/latest/adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Dec 2024 04:50:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"3d0b27e2e24dd76a5911852853d2cbad"
Last-Modified: Wed, 18 Dec 2024 16:59:08 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers: 
CF-Cache-Status: HIT
Age: 840992
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCLBVLU5m55d%2BHJ8E4SNuchciXEhG470n5H19awhQzI4HTjyANr539np1pRwr4jKBYslS8eHAwGD8fTzo5vXI1kj2%2BxTT59i%2Bvq1CFeMVVDcS6EWQ2vYM4j08esKtr%2Bw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8fa7a6975a937127-OSL
Content-Encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=551&min_rtt=500&rtt_var=138&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3176&recv_bytes=1126&delivery_rate=7451114&cwnd=252&unsent_bytes=0&cid=574cdea513313209&ts=39&x=0"

POST mp.4dex.io/prebid

104.18.34.178

200 OK

1.1 kB

URL POST HTTP/2
mp.4dex.io/prebid
IP
104.18.34.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectmp.4dex.io
Fingerprint3B:94:35:EA:97:FB:E2:C0:68:A1:C3:AA:6A:C9:30:75:BA:78:1C:5C
ValidityWed, 25 Dec 2024 02:12:12 GMT - Tue, 25 Mar 2025 03:12:08 GMT

File type
ASCII text, with very long lines (3556)
Size
1.1 kB (1133 bytes)
Hash
6792e3b60b0dfc4852a9ad5d07dd0131
eec06eea7da893aaae54dbc4025308e5290d8565
005ca98e7b46c4280e4c2a53fb0f6d0a782089fb27844c5986f93a72097f79ed

HTTP Headers

POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1484
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://cety.app
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Splits. no seat with adunits, mapping rule and shaping
x-version: 3.0.0-gcp-ams
x-warn: Parsing the Prebid Request. int_scc_sid, Process Splits. all case seats filetered for: ban_div_netpub_campaign_somdgs1k59rxx3mzw3e
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a6959a79568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

POST ghb1.adtelligent.com/v2/auction/

167.235.37.234

200 OK

1.0 kB

URL POST HTTP/1.1
ghb1.adtelligent.com/v2/auction/
IP
167.235.37.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerZeroSSL
Subjectghb1.adtelligent.com
Fingerprint3E:81:E2:1A:B1:06:58:89:B9:E0:F6:9C:B7:34:74:45:2B:0F:93:90
ValidityMon, 25 Nov 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
JSON text data
Size
1.0 kB (1045 bytes)
Hash
32c6f34b4bf746ef8e4e006c925b6743
4f154a0135322febe11deb3e3253b7e8b0cfa711
4f39632636975a9696ee18299ea677466230b37be448154d7e51b737ffe238fe

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb1.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 335
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 31 Dec 2024 04:50:47 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1045
Access-Control-Allow-Origin: https://cety.app
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

GET fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48444, version 1.0
Size
48 kB (48444 bytes)
Hash
8e433c0592f77beb6dc527d7b90be120
d7402416753ae1bb4cbd4b10d33a0c10517838bd
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

HTTP Headers

GET /s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48444
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 22:56:01 GMT
expires: Sat, 27 Dec 2025 22:56:01 GMT
cache-control: public, max-age=31536000
age: 280486
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST cety.app/cdn-cgi/rum?

104.26.7.238

204 No Content

0 B

URL POST HTTP/3
cety.app/cdn-cgi/rum?
IP
104.26.7.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcety.app
Fingerprint2F:22:43:8E:D4:C5:1B:EB:6E:80:BA:82:9A:13:27:56:6D:7B:D8:1C
ValiditySat, 07 Dec 2024 01:51:21 GMT - Fri, 07 Mar 2025 01:51:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: cety.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 703
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Cookie: origin=cuty; XSRF-TOKEN=eyJpdiI6ImNacC9adTFGRC9pbC9kYWlKbnpEdGc9PSIsInZhbHVlIjoiekFWVzJFYTV0TlZyOHpyaUQza3FZQ3ZjWFhOQmQzVC92aHg5aDdmSnZkRmJXd1o4TDRoaUxBRDlEMVRDUjNyUEFxUWJ2eHFvU295UC9DMWZPNEJMRVYvWlFUOFlsbE5BVUJkeDZOMm15MWZleWZrbVNjMkU2OStvNUlkUE9BcW0iLCJtYWMiOiI2ZDAyZDA1OWE4ZDc1Y2UwYTYxZjVlM2JmMDU5YjJjNmQ0Y2NiNmM0MzRmMzBhMzYwZDk4NjEyYzA2MGU5MGQ5IiwidGFnIjoiIn0%3D; cutyio_session=eyJpdiI6ImROdTNQKzAzdlc2bmI3V1E1SGJoUnc9PSIsInZhbHVlIjoib2hBTWlvYzhBWGl5UzdudnU0MDdkSlcrcVExU094Y0p1VlpuRDFiY29kSnBSRnIrTjZ0OG15a3lVY2YyTnd2eUQzRFVCckV6N1RtVk9BYnJyZkhSaVNRVndXQ05OanZ1RW9ybHBuSG94UVZzQXluRStidkRyMklSKzFWSmhyb3YiLCJtYWMiOiJhODA2NTU4NmFmZWYwYjY2ZmQ5NDk2NTE2Mjg3NDMyMmQ0NjE5YzdmNjM2NWIyNWRiZDFmZTViZWI5YWQ3ZGI5IiwidGFnIjoiIn0%3D; _ga_GGDCMPL4QP=GS1.1.1735620647.1.0.1735620647.0.0.0; _ga=GA1.1.1564279676.1735620648
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 31 Dec 2024 04:50:47 GMT
access-control-allow-origin: https://cety.app
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8fa7a698885eb512-OSL
x-frame-options: DENY
x-content-type-options: nosniff

GET cety.app/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.26.7.238

302 Found

0 B

URL GET HTTP/3
cety.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.26.7.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcety.app
Fingerprint2F:22:43:8E:D4:C5:1B:EB:6E:80:BA:82:9A:13:27:56:6D:7B:D8:1C
ValiditySat, 07 Dec 2024 01:51:21 GMT - Fri, 07 Mar 2025 01:51:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: cety.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: origin=cuty; XSRF-TOKEN=eyJpdiI6ImNacC9adTFGRC9pbC9kYWlKbnpEdGc9PSIsInZhbHVlIjoiekFWVzJFYTV0TlZyOHpyaUQza3FZQ3ZjWFhOQmQzVC92aHg5aDdmSnZkRmJXd1o4TDRoaUxBRDlEMVRDUjNyUEFxUWJ2eHFvU295UC9DMWZPNEJMRVYvWlFUOFlsbE5BVUJkeDZOMm15MWZleWZrbVNjMkU2OStvNUlkUE9BcW0iLCJtYWMiOiI2ZDAyZDA1OWE4ZDc1Y2UwYTYxZjVlM2JmMDU5YjJjNmQ0Y2NiNmM0MzRmMzBhMzYwZDk4NjEyYzA2MGU5MGQ5IiwidGFnIjoiIn0%3D; cutyio_session=eyJpdiI6ImROdTNQKzAzdlc2bmI3V1E1SGJoUnc9PSIsInZhbHVlIjoib2hBTWlvYzhBWGl5UzdudnU0MDdkSlcrcVExU094Y0p1VlpuRDFiY29kSnBSRnIrTjZ0OG15a3lVY2YyTnd2eUQzRFVCckV6N1RtVk9BYnJyZkhSaVNRVndXQ05OanZ1RW9ybHBuSG94UVZzQXluRStidkRyMklSKzFWSmhyb3YiLCJtYWMiOiJhODA2NTU4NmFmZWYwYjY2ZmQ5NDk2NTE2Mjg3NDMyMmQ0NjE5YzdmNjM2NWIyNWRiZDFmZTViZWI5YWQ3ZGI5IiwidGFnIjoiIn0%3D; _ga_GGDCMPL4QP=GS1.1.1735620647.1.0.1735620647.0.0.0; _ga=GA1.1.1564279676.1735620648
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 31 Dec 2024 04:50:47 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yc39eRoMQDhZL2gg7OBpP3BF6bCsXAMdRF1Hq0bBAKNFpeFz017QnUBlIGZojWpOn6d1u1FJOCqVLaWQuayfTXoUIa35NFRhfa0qXApP%2FsPzWFssPC0fzCm9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a698885fb512-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4224&min_rtt=1391&rtt_var=2545&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4300&recv_bytes=3359&delivery_rate=457669&cwnd=12000&unsent_bytes=0&cid=40d04e63e40b1722&ts=2059&x=1", cfExtPri, cfHdrFlush;dur=0

GET rvisofoseveralyear.com/popunder.gif

104.21.32.1

200 OK

58 B

URL GET
rvisofoseveralyear.com/popunder.gif
IP
104.21.32.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectrvisofoseveralyear.com
Fingerprint8C:A7:F3:B6:0B:62:C3:5C:53:3B:59:B3:A6:41:30:07:22:A0:0D:D3
ValidityFri, 08 Nov 2024 08:12:55 GMT - Thu, 06 Feb 2025 08:12:54 GMT

File type
GIF image data, version 89a, 1 x 1
Size
58 B (58 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: rvisofoseveralyear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: image/gif
content-length: 58
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXdF9SrFKEKAFHEmix49O3j%2FlyITh%2BVwq0eydxAy8z2O%2BQL7gSkP1pL5wpfnLRdkKhmWkECODnltFcQwKuHirqs%2BMuMWR8OqWG%2FuhCW3Kw7dkqj7Op2IcsarrZO2bFG5ezNwHYcbFj20"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
cf-cache-status: HIT
age: 47711
last-modified: Mon, 30 Dec 2024 15:35:36 GMT
accept-ranges: bytes
cf-ray: 8fa7a6991e96b4ff-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

POST cety.app/cdn-cgi/challenge-platform/h/b/jsd/r/8fa7a681eb2fb4f1

104.26.7.238

200 OK

0 B

URL POST HTTP/3
cety.app/cdn-cgi/challenge-platform/h/b/jsd/r/8fa7a681eb2fb4f1
IP
104.26.7.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcety.app
Fingerprint2F:22:43:8E:D4:C5:1B:EB:6E:80:BA:82:9A:13:27:56:6D:7B:D8:1C
ValiditySat, 07 Dec 2024 01:51:21 GMT - Fri, 07 Mar 2025 01:51:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8fa7a681eb2fb4f1 HTTP/1.1
Host: cety.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12131
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Referer: https://cety.app/5FoV6IO
Cookie: origin=cuty; XSRF-TOKEN=eyJpdiI6ImNacC9adTFGRC9pbC9kYWlKbnpEdGc9PSIsInZhbHVlIjoiekFWVzJFYTV0TlZyOHpyaUQza3FZQ3ZjWFhOQmQzVC92aHg5aDdmSnZkRmJXd1o4TDRoaUxBRDlEMVRDUjNyUEFxUWJ2eHFvU295UC9DMWZPNEJMRVYvWlFUOFlsbE5BVUJkeDZOMm15MWZleWZrbVNjMkU2OStvNUlkUE9BcW0iLCJtYWMiOiI2ZDAyZDA1OWE4ZDc1Y2UwYTYxZjVlM2JmMDU5YjJjNmQ0Y2NiNmM0MzRmMzBhMzYwZDk4NjEyYzA2MGU5MGQ5IiwidGFnIjoiIn0%3D; cutyio_session=eyJpdiI6ImROdTNQKzAzdlc2bmI3V1E1SGJoUnc9PSIsInZhbHVlIjoib2hBTWlvYzhBWGl5UzdudnU0MDdkSlcrcVExU094Y0p1VlpuRDFiY29kSnBSRnIrTjZ0OG15a3lVY2YyTnd2eUQzRFVCckV6N1RtVk9BYnJyZkhSaVNRVndXQ05OanZ1RW9ybHBuSG94UVZzQXluRStidkRyMklSKzFWSmhyb3YiLCJtYWMiOiJhODA2NTU4NmFmZWYwYjY2ZmQ5NDk2NTE2Mjg3NDMyMmQ0NjE5YzdmNjM2NWIyNWRiZDFmZTViZWI5YWQ3ZGI5IiwidGFnIjoiIn0%3D; _ga_GGDCMPL4QP=GS1.1.1735620647.1.0.1735620647.0.0.0; _ga=GA1.1.1564279676.1735620648
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
priority: u=3,i=?0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.cety.app; Priority=High; HttpOnly; Secure; SameSite=None
cf_clearance=ftG2ZsrzYlOgMmdcFIhkTe_zx4QcVdoUG9KVLn5zDXk-1735620648-1.2.1.1-E25u5aJ9QOTtlhicSXORA8eWFJPGC3V28TcTTro0jxSWKfofGp.xI034Xg4_OYVXbMhNpmDj.w4pIi6tNDlOxd7VosA23U4bZzZh2TsZBfJDLAksATJeqVRfk1U8zg767N9myeHOWXQRZu5ipplB7zhZ8oBLHTnBaWjn9lthGwlXJNqeUDbQKl_AzmxVubDuoJOj5jHBeMAs2.lYuIseWE_pYpDQSm0xczTocK6GM_3cpuIwbmjZuL.LasMIKvA5Px0.c0x7A1UOLitE1n3kV0c8T29Gf2bwg1W4jYvcBkXk7yKIhtXPGGd8hf8Jt_Rav3dECL9F9erpEzCdRVXeyA; Path=/; Expires=Wed, 31-Dec-25 04:50:48 GMT; Domain=.cety.app; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNBnve3Cv5dW0cyNPnqjD%2FpGN4jw6lUyeMkcr3xWSMRUieGjfgh5WG0GiGFC%2FHbwIit%2BFbM7L3Ri6steo8%2BgK%2F9NioQ7%2BGn8Pr7BK5uZ%2FXB%2B5XwhOaInHSDy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a69a08e5b512-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3572&min_rtt=1262&rtt_var=2574&sent=23&recv=22&lost=0&retrans=0&sent_bytes=9917&recv_bytes=17849&delivery_rate=710582&cwnd=12000&unsent_bytes=0&cid=40d04e63e40b1722&ts=2301&x=1", cfExtPri, cfHdrFlush;dur=0

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js

104.26.4.26

302 Found

46 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
data
Size
46 kB (45703 bytes)
Hash
930c30f08fecc9eb825b175dc476f1ea
aaef68ed482857403ecddecc21422fbaf5da64e3
896f666fb80553118f9c76a14389eca1a6e4d513c483830cc42b64c3df34fe23

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nub4DM%2F%2BEEFeCJUkZ7J%2FZP3JVai0c%2BYn06LGLOvB7Ba%2BBk%2FJU%2Bhclh47Lbz20MBRRqCH6GporxNtkQx%2BTpLgiJk9vaeGqNKR7M78lHCpI26IaX9%2BgKsBkUntsXI0OrH%2FWrg7zoPt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a6990ca256c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5172&min_rtt=356&rtt_var=8654&sent=301&recv=129&lost=0&retrans=0&sent_bytes=371743&recv_bytes=3297&delivery_rate=103180144&cwnd=210&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1421&x=0"
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

64.233.164.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:g_5PorIwF3r4uJgcAfCvBQICC0wbOQ:cUZWi2IoyL_uLyZc; Expires=Thu, 31-Dec-2026 04:50:48 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Dec 2024 04:50:48 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9_-5BCg8qkXaiDqKsWiwy1pJ9jMUThTCG0tKNZopdFyiyqvvphgBTdAXVtJdJXoBR-Uf59HXw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-4bh0RKfh70YgQpHRO0XNTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fstatic.netpub.media/renderer/prebid_241216.js

104.26.4.26

200 OK

262 kB

URL GET HTTP/2
fstatic.netpub.media/renderer/prebid_241216.js
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
gzip compressed data, from Unix
Size
262 kB (262143 bytes)
Hash
3c0c45b26426bc21fbff2b2e3f2070be
82239b544875738e7eb516a6b581807120184a42
2150120d10859ee2163c8aa2eaddfa8e924acf086f2c22f32ef4f2e6f66fd46c

HTTP Headers

GET /renderer/prebid_241216.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 13:41:12 GMT
cache-control: max-age=14400
expires: Tue, 31 Dec 2024 04:50:46 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6C%2B0nGI4UGiJuncWx2IfZvyrB4KyKrag9wMhusleOgkHn8mjkmXIx82%2FxOWw%2BkN0NQpBo0LsW%2BOkyF39DcarB9aVZMOQA5FpxFg6xxMmsPDdzNYx7LXgaVphMH6EhHkUd7vuuRHF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a6933a6756c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=711&min_rtt=356&rtt_var=310&sent=126&recv=53&lost=0&retrans=0&sent_bytes=147687&recv_bytes=2266&delivery_rate=77374045&cwnd=256&unsent_bytes=0&cid=d5ad0187b82cf742&ts=463&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js

104.26.4.26

302 Found

267 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
data
Size
267 kB (266585 bytes)
Hash
4735353cf6d3f76367cb019f6a6aa11d
619046b2995d1a165e05942b204eee08e2d926b5
c2213ff4629894e029e4f2752ae32b8e5d29e9fb731ca15c0935f47c83e75539

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hof8qU962DRZO9c3B1stoFYzEVrkClYnifsrCIsR47uOOQAQ2EO6L7dFDEjb7cncmgK5KlV4hqfAMB16VFlUULWMVmHxpo9Ql5BFFjZKq%2BJErjD7V%2FIwd3VIrFDRv7aULotVPoHx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a6990ca156c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5172&min_rtt=356&rtt_var=8654&sent=299&recv=129&lost=0&retrans=0&sent_bytes=370904&recv_bytes=3297&delivery_rate=103180144&cwnd=210&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1420&x=0"
X-Firefox-Spdy: h2

GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP98lc169LqrZ_fILgh3vMP6OsB_s-jH5LrSdJkgOeZfCKWxBsCzd8p3lceWBevJWjWc8XE_vfQ

64.233.164.84

302 Found

422 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP98lc169LqrZ_fILgh3vMP6OsB_s-jH5LrSdJkgOeZfCKWxBsCzd8p3lceWBevJWjWc8XE_vfQ
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type
HTML document, ASCII text, with very long lines (391)
Size
422 B (422 bytes)
Hash
cab774b28cd5d7380a37d2baf324e4f5
0e9bcd510ed29313cfd8f3019fc4883ccd01f5bc
92cddf5e54902604522c9a8128f8b54ddcbc81538b60b76c6fa0a1585962b232

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP98lc169LqrZ_fILgh3vMP6OsB_s-jH5LrSdJkgOeZfCKWxBsCzd8p3lceWBevJWjWc8XE_vfQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:h9U9fLi0HGJwpcUimII09ww_UN6BTg:KsOJZuOvbRs9tzBY;Path=/;Expires=Thu, 31-Dec-2026 04:50:48 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Dec 2024 04:50:48 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_uNl6Op-RYlAypWCqVzfB38mXwBF2WwOgXwFSzr-Wp2SFGkFUPEB9FAHlXdu-1zZQ6d5GnRg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1995849475%3A1735620648435044&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-t_RbwJJlJobKdU3Jg6KasA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 422
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9_-5BCg8qkXaiDqKsWiwy1pJ9jMUThTCG0tKNZopdFyiyqvvphgBTdAXVtJdJXoBR-Uf59HXw

64.233.164.84

302 Found

425 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9_-5BCg8qkXaiDqKsWiwy1pJ9jMUThTCG0tKNZopdFyiyqvvphgBTdAXVtJdJXoBR-Uf59HXw
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type
HTML document, ASCII text, with very long lines (394)
Size
425 B (425 bytes)
Hash
19df862d8007edaaed61af09fc2d81ac
c4eb6586c71dbb7948c13fa34cdccf34f285d792
dcd6538cb7e9ddf095c0432647a1845f507891c4e58b6e2e6c04d23fe10307eb

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AeZLP9_-5BCg8qkXaiDqKsWiwy1pJ9jMUThTCG0tKNZopdFyiyqvvphgBTdAXVtJdJXoBR-Uf59HXw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:vV9q9r92A6L4nZ7U0nXboxBqNCGWeg:177y7Nku66pBQ8t2;Path=/;Expires=Thu, 31-Dec-2026 04:50:48 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Dec 2024 04:50:48 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-Nqo46vJ4g6RbkZ1SCAQ1TPk5ENIExWuVoXLupc4etyC_IAJQjVL9q-JCmOOO32HkW5AqANw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-116732969%3A1735620648461914&ddm=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-UZhng9TMMw7oYGcyfs_P7A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_uNl6Op-RYlAypWCqVzfB38mXwBF2WwOgXwFSzr-Wp2SFGkFUPEB9FAHlXdu-1zZQ6d5GnRg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1995849475%3A1735620648435044&ddm=1

64.233.164.84

403 Forbidden

813 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_uNl6Op-RYlAypWCqVzfB38mXwBF2WwOgXwFSzr-Wp2SFGkFUPEB9FAHlXdu-1zZQ6d5GnRg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1995849475%3A1735620648435044&ddm=1
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint36:7C:F6:D0:DA:DB:45:E1:80:A6:76:D2:C1:A5:38:1A:0B:8D:99:4E
ValidityMon, 02 Dec 2024 08:35:57 GMT - Mon, 24 Feb 2025 08:35:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1654), with no line terminators
Size
813 B (813 bytes)
Hash
617da6de38994e16594bb1d39676abc6
004d1f58150dcdce26f372bd59c28b9b6f3404a5
988b0c14ca89d33aa3443c2101ebad5a6542b1e07b95691e41c88acbad7d4c20

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9_uNl6Op-RYlAypWCqVzfB38mXwBF2WwOgXwFSzr-Wp2SFGkFUPEB9FAHlXdu-1zZQ6d5GnRg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1995849475%3A1735620648435044&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Dec 2024 04:50:48 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-5FegS8cRUapGogBLMcjU7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.1PNB2j8wR4U.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-Nqo46vJ4g6RbkZ1SCAQ1TPk5ENIExWuVoXLupc4etyC_IAJQjVL9q-JCmOOO32HkW5AqANw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-116732969%3A1735620648461914&ddm=1

64.233.164.84

403 Forbidden

813 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-Nqo46vJ4g6RbkZ1SCAQ1TPk5ENIExWuVoXLupc4etyC_IAJQjVL9q-JCmOOO32HkW5AqANw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-116732969%3A1735620648461914&ddm=1
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint36:7C:F6:D0:DA:DB:45:E1:80:A6:76:D2:C1:A5:38:1A:0B:8D:99:4E
ValidityMon, 02 Dec 2024 08:35:57 GMT - Mon, 24 Feb 2025 08:35:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1654), with no line terminators
Size
813 B (813 bytes)
Hash
3927f75aab65b2d60d55da5eb63e95da
173fd65654165a669ebc685d822918988aa6f034
e45082ee0328673aeaab07335798b4471ea2b0144345b91cee8ca6b21f903562

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AeZLP9-Nqo46vJ4g6RbkZ1SCAQ1TPk5ENIExWuVoXLupc4etyC_IAJQjVL9q-JCmOOO32HkW5AqANw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-116732969%3A1735620648461914&ddm=1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Dec 2024 04:50:48 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-NWWYP32xzRvtw7nS4ftS0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.google.com/recaptcha/api.js https://translate.google.com/translate_a/element.js https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.1PNB2j8wR4U.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET onetag-sys.com/usync/?pubId=59a18369e249bfb

51.38.120.206

204 No Content

0 B

URL GET HTTP/2
onetag-sys.com/usync/?pubId=59a18369e249bfb
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?pubId=59a18369e249bfb HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

GET id.a-mx.com/sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://cety.app/5FoV6IO&tl=https://cety.app/5FoV6IO&nf=0&rt=true&v=8.52.2&av=2.0&vg=pbjs_broly241216&us_privacy=null&am=null&gdpr=0&gdpr_consent=

79.127.227.46

200 OK

66 B

URL GET HTTP/1.1
id.a-mx.com/sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://cety.app/5FoV6IO&tl=https://cety.app/5FoV6IO&nf=0&rt=true&v=8.52.2&av=2.0&vg=pbjs_broly241216&us_privacy=null&am=null&gdpr=0&gdpr_consent=
IP
79.127.227.46:443
ASN
#60068 Datacamp Limited

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerSectigo Limited
Subjectid.a-mx.com
Fingerprint80:DE:0D:11:57:5C:17:6D:06:7D:EA:45:FA:0C:4B:4F:04:49:4B:B4
ValidityMon, 11 Nov 2024 00:00:00 GMT - Thu, 11 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
66 B (66 bytes)
Hash
d608567ad7b1496533437e2c7ec7bae0
d8b3c43b5524ac8db8b2cb3bbeb93fd12058b5ac
44ebf04c15e233039e2e4cafd5fdd4a35b073a07831e36a3f18c49dba6ab0207

HTTP Headers

GET /sync/?tagId=bmV0cHViLmNvbQ&ref=null&u=https://cety.app/5FoV6IO&tl=https://cety.app/5FoV6IO&nf=0&rt=true&v=8.52.2&av=2.0&vg=pbjs_broly241216&us_privacy=null&am=null&gdpr=0&gdpr_consent= HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Tue, 31 Dec 2024 04:50:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://cety.app
content-type: application/json
content-length: 66

GET onetag-sys.com/usync/?cb=1735620647836

51.38.120.206

204 No Content

0 B

URL GET HTTP/2
onetag-sys.com/usync/?cb=1735620647836
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?cb=1735620647836 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

GET prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=

163.5.194.35

204 No Content

0 B

URL GET HTTP/2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
IP
163.5.194.35:443
ASN
#49981 WorldStream B.V.

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintF6:CA:E4:50:A9:EB:AE:5B:B9:27:67:8E:B6:95:3F:FC:62:FC:94:3B
ValidityFri, 01 Nov 2024 10:42:56 GMT - Thu, 30 Jan 2025 10:42:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Tue, 31 Dec 2024 04:50:50 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

GET onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

51.38.120.206

204 No Content

0 B

URL GET HTTP/2
onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://csync.smilewanted.com/
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?pubId=7f5d22b0006ab5a HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

POST prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#49981 WorldStream B.V.

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintF6:CA:E4:50:A9:EB:AE:5B:B9:27:67:8E:B6:95:3F:FC:62:FC:94:3B
ValidityFri, 01 Nov 2024 10:42:56 GMT - Thu, 30 Jan 2025 10:42:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1462
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://cety.app
cache-control: max-age=0, private, must-revalidate
date: Tue, 31 Dec 2024 04:51:09 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

POST prebid.smilewanted.com/

104.22.30.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 435
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Cookie: sw_user_params_infos=eFCcyhd%2BLLLnf7KPtUVBDOZH%2BMXU1jPhB6ifcsKRYNCaHhqOhwISJHbqPt2mH9b57rjfL%2Felv%2BddYeQLTurYh85zKRM7Ic%2F4s9HHSZyWpKrWzugrDE2KrInv8VlH%2FXI%2BBztJOvIjy7ABhlWIpoHomQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:51:10 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a7244ef7712f-OSL
X-Firefox-Spdy: h2

POST onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1950
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://cety.app
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

GET cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531

104.26.7.56

200 OK

9.5 kB

URL GET HTTP/2
cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
ASCII text, with very long lines (52547)
Size
9.5 kB (9504 bytes)
Hash
a66d1b3f490ee5b9c79bc9f7135b2531
dec1f851c99a7b3bedfc5eab237653e936492542
c6d2443a652a5a4d0ec21c76ab36874b2da6a67edefda281ba35875e82bb7f78

HTTP Headers

GET /css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: text/css
last-modified: Wed, 28 Dec 2022 14:22:02 GMT
vary: Accept-Encoding
etag: W/"63ac510a-cd44"
expires: Wed, 29 Oct 2025 05:03:46 GMT
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 2766432
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCJnPMG5cWNesupNNJsyzo2P6AWVdc8SkEPoWT2RcrKmSPbt2JoKGk4CLhiuoA%2FpbhhpvMBId3WvTr7Gw%2FjweACSOrp%2F%2FD39QIBDqqEJco8K7iRtefS8oL3IIWuY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ab07131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=10&recv=27&lost=0&retrans=0&sent_bytes=3185&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=77&x=0"
X-Firefox-Spdy: h2

ad.360yield.com/2447/pb

52.29.174.68

204 No Content

0 B

URL
ad.360yield.com/2447/pb
IP
52.29.174.68:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /2447/pb HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 974
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:51:10 GMT
access-control-allow-origin: https://cety.app
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-credentials: true
X-Firefox-Spdy: h2

ad.360yield.com/2447/pb

52.29.174.68

204 No Content

0 B

URL
ad.360yield.com/2447/pb
IP
52.29.174.68:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /2447/pb HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 976
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:51:10 GMT
access-control-allow-origin: https://cety.app
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-credentials: true
X-Firefox-Spdy: h2

POST prebid.smilewanted.com/

104.22.30.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 435
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Cookie: sw_user_params_infos=eFCcyhd%2BLLLnf7KPtUVBDOZH%2BMXU1jPhB6ifcsKRYNCaHhqOhwISJHbqPt2mH9b57rjfL%2Felv%2BddYeQLTurYh85zKRM7Ic%2F4s9HHSZyWpKrWzugrDE2KrInv8VlH%2FXI%2BBztJOvIjy7ABhlWIpoHomQ%3D%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Tue, 31 Dec 2024 04:51:10 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a724ff28712f-OSL
X-Firefox-Spdy: h2

POST onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1952
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://cety.app
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

pbjs.e-planning.net/pbjs/1/bd3d2/1/cety.app/ROS?rnd=0.9722138743497943&e=300x250_0%3A300x250%2C200x200%2C250x250%2C336x280%7C0.05&ur=https%3A%2F%2Fcety.app%2F5FoV6IO&pbv=8.52.2&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fcety.app%2F5FoV6IO&e_amxId=amx*r*9a8cfcf6-32c2-4f52-b803-35407ecd2c54

193.3.178.4

200 OK

2 B

URL
pbjs.e-planning.net/pbjs/1/bd3d2/1/cety.app/ROS?rnd=0.9722138743497943&e=300x250_0%3A300x250%2C200x200%2C250x250%2C336x280%7C0.05&ur=https%3A%2F%2Fcety.app%2F5FoV6IO&pbv=8.52.2&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fcety.app%2F5FoV6IO&e_amxId=amx*r*9a8cfcf6-32c2-4f52-b803-35407ecd2c54
IP
193.3.178.4:0
ASN
#399668 E-PLANNING

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /pbjs/1/bd3d2/1/cety.app/ROS?rnd=0.9722138743497943&e=300x250_0%3A300x250%2C200x200%2C250x250%2C336x280%7C0.05&ur=https%3A%2F%2Fcety.app%2F5FoV6IO&pbv=8.52.2&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fcety.app%2F5FoV6IO&e_amxId=amx*r*9a8cfcf6-32c2-4f52-b803-35407ecd2c54 HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Tue, 31 Dec 2024 04:51:10 GMT
content-type: text/plain
access-control-allow-credentials: true
access-control-allow-origin: https://cety.app
content-length: 2
x-sid: AMS-937
X-Firefox-Spdy: h2

hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageReferrer=https%3A%2F%2Fcety.app%2F5FoV6IO&CanonicalUrl=https%3A%2F%2Fcety.app%2F5FoV6IO

185.255.84.150

200 OK

181 B

URL
hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageReferrer=https%3A%2F%2Fcety.app%2F5FoV6IO&CanonicalUrl=https%3A%2F%2Fcety.app%2F5FoV6IO
IP
185.255.84.150:0
ASN
#200271 Iguane Solutions SAS

File type
JSON text data
Size
181 B (181 bytes)
Hash
f0b268cf776e038e75610e7b9f97ac22
0a67332cdb5df22eebc528376e2add78eca677e7
3d7ee57f9f49e71aa767e7a4ed8191670441959eb69e30478670d10ee78aafd4

HTTP Headers

POST /hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageReferrer=https%3A%2F%2Fcety.app%2F5FoV6IO&CanonicalUrl=https%3A%2F%2Fcety.app%2F5FoV6IO HTTP/1.1
Host: hb-api.omnitagjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 831
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://cety.app
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=a9dba250fff2cb697b154db0ab002be2; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 31 Dec 2024 04:51:10 GMT
content-length: 181
x-envoy-upstream-service-time: 21
server: ayl-lb-fra02
X-Firefox-Spdy: h2

GET cdn.cuty.io/js/layouts/base.js?id=c9af373408ef250e890e1cfc6dee6e27

104.26.7.56

200 OK

38 kB

URL GET HTTP/2
cdn.cuty.io/js/layouts/base.js?id=c9af373408ef250e890e1cfc6dee6e27
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
gzip compressed data, from Unix
Size
38 kB (38038 bytes)
Hash
4bbd1ac2300c2e03c3a30be57afab000
2a79a01e3c94644bfdc355c04e4f5e4838cdbf2b
ee94ce082cf58ae4ddce9de6a2a953fb89fe0b709edd65274a40f59a64b5888a

HTTP Headers

GET /js/layouts/base.js?id=c9af373408ef250e890e1cfc6dee6e27 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 12:18:28 GMT
vary: Accept-Encoding
etag: W/"67485f94-19eb9"
expires: Fri, 28 Nov 2025 12:18:30 GMT
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 2824333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19rQ%2FEStV26%2FqkaBBn9mlOl7SYXIIN4vxe3sl8NBVUM6JRP5vSsjD%2BOMvAnPJuo%2B%2FBLsKPRxOHbFnSEgLjmHA3NcAKhzoJDZzZ0tMYsob1751px1oi33UE6OdaNi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68ecadb7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3561&min_rtt=381&rtt_var=5681&sent=421&recv=156&lost=0&retrans=1&sent_bytes=554300&recv_bytes=3245&delivery_rate=85827915&cwnd=220&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=147&x=0"
X-Firefox-Spdy: h2

185.255.84.150

200 OK

180 B

URL
hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageReferrer=https%3A%2F%2Fcety.app%2F5FoV6IO&CanonicalUrl=https%3A%2F%2Fcety.app%2F5FoV6IO
IP
185.255.84.150:0
ASN
#200271 Iguane Solutions SAS

File type
JSON text data
Size
180 B (180 bytes)
Hash
58c00c6669c2cf732da9886afcfab4f2
dfefbf09dc2a6972e93d02afbd62589e4f4b070f
bdf6ecbbc56c88842591c9adf09ac8a25a41d279b78e09993ba710cc07e798ef

HTTP Headers

POST /hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageUrl=https%3A%2F%2Fcety.app%2F5FoV6IO&PageReferrer=https%3A%2F%2Fcety.app%2F5FoV6IO&CanonicalUrl=https%3A%2F%2Fcety.app%2F5FoV6IO HTTP/1.1
Host: hb-api.omnitagjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 830
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://cety.app
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=1f2d1a285c6060dd1fa318243aa2f657; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Tue, 31 Dec 2024 04:51:10 GMT
content-length: 180
x-envoy-upstream-service-time: 29
server: ayl-lb-fra02
X-Firefox-Spdy: h2

POST cety.app/cdn-cgi/rum?

104.26.7.238

204 No Content

0 B

URL POST HTTP/3
cety.app/cdn-cgi/rum?
IP
104.26.7.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcety.app
Fingerprint2F:22:43:8E:D4:C5:1B:EB:6E:80:BA:82:9A:13:27:56:6D:7B:D8:1C
ValiditySat, 07 Dec 2024 01:51:21 GMT - Fri, 07 Mar 2025 01:51:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: cety.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 813
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Tue, 31 Dec 2024 04:51:10 GMT
access-control-allow-origin: https://cety.app
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8fa7a727cb8cb512-OSL
x-frame-options: DENY
x-content-type-options: nosniff

GET www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

142.250.74.131

200 OK

560 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type

Size
560 kB (560258 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220882
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Dec 2024 03:27:51 GMT
expires: Wed, 31 Dec 2025 03:27:51 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 4977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf

104.26.4.26

200 OK

213 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (57271)
Size
213 kB (212713 bytes)
Hash
9a054791207bd9bf786a5e3f333efd08
030e3d0b5801c13276dd8d5391fb18846b81b902
e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 15:44:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwV3g36ShI4VBchaS9D%2F2i0RJIuM7b%2FvFaaJonZq8BbfHvCnCAzvGCeBlExESKHgRmdAsRR9zTuNHAluaPUXDvYT5%2F2Q4bWqkk%2FAky0cmHO7d8v27ERySI8ZCyb9VEQHxFiItw1m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a69a0cef56c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2527&min_rtt=346&rtt_var=4139&sent=307&recv=139&lost=0&retrans=0&sent_bytes=373391&recv_bytes=3797&delivery_rate=103180144&cwnd=208&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1557&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/step-3.svg

104.26.7.56

200 OK

1.1 kB

URL GET HTTP/2
cdn.cuty.io/images/public/step-3.svg
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1115 bytes)
Hash
7183e196f55e65ce79742695036c23cd
a9e0fac30a2daa48fa55286152e4ddd1e16fa512
c4f5a911c7f89b1da640b9eba806fdf5ee40d0163702817838bf6409f16f5525

HTTP Headers

GET /images/public/step-3.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/svg+xml
last-modified: Thu, 28 Nov 2024 12:18:28 GMT
etag: W/"67485f94-45b"
expires: Sat, 29 Nov 2025 02:02:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 875991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0r9%2FUKDud9ZXAJTSj%2BNkS3m4AqSSOHCyZcXADt1rcDTPpKqs6sF5rsxPZrPPIaPUiVvgx3R5ihaLIuKwfhACtXaAR1O5zGOUTslFuQWRmh58UPuNTfY2sZhhG4I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68e5abc7131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=82&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf

104.26.4.26

200 OK

213 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (57271)
Size
213 kB (212713 bytes)
Hash
9a054791207bd9bf786a5e3f333efd08
030e3d0b5801c13276dd8d5391fb18846b81b902
e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 15:44:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrKMdga6FcxvjwUrAI6gXKA58sNY1Ba1JKGHVDsxuyVy2IBtlaUiIWiKzIZs9MgLw4ngKqO1R6tJCB1ssJEaNfKGQZer%2BOm%2B1zTedNE%2FRHpoPYvw%2B5fuReqRACEPVGzr5s8u2Tl3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a69a1cf556c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=977&min_rtt=346&rtt_var=582&sent=375&recv=152&lost=0&retrans=0&sent_bytes=465474&recv_bytes=3797&delivery_rate=103180144&cwnd=214&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1558&x=0"
X-Firefox-Spdy: h2

GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

64.233.164.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
64.233.164.84:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint69:38:7E:29:3C:FF:37:1E:96:50:B5:FA:A1:F2:98:30:3B:BE:E6:8D
ValidityMon, 02 Dec 2024 08:37:47 GMT - Mon, 24 Feb 2025 08:37:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Sj8Wmyr3VdPOTrnXRMuuUikxY3RU2A:_G3N1xqPf4logYtt; Expires=Thu, 31-Dec-2026 04:50:48 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Dec 2024 04:50:48 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AeZLP98lc169LqrZ_fILgh3vMP6OsB_s-jH5LrSdJkgOeZfCKWxBsCzd8p3lceWBevJWjWc8XE_vfQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-en0f8GwE3T4iyXRBghZbiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST rvisofoseveralyear.com/Q2VMUDlsWi8jBA4iHmBvBFEJCHwBDRQRUScxCwJYAlQCFGByXWokUCdYfWABcFB/Zx8zDChtCGUWODFNNhZxYwlzVGo5VyUKcWAJc1RqJgRyS39kF3BTYmQfNlh9aQl3XHxmCnRQe2ILdVZ5dk0zBCttCGUVOCRVflR7Ywx1V3xmDXtdfGA

104.21.32.1

204 No Content

0 B

URL POST HTTP/3
rvisofoseveralyear.com/Q2VMUDlsWi8jBA4iHmBvBFEJCHwBDRQRUScxCwJYAlQCFGByXWokUCdYfWABcFB/Zx8zDChtCGUWODFNNhZxYwlzVGo5VyUKcWAJc1RqJgRyS39kF3BTYmQfNlh9aQl3XHxmCnRQe2ILdVZ5dk0zBCttCGUVOCRVflR7Ywx1V3xmDXtdfGA
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectrvisofoseveralyear.com
Fingerprint8C:A7:F3:B6:0B:62:C3:5C:53:3B:59:B3:A6:41:30:07:22:A0:0D:D3
ValidityFri, 08 Nov 2024 08:12:55 GMT - Thu, 06 Feb 2025 08:12:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /Q2VMUDlsWi8jBA4iHmBvBFEJCHwBDRQRUScxCwJYAlQCFGByXWokUCdYfWABcFB/Zx8zDChtCGUWODFNNhZxYwlzVGo5VyUKcWAJc1RqJgRyS39kF3BTYmQfNlh9aQl3XHxmCnRQe2ILdVZ5dk0zBCttCGUVOCRVflR7Ywx1V3xmDXtdfGA HTTP/1.1
Host: rvisofoseveralyear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
date: Tue, 31 Dec 2024 04:50:48 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0xFHXJ7uTPylHLzYruOJDkOc%2FchK3htCXjfszMQ6VbnAQOOVo4dcOvzfet96J4TGz%2Fp8NwETIXsL2kvo5Cz5CpKlZ43N4jFRc27%2BbwGlPYzFP09tIiWM6Yk1ZzlJxKpcSAbZkq96xBO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8fa7a69f2e97b4ff-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

GET cdn.cuty.io/images/shared/arrow-down.svg

104.26.7.56

200 OK

220 B

URL GET HTTP/2
cdn.cuty.io/images/shared/arrow-down.svg
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
SVG Scalable Vector Graphics image
Size
220 B (220 bytes)
Hash
c3e833f5fa7b1a4f2827058cdba8c3ab
09822f9d135ca26e8ddbbb5814b43da1f330906d
415fd6c9065ac04a741d6a02282eb772174831e47d035b8b1f3be240026f46a6

HTTP Headers

GET /images/shared/arrow-down.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/svg+xml
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
etag: W/"669cb8d1-dc"
expires: Tue, 11 Nov 2025 03:28:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3189186
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ob4KZ6CEPut73MZG6OH3K0Hd7myH9hH4bsdOy17%2FEAx9%2Fyhz7fr4sw%2FDDZDLpPenU%2Ft%2BHrk50221iT8YvE6Fveah25ZcbOpsOCxa5ivyyiim1oRihpqufEhUBSNK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68ecad77131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6371&min_rtt=381&rtt_var=10435&sent=334&recv=151&lost=0&retrans=1&sent_bytes=443363&recv_bytes=3245&delivery_rate=85827915&cwnd=220&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=145&x=0"
X-Firefox-Spdy: h2

GET static.smilewanted.com/js/decode_consent/decode_consent.js

104.22.30.209

200 OK

50 kB

URL GET HTTP/2
static.smilewanted.com/js/decode_consent/decode_consent.js
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://csync.smilewanted.com/
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type
JavaScript source, ASCII text, with very long lines (49614), with no line terminators
Size
50 kB (49614 bytes)
Hash
00ff8001302d3748ba139466fc3910c1
8210e702fe525e6cddc84758ec51e96a4d703186
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

HTTP Headers

GET /js/decode_consent/decode_consent.js HTTP/1.1
Host: static.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:51 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
etag: W/"607873db-c1ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1133673
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a6b12862712f-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/step-2.svg

104.26.7.56

200 OK

1.5 kB

URL GET HTTP/2
cdn.cuty.io/images/public/step-2.svg
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1543 bytes)
Hash
8c5c449a625ae15af38b7d406e452c50
824a94b8f13755d497a2ff2623d0b81cae675247
9c9ccc56d3f951a187a16f2333b0d2a63aefcb2550e6ed82d385948759f34217

HTTP Headers

GET /images/public/step-2.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/svg+xml
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
etag: W/"669cb8d1-607"
expires: Thu, 31 Jul 2025 08:17:43 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 13206778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lFm1h6b4R80tT9ZIKh7dBA06FavMUgMgFtJKfrEduCIKFYjLAttci9WsNhIAXNKypUxLMTPt85Ed%2FCUYU6V%2FRBSuM4t7XYppXl2ex1yrYHJ%2ByPJYXiQpHc78Uoq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68e5abb7131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=81&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf

104.26.4.26

200 OK

213 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (57271)
Size
213 kB (212713 bytes)
Hash
9a054791207bd9bf786a5e3f333efd08
030e3d0b5801c13276dd8d5391fb18846b81b902
e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 15:44:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYbSb%2BB%2F%2B%2FK0h%2BRDSbyxv%2FD3YSzhfD%2Bjet%2Bm%2FTWAK3pA3La68ABHiDIijJmzrTkHL9wA8wk97QeF6%2F%2FYLewcH61bz4yeqNlD21RbXECrRST1Lzk5m1HMh6rt3Tn3IlL%2FcZp2wiIw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a691a9d556c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6493&min_rtt=356&rtt_var=11492&sent=19&recv=22&lost=0&retrans=0&sent_bytes=8020&recv_bytes=2097&delivery_rate=32494&cwnd=256&unsent_bytes=0&cid=d5ad0187b82cf742&ts=217&x=0"
X-Firefox-Spdy: h2

GET script.4dex.io/localstore.js

104.26.9.169

200 OK

1.4 kB

URL GET HTTP/1.1
script.4dex.io/localstore.js
IP
104.26.9.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectscript.4dex.io
Fingerprint1A:5F:2D:98:DC:81:4F:BD:35:D7:07:8B:67:60:E7:47:B3:27:27:B5
ValidityWed, 20 Nov 2024 00:00:47 GMT - Tue, 18 Feb 2025 01:00:45 GMT

File type
JavaScript source, ASCII text, with very long lines (1399), with no line terminators
Size
1.4 kB (1372 bytes)
Hash
79b9f473d3138aa171cf9b308f739b26
ad6f2a3f4241c805f295ade4b417a99c2fdc5629
4cae8615d251cd5de05107598c705ae3887136bb2198ecf5b08f3455b0e2cd1f

HTTP Headers

GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Dec 2024 04:50:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Last-Modified: Wed, 18 Dec 2024 16:59:11 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1079334
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNs6ZyT9WYmJd%2B%2FcyjZOvYVVciROYXAKaDQN4EbRp53R6SJHB0R2brwFK531I%2FEVEtju3kEeS6580OJeioTj28M06BIrJsV3FVBBs9KwJwitliyorsewdVA4IxiOBJU%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8fa7a694cda156a8-OSL
Content-Encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=480&min_rtt=454&rtt_var=137&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3102&recv_bytes=972&delivery_rate=7912568&cwnd=252&unsent_bytes=0&cid=ca89234a8b4200ee&ts=26&x=0"

GET cdn.cuty.io/images/shared/x.svg

104.26.7.56

200 OK

209 B

URL GET HTTP/2
cdn.cuty.io/images/shared/x.svg
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
SVG Scalable Vector Graphics image
Size
209 B (209 bytes)
Hash
3e1b70de2d8ba641caec6e9029002c3e
48b16f34f74be52a8327a2277318355d0f3b9c92
15b6092561584cbee1e5760429718329e67a6ad70a77da4e56f6adae0ed8e95f

HTTP Headers

GET /images/shared/x.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/svg+xml
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
etag: W/"669cb8d1-d1"
expires: Thu, 06 Nov 2025 04:26:21 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 3037158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkicxR5xfGzpxe9flST2Cmh%2Fm6qbOd5rgEk1sayBH8InGuzcBoL4Q7PusQVFoARLHdrkx6VDQEfWADWgwffIhqRv9MCYG2NDihnB3NK1BJwsxszUMtJbqTV1%2FHjV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68e5ab67131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=78&x=0"
X-Firefox-Spdy: h2

GET cuty.io/5FoV6IO

172.67.75.140

302 Found

52 kB

URL User Request GET HTTP/2
cuty.io/5FoV6IO
IP
172.67.75.140:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type

Size
52 kB (52100 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /5FoV6IO HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 31 Dec 2024 04:50:44 GMT
content-type: text/html; charset=UTF-8
location: https://cety.app/5FoV6IO
cache-control: must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: -1
x-frame-options: SAMEORIGIN, SAMEORIGIN
set-cookie: origin=cuty; expires=Tue, 02 Dec 2025 04:50:43 GMT; Max-Age=29030400; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6IkdkalgyQTQ2TnZPem1tT2JjbWZpM3c9PSIsInZhbHVlIjoiMG4xNTFjR3R4RzR1Tzc3ODNZNkd4RlpHTVdmTTVMTTgrbVpzNUZWRTAzR3FaOFFGZW9EMnk5cUVDR3Z6SW5qSVU2YzRiSituWENTMHJyam8xcitHNXJnOHJDRTVKaUg0TlU4cXlMZkhxSjNhRmFmNS9obVlWVnI0TTVXbUxhaysiLCJtYWMiOiIzNDQxYTM5YzIzZWFmOGNjOGM0M2E2M2QzYzU5MDYwZWIwNGUxODA2OWFmM2E0N2IzNzRkZTEwYTQ4ZGY1OWY4IiwidGFnIjoiIn0%3D; expires=Tue, 07 Jan 2025 04:50:43 GMT; Max-Age=604800; path=/; samesite=lax
cutyio_session=eyJpdiI6IlFlYzZzNGc2OVNUWGFrcVlSdUlIVmc9PSIsInZhbHVlIjoiQ0ZQMTh1bEJBS1dJaEh4SDk4Q1NGc3Jrd0hFc0ZJNnN1TFNXUksvQzNIS05mQS9DMkdZZGwrWjdabXg3OXFjSVdwSDB5dzllZi8zSk9BSjk1N2VBU1d0SG1qWmQyanIzZGplNkRJcHZGbk9RTFBkZDlMUFJWa2ZqT0t4aGRkeWYiLCJtYWMiOiI2MjY5YzYyZmZmNTg4Zjk4NWExZWJhMzUwZDMxMWE4NzJkY2FkMDlhMGUzNDkzMTkxNzY3NmQzY2JmNjU2OWU4IiwidGFnIjoiIn0%3D; expires=Tue, 07 Jan 2025 04:50:43 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNCGpnpn6ETvN924D9dCEtKmzP69mXr5eVIm76iZyeSuN5qZyntjelmAcQRZbqLWP72%2BvW7ELLTKvPdzMahRbi57J27gzdN4%2FV1n1v%2BWo1JCSj%2BEa%2BX2WWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a67b5b3ab524-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6274&min_rtt=480&rtt_var=11616&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3185&recv_bytes=1117&delivery_rate=7567944&cwnd=254&unsent_bytes=0&cid=a82b7c32d46876e2&ts=1019&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=feb56f52dc16955bcf984886eddb68b8

104.26.7.56

200 OK

3.0 kB

URL GET HTTP/2
cdn.cuty.io/js/public/layouts/_partials/nav-links.js?id=feb56f52dc16955bcf984886eddb68b8
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
JavaScript source, ASCII text, with very long lines (3042), with no line terminators
Size
3.0 kB (3042 bytes)
Hash
feb56f52dc16955bcf984886eddb68b8
5a09c88aa68e7539c9ed86642f32024cacaac616
2e06d31fc20688f3d0b3c9e380adfe1a78d5d8a3c151e0c393a87c841d13421d

HTTP Headers

GET /js/public/layouts/_partials/nav-links.js?id=feb56f52dc16955bcf984886eddb68b8 HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 12:18:27 GMT
vary: Accept-Encoding
etag: W/"67485f93-be2"
expires: Fri, 28 Nov 2025 13:34:21 GMT
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 961422
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIz5T5M2HGQXYfXvvfDKhNBlqMZK1ke%2Fm94T9mdrRFlRcPxIKGPsQy%2Bxq1bFjVIs%2F4QEO6p%2B19S0gIypSTyVp4fkn02ykmgOec4bNB0xdIUT99z41h7w5cnaG9kz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ab17131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=18&recv=27&lost=0&retrans=0&sent_bytes=13560&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=77&x=0"
X-Firefox-Spdy: h2

HEAD pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.66

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.66:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
FingerprintBA:DF:E8:69:61:F6:F8:D5:A5:A9:E9:A2:92:F0:8A:AA:A7:E6:7A:EA
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 31 Dec 2024 04:50:48 GMT
expires: Tue, 31 Dec 2024 04:50:48 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 7978371305319019827
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/logo.svg

104.26.7.56

200 OK

6.0 kB

URL GET HTTP/2
cdn.cuty.io/images/shared/logo.svg
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
SVG Scalable Vector Graphics image
Size
6.0 kB (5978 bytes)
Hash
10818db4ec7670bce1cec5b9b1f02d75
22d063511fa1e4f3efb06b2abd9aa862146d019c
77a7737552b4e0954efe947589319270841bb3d0b5862ffed4820c61e3dba70d

HTTP Headers

GET /images/shared/logo.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/svg+xml
last-modified: Sun, 21 Jul 2024 07:29:21 GMT
etag: W/"669cb8d1-175a"
expires: Thu, 16 Oct 2025 22:32:55 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5815032
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxLgnHFey1SRVwhYztl04etgRAMtmTPYFXq%2F6RF85kjERVxFzKXFOWbtFKMeGjGHnT5ydWn06T9Aa%2FMAKxaT%2BvG3zLJkErdAUENu2KITpFtewQfJGY0j7BlwbRQ8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68e6ac87131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1337&min_rtt=381&rtt_var=91&sent=318&recv=108&lost=0&retrans=1&sent_bytes=427756&recv_bytes=2691&delivery_rate=85777150&cwnd=236&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=95&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/js/public/layouts/app.js?id=c6f3544d59459ef4967d8d8075ae7bcc

104.26.7.56

200 OK

344 kB

URL GET HTTP/2
cdn.cuty.io/js/public/layouts/app.js?id=c6f3544d59459ef4967d8d8075ae7bcc
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type

Size
344 kB (343687 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/public/layouts/app.js?id=c6f3544d59459ef4967d8d8075ae7bcc HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 12:18:27 GMT
vary: Accept-Encoding
etag: W/"67485f93-53e87"
expires: Fri, 28 Nov 2025 12:18:30 GMT
cache-control: max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
age: 2824333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0VbLF1IlmLsQ2Btm0Tdo%2F5PLceFMeAtVbO6vtjaxhloWgyCTLm5EJy8texjQM0xhZEYo2Uxxj%2FhWMTjARm%2F1IYUvKSyy0QrjGRyNPsFCCyT81gbPs0OeHfQYFYT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68e5ab37131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=21&recv=27&lost=0&retrans=0&sent_bytes=15265&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=0&cid=fcb8d6cc6408fc57&ts=78&x=0"
X-Firefox-Spdy: h2

GET ukankingwithea.com/asd100.bin

104.21.112.1

200 OK

102 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5
ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1081
last-modified: Tue, 31 Dec 2024 04:32:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VdcFks2Wpe0cq%2FjrLqCbF2FpQuhmidcjZT9XYzqOkJMZ%2Bb7tFtU7Al%2Bj%2Fb60NMTdpNZfIadHISwjkMUhASVjuKPtcQL0wtPL9H4MToCU%2BMZXsxlvISBYVf3EIXm1aZ5ceg8%2FI5s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a69b9f3556ba-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=846&min_rtt=435&rtt_var=240&sent=86&recv=27&lost=0&retrans=0&sent_bytes=107639&recv_bytes=1266&delivery_rate=19160680&cwnd=254&unsent_bytes=0&cid=e6210db97d049be5&ts=84&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/public/heading-background.png

104.26.7.56

200 OK

76 kB

URL GET HTTP/3
cdn.cuty.io/images/public/heading-background.png
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
PNG image data, 1440 x 720, 8-bit colormap, non-interlaced
Size
76 kB (75970 bytes)
Hash
bdabda3bb98b22aaf2e7e0ce3efd80b4
6a6ff615a349f4238f6b27573beb0ea532da3d03
0d8927a9ef27ef1a0c8c1f1b13b8cbc10d86df4468ee5ee7a9fbba255caf075d

HTTP Headers

GET /images/public/heading-background.png HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.cuty.io/css/public.css?id=a66d1b3f490ee5b9c79bc9f7135b2531
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/webp
content-length: 75970
cache-control: max-age=31536000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=107203
content-disposition: inline; filename="heading-background.webp"
vary: Accept
etag: "6736ee3d-1a2c3"
expires: Tue, 25 Nov 2025 16:01:25 GMT
last-modified: Fri, 15 Nov 2024 06:46:21 GMT
cf-cache-status: HIT
age: 3037264
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2BoOtPH0MzJXyYGAZdO%2BuWcDe8sFpnIICba1oWgwT61MeuMYttJUIkjtkYp2TZz03NtHmyDv%2B%2F1BcyMSojzwpV%2Blyq%2BkeVa4NWmXdr5513hCyhWUuyCNMkTQ2pBC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a68fcab30b65-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33606&min_rtt=2764&rtt_var=23067&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4075&recv_bytes=1136&delivery_rate=232261&cwnd=12000&unsent_bytes=0&cid=82cfdab3be52435f&ts=208&x=1", cfExtPri, cfHdrFlush;dur=0

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf

104.26.4.26

200 OK

213 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (57271)
Size
213 kB (212713 bytes)
Hash
9a054791207bd9bf786a5e3f333efd08
030e3d0b5801c13276dd8d5391fb18846b81b902
e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 15:44:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8B%2BogUY0%2FPKrQLkG9vFmmEL2XAcucF5N7BEv2setWTcNL4ba7DCRRjgIVQCYr8Qo7Od7%2B9M8NsxCayXkvcJGKPpMmXDNO0d7Uh9v9FFOEQA9Wb0J0xl%2BM2hSbaHj9cYbkpjRbywV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a691b9d656c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5096&min_rtt=356&rtt_var=8886&sent=54&recv=24&lost=0&retrans=0&sent_bytes=54673&recv_bytes=2097&delivery_rate=5236889&cwnd=256&unsent_bytes=0&cid=d5ad0187b82cf742&ts=217&x=0"
X-Firefox-Spdy: h2

GET cety.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

104.26.7.238

200 OK

8.7 kB

URL GET HTTP/3
cety.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
IP
104.26.7.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcety.app
Fingerprint2F:22:43:8E:D4:C5:1B:EB:6E:80:BA:82:9A:13:27:56:6D:7B:D8:1C
ValiditySat, 07 Dec 2024 01:51:21 GMT - Fri, 07 Mar 2025 01:51:20 GMT

File type
Apple HFS Plus version 11049 data last mounted by: 'se{f', created: Thu Aug 18 14:14:32 2072, last modified: Wed Aug 17 21:06:16 2072, block size: 758201661, number of blocks: 1363093585, free blocks: 1026567247
Size
8.7 kB (8734 bytes)
Hash
9ebe65c0507abaf798a51b0681c0fe8e
9663bdc232d292a51734420f296c7177dfcee286
d6d49bd05ce8ab04d17a939d076380af17dcaef4a3c5b9011d09720841a93aa5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js? HTTP/1.1
Host: cety.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: origin=cuty; XSRF-TOKEN=eyJpdiI6ImNacC9adTFGRC9pbC9kYWlKbnpEdGc9PSIsInZhbHVlIjoiekFWVzJFYTV0TlZyOHpyaUQza3FZQ3ZjWFhOQmQzVC92aHg5aDdmSnZkRmJXd1o4TDRoaUxBRDlEMVRDUjNyUEFxUWJ2eHFvU295UC9DMWZPNEJMRVYvWlFUOFlsbE5BVUJkeDZOMm15MWZleWZrbVNjMkU2OStvNUlkUE9BcW0iLCJtYWMiOiI2ZDAyZDA1OWE4ZDc1Y2UwYTYxZjVlM2JmMDU5YjJjNmQ0Y2NiNmM0MzRmMzBhMzYwZDk4NjEyYzA2MGU5MGQ5IiwidGFnIjoiIn0%3D; cutyio_session=eyJpdiI6ImROdTNQKzAzdlc2bmI3V1E1SGJoUnc9PSIsInZhbHVlIjoib2hBTWlvYzhBWGl5UzdudnU0MDdkSlcrcVExU094Y0p1VlpuRDFiY29kSnBSRnIrTjZ0OG15a3lVY2YyTnd2eUQzRFVCckV6N1RtVk9BYnJyZkhSaVNRVndXQ05OanZ1RW9ybHBuSG94UVZzQXluRStidkRyMklSKzFWSmhyb3YiLCJtYWMiOiJhODA2NTU4NmFmZWYwYjY2ZmQ5NDk2NTE2Mjg3NDMyMmQ0NjE5YzdmNjM2NWIyNWRiZDFmZTViZWI5YWQ3ZGI5IiwidGFnIjoiIn0%3D; _ga_GGDCMPL4QP=GS1.1.1735620647.1.0.1735620647.0.0.0; _ga=GA1.1.1564279676.1735620648
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6WSIszIq475PStm8tP%2BOdZHTPbXATtC0%2BcZLeiKkVskha7WmF74ILgGgqkUcmf6VDPRXKKHba7yOTBW0GHBUjpJGSzcgmc28iPGHqu8zLGbFk2%2BV%2FaL4Xtr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a699188ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3902&min_rtt=1391&rtt_var=2552&sent=15&recv=10&lost=0&retrans=0&sent_bytes=5035&recv_bytes=4312&delivery_rate=442&cwnd=12000&unsent_bytes=0&cid=40d04e63e40b1722&ts=2152&x=1", cfExtPri, cfHdrFlush;dur=0

GET www.google.com/recaptcha/api.js

142.250.74.164

200 OK

870 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint73:D7:A2:DD:D9:66:88:D8:12:DA:21:B2:6C:66:23:55:F7:97:39:A7
ValidityMon, 02 Dec 2024 08:37:44 GMT - Mon, 24 Feb 2025 08:37:43 GMT

File type
JavaScript source, ASCII text, with very long lines (870), with no line terminators
Size
870 B (870 bytes)
Hash
959fca740c230726e5a7cdf2b7603468
1fa3eb9690cb728a4ba96846bd8eac87fa914073
1a7a8da967879cf8c53e114c331242c5d44c39d4b4778a0824bc2f363504c3a5

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 31 Dec 2024 04:50:46 GMT
date: Tue, 31 Dec 2024 04:50:46 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text
Size
12 kB (12355 bytes)
Hash
a21d585e84c1d745ac0cfcced46d4a93
b4f87497ae3f208dfe34bd48f01f991c863ce4eb
a45aa0e67bd873620eb0106ec2bc3b71080033e1b01d8bf236b43b6b814f010c

HTTP Headers

GET /css2?family=Inter:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cety.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Dec 2024 04:50:46 GMT
date: Tue, 31 Dec 2024 04:50:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST ghb.adtelligent.com/v2/auction/

0.0.0.0

0 B

URL POST
ghb.adtelligent.com/v2/auction/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cety.app/5FoV6IO

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 330
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET cdn.cuty.io/images/shared/burger.svg

104.26.7.56

200 OK

207 B

URL GET HTTP/2
cdn.cuty.io/images/shared/burger.svg
IP
104.26.7.56:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type
SVG Scalable Vector Graphics image
Size
207 B (207 bytes)
Hash
573aef439a6b96a62a233ed0341072d5
875bae0f4d6c067b8faccf9a58799e789e480997
f6226868923f3764988c58d88d5136f2ecf3fb899365c8f418a2b81da8413d82

HTTP Headers

GET /images/shared/burger.svg HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Nov 2024 06:46:21 GMT
etag: W/"6736ee3d-cf"
expires: Wed, 26 Nov 2025 02:06:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 955551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lA5MSijUdwzeqdOKWwGTu9ebtM0ZV4LfR1KUyqRxBnSuca0Y3dTRrM4mX3Qb9bxSNOCqTejiTpz3d0Pm3Wi8ePapTHdPIyZKYAxE7MmchyuIRjKDJK12rFY1Q6t0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a68e5ab57131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1197&min_rtt=381&rtt_var=1625&sent=59&recv=27&lost=0&retrans=0&sent_bytes=67313&recv_bytes=2524&delivery_rate=8227272&cwnd=254&unsent_bytes=31856&cid=fcb8d6cc6408fc57&ts=79&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf

104.26.4.26

200 OK

213 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (57271)
Size
213 kB (212713 bytes)
Hash
9a054791207bd9bf786a5e3f333efd08
030e3d0b5801c13276dd8d5391fb18846b81b902
e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 15:44:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YaHI2sqzOlSLzQQAlXlGyQ7yYXrn1b8wOdNkXTN4CoNH86GmLL58oRkF0CLRwoqkyIJCZRAA9Qc%2BHC4mlk8JDDy%2BzMOyzGvu2GfC4lXm5ig6J9AtfhI81H95LbkY%2BUhm0s0mXlz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a691b9d756c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2650&min_rtt=356&rtt_var=3983&sent=78&recv=30&lost=0&retrans=0&sent_bytes=85236&recv_bytes=2097&delivery_rate=84891122&cwnd=256&unsent_bytes=15636&cid=d5ad0187b82cf742&ts=218&x=0"
X-Firefox-Spdy: h2

GET cety.app/5FoV6IO

104.26.7.238

200 OK

52 kB

URL User Request GET HTTP/2
cety.app/5FoV6IO
IP
104.26.7.238:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcety.app
Fingerprint2F:22:43:8E:D4:C5:1B:EB:6E:80:BA:82:9A:13:27:56:6D:7B:D8:1C
ValiditySat, 07 Dec 2024 01:51:21 GMT - Fri, 07 Mar 2025 01:51:20 GMT

File type

Size
52 kB (52100 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /5FoV6IO HTTP/1.1
Host: cety.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: -1
x-frame-options: SAMEORIGIN, SAMEORIGIN
set-cookie: origin=cuty; expires=Tue, 02 Dec 2025 04:50:44 GMT; Max-Age=29030400; path=/; secure; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6ImNacC9adTFGRC9pbC9kYWlKbnpEdGc9PSIsInZhbHVlIjoiekFWVzJFYTV0TlZyOHpyaUQza3FZQ3ZjWFhOQmQzVC92aHg5aDdmSnZkRmJXd1o4TDRoaUxBRDlEMVRDUjNyUEFxUWJ2eHFvU295UC9DMWZPNEJMRVYvWlFUOFlsbE5BVUJkeDZOMm15MWZleWZrbVNjMkU2OStvNUlkUE9BcW0iLCJtYWMiOiI2ZDAyZDA1OWE4ZDc1Y2UwYTYxZjVlM2JmMDU5YjJjNmQ0Y2NiNmM0MzRmMzBhMzYwZDk4NjEyYzA2MGU5MGQ5IiwidGFnIjoiIn0%3D; expires=Tue, 07 Jan 2025 04:50:44 GMT; Max-Age=604800; path=/; samesite=lax
cutyio_session=eyJpdiI6ImROdTNQKzAzdlc2bmI3V1E1SGJoUnc9PSIsInZhbHVlIjoib2hBTWlvYzhBWGl5UzdudnU0MDdkSlcrcVExU094Y0p1VlpuRDFiY29kSnBSRnIrTjZ0OG15a3lVY2YyTnd2eUQzRFVCckV6N1RtVk9BYnJyZkhSaVNRVndXQ05OanZ1RW9ybHBuSG94UVZzQXluRStidkRyMklSKzFWSmhyb3YiLCJtYWMiOiJhODA2NTU4NmFmZWYwYjY2ZmQ5NDk2NTE2Mjg3NDMyMmQ0NjE5YzdmNjM2NWIyNWRiZDFmZTViZWI5YWQ3ZGI5IiwidGFnIjoiIn0%3D; expires=Tue, 07 Jan 2025 04:50:44 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsRT4UFYpgsO%2B7448LSDF%2BlFPkU02haYUQCDH0rxaAAPiRbainalkj83S6B4XRzyj%2BQeCRlaZPUmOIBu7YG0hoZKYuNWawGB7hHpBFNy05%2BHYuttF5HKDSco"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a681eb2fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=5713&min_rtt=434&rtt_var=10576&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3263&recv_bytes=1239&delivery_rate=7869565&cwnd=254&unsent_bytes=0&cid=0ec87a537ed95187&ts=1577&x=0"
X-Firefox-Spdy: h2

GET cdn.cuty.io/images/shared/favicon.ico

0.0.0.0

200 OK

0 B

URL GET
cdn.cuty.io/images/shared/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectcuty.io
FingerprintE2:69:09:90:6E:21:73:0A:19:3D:90:AC:66:CF:8C:50:31:30:8D:75
ValidityTue, 26 Nov 2024 05:57:01 GMT - Mon, 24 Feb 2025 05:57:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/shared/favicon.ico HTTP/1.1
Host: cdn.cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: image/x-icon
last-modified: Thu, 28 Nov 2024 12:18:28 GMT
etag: W/"67485f94-3ed"
expires: Sun, 30 Nov 2025 01:47:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 868985
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aevs7mn2QZ2%2FejVxhKOOJCHvajT%2FJAlc8leBSUCZSJOX2WSiThzGpf7jrCeHFAl%2BTkRP%2FhiM61RtULjO%2BXgDYN15JQFZ%2FKkiYn7zGnoFbbrrvQDG%2FUeptAPBUzrO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a69add190b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25229&min_rtt=2764&rtt_var=22526&sent=78&recv=10&lost=0&retrans=0&sent_bytes=82802&recv_bytes=1525&delivery_rate=7307775&cwnd=48000&unsent_bytes=0&cid=82cfdab3be52435f&ts=1983&x=1", cfExtPri, cfHdrFlush;dur=0

POST ghb2.adtelligent.com/v2/auction/

167.235.37.234

200 OK

3.6 kB

URL POST HTTP/1.1
ghb2.adtelligent.com/v2/auction/
IP
167.235.37.234:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerZeroSSL
Subjectghb2.adtelligent.com
Fingerprint4F:8A:A9:F2:7A:68:0B:F2:D2:40:0D:4B:40:4C:39:9D:A9:63:8A:CE
ValidityMon, 25 Nov 2024 00:00:00 GMT - Sun, 23 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3632), with no line terminators
Size
3.6 kB (3556 bytes)
Hash
0c38b68f17b05c906284c8a85e40d38d
8ce0c145a1f1ce1147c39bab0db42dcd455febb6
9c4caf52c3eead9664bec549a1f173a6d3077771dba7f31004a729c2032f143f

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb2.adtelligent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 335
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 31 Dec 2024 04:50:47 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1052
Access-Control-Allow-Origin: https://cety.app
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

GET csync.smilewanted.com/

104.22.30.209

200 OK

6.3 kB

URL GET HTTP/2
csync.smilewanted.com/
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type
JavaScript source, ASCII text, with very long lines (6641), with no line terminators
Size
6.3 kB (6341 bytes)
Hash
b63a3d630469499c471e214bb7814f07
538bf4a460de2bd356dd1591956b892de1a0dacc
6cce9b2c722da7de31f12f45a6c95d2d4fb19f3c212f4c55122be1d25f795867

HTTP Headers

GET / HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a6aeef31712f-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620646198

104.26.4.26

301 Moved Permanently

213 kB

URL GET HTTP/2
fstatic.netpub.media/static/4be6ffb143031765ec52eb449458a122.min.js?1735620646198
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type

Size
213 kB (212713 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/4be6ffb143031765ec52eb449458a122.min.js?1735620646198 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 31 Dec 2024 04:50:46 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/service.js
cache-control: max-age=3600
expires: Tue, 31 Dec 2024 05:50:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qT7s6FpDao8aTWvY90GcTNAWHng1DrvOHrsLsB%2BFuulfM1hGnR%2F1%2FBG3jCu%2FUA2Wa3PuObBAJ3nd%2BvPMlvjDWXtLDd5HGXFtTHSi1qTqMW5czOccLJVK7%2BLxdapKWl50MQ%2FflZf0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a690998856c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=450&min_rtt=356&rtt_var=151&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1319&delivery_rate=7567944&cwnd=254&unsent_bytes=0&cid=d5ad0187b82cf742&ts=43&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf

104.26.4.26

200 OK

213 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (57271)
Size
213 kB (212713 bytes)
Hash
9a054791207bd9bf786a5e3f333efd08
030e3d0b5801c13276dd8d5391fb18846b81b902
e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 15:44:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnBbn%2F9MJJJprudeABp2hyWHwXAqF%2B66cqNVHCPeDjelU8UlxJReWkTqzQRNz3VThOJuuGejwnB2%2BUpXPaJVnFEgSl7ec2vnAES8ep1dXLGjBqtCBpa%2FdZnvdntPqCV1gaT0zBRj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a69a1cf256c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1028&min_rtt=346&rtt_var=879&sent=341&recv=150&lost=0&retrans=0&sent_bytes=419483&recv_bytes=3797&delivery_rate=103180144&cwnd=202&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1558&x=0"
X-Firefox-Spdy: h2

GET ukankingwithea.com/

104.21.112.1

200 OK

27 B

URL GET HTTP/2
ukankingwithea.com/
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5
ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
c44bb2c03adc2c9421025ea19ea1622a
cfc463b7a34fb7c3fe1f6b32a3951292c3cba008
4c88afe7484d1ca8598328e31e239c36933add1d9050fc8927c04829427a650e

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: text/plain
set-cookie: csu=1739501068109223@1@1735620648; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95%2BJJD5CNTXLy%2BL%2B4SleIcEDY2xj6qtBW4iIG6P5P63Ke8d9oh3jv8pLdb4oASkXQHchxy%2BV1VVF%2FxZO%2B3G6sDuzlpc%2FxP60PXazOFNXO6k0VT7hUVkkRPneF0%2FsrpMu%2BTfikyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a69b6f2756ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=892&min_rtt=435&rtt_var=547&sent=164&recv=44&lost=0&retrans=0&sent_bytes=211193&recv_bytes=1266&delivery_rate=16127287&cwnd=254&unsent_bytes=0&cid=e6210db97d049be5&ts=168&x=0"
X-Firefox-Spdy: h2

GET ukankingwithea.com/asd100.bin

104.21.112.1

200 OK

102 kB

URL GET HTTP/2
ukankingwithea.com/asd100.bin
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5
ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1081
last-modified: Tue, 31 Dec 2024 04:32:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enbkvY9dhh%2BiI3nhDv3yd%2BFpp2rBhJIFxH%2FsR9WVqbo3pqk7nzr9laTcR%2FpuHPq6PNLcsSaLhBeroQaFA1eJQDbrCO5aOPZWT3Vq6AcmXFDS0TxiIEbGbQg6GgLgYqPk%2B5hqKoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa7a69b7f2956ba-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=938&min_rtt=468&rtt_var=844&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3218&recv_bytes=1125&delivery_rate=8670658&cwnd=254&unsent_bytes=0&cid=e6210db97d049be5&ts=61&x=0"
X-Firefox-Spdy: h2

GET gpp.netpub.media/17356206470080.8198763007354506/run.js?v=17356206470080.8198763007354506

104.26.4.26

200 OK

251 B

URL GET HTTP/2
gpp.netpub.media/17356206470080.8198763007354506/run.js?v=17356206470080.8198763007354506
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
251 B (251 bytes)
Hash
945277581d767415edcae0911173c943
9a7e509c4b0cb318b6e32a93f88af95f21b5760b
874b90f5b2bf0b3dac07481e766603bed23e9e05d685873b50dce5eb8432e08d

HTTP Headers

GET /17356206470080.8198763007354506/run.js?v=17356206470080.8198763007354506 HTTP/1.1
Host: gpp.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:47 GMT
content-type: application/javascript
last-modified: Wed, 21 Feb 2024 16:05:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=89ZXB0GUUlXtbV3K4Q3x41SHCllMKnLS8qsV5UQdxcnRR3HOVfDGWIseuN1sUlNmGsHYQeUaZCJaByGTc12QptPgeVBxqIxwg9sREUXGxwksXFbspNiZEp%2F7jJBPp3K8lE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a693da9f56c7-OSL
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1077&min_rtt=356&rtt_var=97&sent=284&recv=116&lost=0&retrans=0&sent_bytes=366375&recv_bytes=2469&delivery_rate=103180144&cwnd=226&unsent_bytes=0&cid=d5ad0187b82cf742&ts=589&x=0"
X-Firefox-Spdy: h2

GET fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf

104.26.4.26

200 OK

213 kB

URL GET HTTP/2
fstatic.netpub.media/r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf
IP
104.26.4.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (57271)
Size
213 kB (212713 bytes)
Hash
9a054791207bd9bf786a5e3f333efd08
030e3d0b5801c13276dd8d5391fb18846b81b902
e10f721fa0c518d1b16163e746c665f25894b49801945f432b9f9dc8269ecbde

HTTP Headers

GET /r/4be6ffb143031765ec52eb449458a122/42560546.js?npr=bb20c1f761bd0cfde5dc5ac5acfbbecf HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 15:44:02 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RhZe7kdyBkfxeoNMJjyMFmr9jqqE8hE2A6Op%2F1Pme%2FJA9fd4N7uxJaahHmIklAxfuN28o40dmUxdFWG5NgCTDS8Kv5QvKdbWt7Xhl6MvDu7nU2TqgF3%2B77EVSLatUZei7rhzmpx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a69a1cf456c7-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=904&min_rtt=346&rtt_var=179&sent=409&recv=160&lost=0&retrans=0&sent_bytes=511602&recv_bytes=3797&delivery_rate=103180144&cwnd=218&unsent_bytes=0&cid=d5ad0187b82cf742&ts=1561&x=0"
X-Firefox-Spdy: h2

GET ukankingwithea.com/

104.21.112.1

200 OK

27 B

URL GET HTTP/2
ukankingwithea.com/
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cety.app/5FoV6IO
Certificate
IssuerGoogle Trust Services
Subjectukankingwithea.com
Fingerprint72:95:BE:5B:B7:C6:8C:31:B9:5E:60:DA:66:68:99:88:EC:99:F6:E5
ValiditySun, 03 Nov 2024 13:54:20 GMT - Sat, 01 Feb 2025 13:54:19 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
8255ce84af620662963e877ac45c58e4
b43ccf323cc304c141e9ca8c56742698f73f426b
f790c85e8fc1f735879ee85bd853ce8ea234a9efd74d7d0097e44303eaca1b20

HTTP Headers

GET / HTTP/1.1
Host: ukankingwithea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cety.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:48 GMT
content-type: text/plain
set-cookie: csu=1904906375722635@1@1735620648; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cety.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9ho3g3%2FWsh3Ht7Vq%2FbxFS4FTZwThLxha25mqg%2FVe0gWhY8RtM68wcqKvCj5XV7nQ4A7crj7HQfqFpXpjieQcF65x2m6%2BO8BzenulEuz9VAz2%2BvSZ7XyRKbne4VwcW6LwEXltcY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa7a69b8f3056ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1406&min_rtt=435&rtt_var=1437&sent=169&recv=45&lost=0&retrans=1&sent_bytes=211861&recv_bytes=1266&delivery_rate=16127287&cwnd=254&unsent_bytes=0&cid=e6210db97d049be5&ts=181&x=0"
X-Firefox-Spdy: h2

GET csync.smilewanted.com/drop_cookie_sw.php

104.22.30.209

200 OK

0 B

URL GET HTTP/2
csync.smilewanted.com/drop_cookie_sw.php
IP
104.22.30.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://csync.smilewanted.com/
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /drop_cookie_sw.php HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 04:50:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sw_user_params_infos=eFCcyhd%2BLLLnf7KPtUVBDOZH%2BMXU1jPhB6ifcsKRYNCaHhqOhwISJHbqPt2mH9b57rjfL%2Felv%2BddYeQLTurYh85zKRM7Ic%2F4s9HHSZyWpKrWzugrDE2KrInv8VlH%2FXI%2BBztJOvIjy7ABhlWIpoHomQ%3D%3D; expires=Wed, 31 Dec 2025 10:40:03 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fa7a6b17877712f-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL