urlscan.io logo urlscan.io
SecurityTrails logo

cursefire.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cursefire.com/
Effective URL: https://cursefire.com/
Submission: On December 02 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 103 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cursefire.com.
TLS certificate: Issued by GTS CA 1P5 on October 31st 2023. Valid for: 3 months.
This is the only time cursefire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cursefire.com
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cursefire.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:2090:800:19:f28c:cd92:c761 (United States)

ASN16509 (AMAZON-02, US)
static-cdn.jtvnw.net
24    13.32.99.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-76.fra60.r.cloudfront.net
media.forgecdn.net
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
3    2600:9000:2491:7e00:8:7bb3:3800:93a1 (United States)

ASN16509 (AMAZON-02, US)
cfcore-assets.forgecdn.net
1    193.109.247.75 (Moscow, Russian Federation)

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net
gamestracker.org
12    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
22    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
35 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
472 KB
27 forgecdn.net
media.forgecdn.net — Cisco Umbrella Rank: 85957
cfcore-assets.forgecdn.net — Cisco Umbrella Rank: 755150
1 MB
12 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
133 KB
10 gstatic.com
encrypted-tbn0.gstatic.com
www.gstatic.com
fonts.gstatic.com
144 KB
6 cursefire.com
cursefire.com
82 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
255 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
4 KB
1 gamestracker.org
gamestracker.org
44 KB
1 jtvnw.net
static-cdn.jtvnw.net — Cisco Umbrella Rank: 9654
29 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
252 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
84 KB
103 13
Domain Requested by
24 media.forgecdn.net cursefire.com
22 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
13 pagead2.googlesyndication.com cursefire.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
12 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
6 cursefire.com 1 redirects cursefire.com
4 www.googleadservices.com cursefire.com
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com googleads.g.doubleclick.net
3 cfcore-assets.forgecdn.net cursefire.com
1 gamestracker.org cursefire.com
1 encrypted-tbn0.gstatic.com cursefire.com
1 static-cdn.jtvnw.net cursefire.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com cursefire.com
103 17
Subject Issuer Validity Valid
cursefire.com
GTS CA 1P5		 2023-10-31 -
2024-01-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
static-cdn.jtvnw.net
Amazon RSA 2048 M01		 2023-03-13 -
2024-04-10		 a year crt.sh
curseforge.com
Amazon RSA 2048 M02		 2023-06-12 -
2024-07-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
gamestracker.org
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 15 frames:

Primary Page: https://cursefire.com/
Frame ID: A7BD58AEB0D08845DFB400E7F2829166
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&adk=1812271804&adf=3025194257&lmt=1701541683&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fcursefire.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683106&bpp=16&bdt=970&idt=262&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6533177112913&frm=20&pv=2&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: A8EFB777EFDDA4236AAEB276BD91EF1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Frame ID: 00470FEF07375552C64A6CDC608E6C03
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701541684&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541684715&bpp=1&bdt=2578&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8545edd0c817df69%3AT%3D1701541683%3ART%3D1701541683%3AS%3DALNI_MavERCp4CvzPNirz6ZOyRMN6VQ--g&gpic=UID%3D00000ce25c0d5329%3AT%3D1701541683%3ART%3D1701541683%3AS%3DALNI_MaE_6VutnGWKfE0Kv1ia8XzA8fg-g&prev_fmts=0x0%2C1200x280&nras=3&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGslbW1tB02R1r2W3EmOPQrRdqfxZfX0PvzKr0x5SCwfyKNCAwCD-r3YMoZajmsU03SfJECHx5CIpUSZPz6lWayqocqPR&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Frame ID: 4D14D90A3D10A42DABC44B24FFA646E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 565CB9016B0058DEA88BA1C1A2D1F28C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A7DF8D710C74475225477C8F45E68250
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 18CF495A94884C0249F1C99347D79BEF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 523F2BDD53B6A873CC873CEC037EBC6C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0261909EE3BA2909F7A91385AF1B5980
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8A5923E756F07F4AF457959616D73E29
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: B8B37001E6972059C898C6FB68675749
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 4EDB422EF0D444A87C11F074220C621E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 0015C58CE37379906F0A4AFE54C6AF8A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E228783985E9D0E129E45F0803005A0F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DFA20597E2D3B2A154436119514EFA72
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CurseFireCurseFireCurseFireCurseFire

Page URL History Show full URLs

  1. http://cursefire.com/ HTTP 301
    https://cursefire.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

103
Requests

98 %
HTTPS

83 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

2468 kB
Transfer

4593 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cursefire.com/ HTTP 301
    https://cursefire.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CNsmtM3drZY7WKvGb29gPjcKC6ATru9SscJz7_KmdDNrZHhABIL7tiH9gkYSghYwYoAGumIqiAsgBCakChxZyOYpCsj6oAwHIA8sEqgTJAU_QkCR2L3UAhWtLeod_Nci2GWKxdX2iCiTHCZxFj9DtqJJBjNvG0pZ7Gxt0MFKfibIsTPIiQ336DynhuGvhKxsdpxGO5orJbnmm1PpN_v9Y-qf5bRFdAQFwkf_CDzF_VQh0QJ6K7M1vh1hk_IJ4eDW2B4j3QQATT2Tg7iTJ8eq2IdA4jY4ZQPvOkysEBLelecI5PRdcQLbQJkl299uWnn7fLZZtLWJJQDsaspGMNOBdRz12316Gu2s1dIZ4PK4uAMiEEW5V5pWm0MAEgb6MhZ4DiAWRib-YKZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe65_XdAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEN-ZFNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYw_353LDxggOaCSBodHRwczovL3hjcmFmdC5uZXQvcmVnaXN0cmF0aW9uL4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQK4E-QD2BMMiBQD0BUBgBcBshccChoIABIUcHViLTUxMTU3Mzk5MzE0OTA4MjQYAA&sigh=UcFILWEdUzQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN0WbSBA-GBCkVEMnN-Z5S1i_ZJ2v1_fwJvFNHXRVfplymXUDkCalDoxMvPWCPEFTESoD9P0v-2WVoSGuXP5NCll6M3zFc3L-x7mgYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224960589600735207433%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215153264117929536017%22}&andc=true
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 88
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 90
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CEgVKM3drZYGAK5ya29gP3b-jwAjS177AdOOKn5SJEK4CEAEgvu2If2CRhKCFjBigAZmYrdsDyAEBqAMByAPLBKoEwQFP0NsrYX1iLpfBVVN45IEKpHMJFIhonaevmlFQwVw2yvksSM_0DeA5_evEMyu2ANh-nhfCILYyvjN6eGS-iuxmJ-XRxzO0CWYjIXChBx_enc2tFt-OOAY3cKCho_UeAbUmvnnEnl7HrVjITQmxaFML11ma52FshGAaMEe4jH8fBKs6q9NZqRQLUiedK6G601lisCIoy3eX1BZnCIJm4wkW9HV9iemGZHfB34ycKyFTSQKZCkipD3-A5aNn4YMfVB1kwATBwoP9_gOIBaPHw5QGkgUECAQYAZIFBAgFGASAB8_n0iSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCE9g_SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMuP-tyw8YIDmglBaHR0cHM6Ly9kb3dubG9hZC5kcml2ZXJzdXBwb3J0LmNvbS9scC9nZG4vZmFsY29uP3RpZD1HRE4tQWZmaW5pdHmACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEwyIFAnQFQGAFwGyFxwKGggAEhRwdWItNTExNTczOTkzMTQ5MDgyNBgA&sigh=y7oyZOBVoDM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNsYppfUSEZ8klEaQ_ozmnXeQ-_RNqZIhNYj--Le0HXNL9EGAGTgF0xZiKcHdht6IKnT5mwRGaGkC9BSFCXTnDGtU9Q8amh6FvN98YAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217371789370550832606%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996887577%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225758096691742226529%22}&andc=true

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cursefire.com/
Redirect Chain
  • http://cursefire.com/
  • https://cursefire.com/
23 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66bf3390b0c9c383a2d40054e4d48d74d9aaa10c0c11e27d5558affdce0f9aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82f5a093894666bc-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 18:28:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXQCl0IXv1XjycyV29oJJGOfsyeZbkAbTCwLD1Ddqi%2FTaWl2RyBW1kes090uT%2FMdV0y7UcBDJDaEZMPWxaDrDvnEMCvZesTASI%2FKu0i4AcEc8nSY4dAffR1tASk7xayXoKeo6N4N6PpwKdDg"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
82f5a092d8540c38-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 02 Dec 2023 18:28:01 GMT
Expires
Sat, 02 Dec 2023 19:28:01 GMT
Location
https://cursefire.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8omgb5r%2BHfytsuCadPVTzdRH0E5K9Qmg%2BLjYzQEhIzUOyLVoQwvnS9R2YLMUhdGfHpybaR6VO0yHgkMlc%2FEFdCn6wSDZckyYz7x7B5Ku8x1S5iiNUx%2F2PEfyGVmMLZIbsFi0frgYuRj77sy5"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
common-1f7cdda8.css
cursefire.com/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cursefire.com/css/common-1f7cdda8.css
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a6f8e1e555cc3ec16c675469570519f9cb5363f895575d930c54b61986ae32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 21 Nov 2022 10:20:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"790e-18499b3df08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmwUACC%2BQ8x2aGNsdXkRLempG7PmBEqLBXeB%2F6a5GPPpcFj%2F7%2Bdtk5XRSkjOtdUJWYqGrHs4Gxc8XeODV9SyzsACb4Kas6S58porCzC18t6srf5%2Bng%2FZ0I6RBIBhXYZ7FVozMhop5%2FmBhexv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
cf-ray
82f5a0997cf266bc-AMS
alt-svc
h3=":443"; ma=86400
cursefire.e84d4e0c.js
cursefire.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cursefire.com/js/cursefire.e84d4e0c.js
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a501ceccb8673f211db8cabb2654606a18d010b29fb1553073ac82255fe5305f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 24 Oct 2023 04:01:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e2a-18b5fd7f8ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBjdk6I%2Bri9iDm%2FAUTjcjV5qg6v3xwpCKuBT1kfrjMtWBAJVMPh4esQ%2BlNR974i5HcBB3fECph40HC78JFqwH3wZthANn9xH%2FISnrsLpl2e3xf%2FtTR18eG0eW%2BabfAjnIE93oz6Rb4JwaLMz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
cf-ray
82f5a0997cf466bc-AMS
alt-svc
h3=":443"; ma=86400
sprites.svg
cursefire.com/images/ 		14 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cursefire.com/images/sprites.svg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a7a35a1dca1f6a57694532e4463082ab48ab67b4fe652080d876eb8c787ece5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:02 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 21 Nov 2022 10:20:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"389e-18499b3df0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3RIWwUoNqmXfEyvTXf%2F495YHfjwRSCLPnreu5Dj%2BkCfPVPPz7WxegsCVeWfdkCEzeVITjzeAM5fYm0bXHv7Rha40ktIgLE%2BGKm7edodYewHCVfxO3bYPXdC4o2KDrKbTfd7F0oigDoFcKC9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
82f5a0997cf566bc-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QC4593XVBQ
Requested by
Host: cursefire.com
URL: https://cursefire.com/js/cursefire.e84d4e0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afea8bea27b2f23840be6af3e96d66db144ae1e263c06af87971901705042e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85522
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Dec 2023 18:28:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5115739931490824
Requested by
Host: cursefire.com
URL: https://cursefire.com/js/cursefire.e84d4e0c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0294d1fc2caf7d87f86fd5cd0a36cd3aa6b577fea37b5200059e1fb25ebc92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53070
x-xss-protection
0
server
cafe
etag
17437766139306116925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:28:02 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QC4593XVBQ&gtm=45je3bt0v883497471&_p=1701541682752&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=67974594.1701541683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701541682&sct=1&seg=0&dl=https%3A%2F%2Fcursefire.com%2F&dt=CurseFire&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2072
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QC4593XVBQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 18:28:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cursefire.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
banner.jpg
cursefire.com/images/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cursefire.com/images/banner.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/css/common-1f7cdda8.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52163d7ccfc89c6de8f5105f254d99c534cbc4ccf98545f6356f093dc1ffa9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/css/common-1f7cdda8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:03 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 21 Nov 2022 10:20:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f8e4-18499b3df0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlP7HaiM6rnDyqMuK9kpQQu2WfuttxusLpvwZyJnqiKoEtGdX6%2BBHUCv%2BqziWUMdlS1azq4dfueQqlK8ntytrSmwUyEiaXVWXmW1ScWgcVqvAGTRsrqmgnFPRxWyLAzCFoRcvwUCO7wwY7Me"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82f5a09ee8f70b7f-AMS
alt-svc
h3=":443"; ma=86400
content-length
63716
Minecraft-285x380.jpg
static-cdn.jtvnw.net/ttv-boxart/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.jtvnw.net/ttv-boxart/Minecraft-285x380.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:800:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2c9bad74f6e53a3f9e61059166dfe66355d0e4a486c30146e4552ece044f7d6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:34:47 GMT
via
1.1 0be6ab2f92b7567e05a874f049abbbe6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P1
age
3195
x-amzn-requestid
d75e6427-1a24-4161-83d5-a498e016887c
x-cache
Hit from cloudfront
x-amz-apigw-id
Olme9FMzvHcFa9w=
content-length
29483
last-modified
Fri, 15 Oct 2021 17:31:05 GMT
server
nginx
x-amzn-trace-id
Root=1-6558845f-cfbb34e70b0f5eedfe0197fb;Sampled=0;lineage=52d5fd54:0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
DLDleAmjaLATqHv983n7gKXPXCwZzO729hnJSryz0IjlfCkwko3uOQ==
expires
Sat, 02 Dec 2023 21:34:47 GMT
1_9b0a8ff4-90c0-4d72-967c-c2c60b8029f7.webp
media.forgecdn.net/game-box-art/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-box-art/1_9b0a8ff4-90c0-4d72-967c-c2c60b8029f7.webp
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5063749bfbcd929853e78ec76fc536b643b42249cc0d7b3d731ea995be837997

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
OWDirvS0ftLFjrMmCdRX2icYP0nvHZ3F
date
Sat, 02 Dec 2023 08:32:34 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Mon, 28 Nov 2022 19:40:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
35730
etag
"8672ca086537faa1bb6c5ccb9e2d731c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
content-length
14584
x-amz-cf-id
6khyTNG7Nu_aaguxf-QC24QEtK9fRZNeuIhzIYrY3opUG4lNaF7YQw==
StarCraft+II+Tile.jpg
media.forgecdn.net/game-tiles/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/StarCraft+II+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6df21f6294a75539a2c775a601a988f18a9eeca619b011a7fccb82723a010317

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
K4uLWPVDduO7mNMGFtuKwzrBXXTMTbzy
date
Sat, 02 Dec 2023 04:56:25 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 12:49:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
57191
etag
"4c53eae355cfa81a1bdfee9471ea054e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
31236
x-amz-cf-id
D9anS7AJP3FteyZpP4vGKqzt_g4q1f7Yd6N1n9UYYm8VQsmD32OA9w==
Kerbal+Space+Program+Tile.jpg
media.forgecdn.net/game-tiles/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Kerbal+Space+Program+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3be218f161a122c56a3d5af8d3e1c8e492d1ddddb89dbf37aec90cf507fecba0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
oVBgegI45w.p6jwO137a1ZSMirTNg_3P
date
Sat, 02 Dec 2023 10:47:43 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 13:17:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
30348
etag
"19069f9efe65eb4e7355fd0517d914a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
23400
x-amz-cf-id
QTFDJwaNal9vX9OSG8NfHdVAZ7nkgEpKER2FXxlKklaCPKzug4xqfQ==
images
encrypted-tbn0.gstatic.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTd1d6F8NswgRELpoAUGCP5RuPK8QiJ9_FRuFCMCrZeSfSb74sxee3-jNArcIcKeLh4OuE&usqp=CAU
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cb924dcc1254c1614f7d283b5a22809579cc3f40db0cfa835ebae2af10849b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 21:49:38 GMT
x-content-type-options
nosniff
age
74305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8720
x-xss-protection
0
last-modified
Fri, 04 May 2018 12:24:46 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 30 Nov 2024 21:49:38 GMT
WildStar+Tile.jpg
media.forgecdn.net/game-tiles/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/WildStar+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
410b90f78406172eadb70e51f63bf41c8dd299495aba60255f6e577179793239

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
_x44xJCXP1eSRdppR_8JohEJAT7L2aEi
date
Sat, 02 Dec 2023 10:51:46 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 13:13:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
27378
etag
"a5a493caa5262e203a7e6046bf255ecd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
31507
x-amz-cf-id
qAQzEnm2YG8G3nQ3QwIgI2MUNsPuPfPrEirGlXtO6vMTbwVxahKjgw==
Sims+4+Tile.png
media.forgecdn.net/game-tiles/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Sims+4+Tile.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1c66a0c75591bef403ac0093395787b96e7833a1290393c34ac370c28c55e23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
bYJ4kkO8250eCE2eCqbIVlfmpI5Y9Dwk
date
Sat, 02 Dec 2023 04:55:53 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
48731
x-cache
Hit from cloudfront
content-length
46603
last-modified
Thu, 21 Apr 2022 20:37:38 GMT
server
AmazonS3
etag
"f81ca5f868bf793bc6bd62819905e475"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600
x-amz-meta-version-id
brnz_WbmwkCVyVieZQ.zRtaqfcI4x7YU
accept-ranges
bytes
x-amz-cf-id
KFqk8IwpZz9AcWfrwKJe1EE8Bocbcxm0I3hJJ5ldk0hnkJrpFbooGQ==
World+of+Tanks+Tile.jpg
media.forgecdn.net/game-tiles/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/World+of+Tanks+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
392c6ed9bb119e47e1eeb6b22b059ecfc535a6df50d20b94e00df199280ba51f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
pcUqkiQD_mDON7qxaBU3S3iJg_jwi2L4
date
Sat, 02 Dec 2023 08:25:36 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 12:22:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
49978
etag
"215ccb034007fdd915239628f9763151"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
26649
x-amz-cf-id
0r8CJch6Ut4LSfUAjn94jAd9ZyYYGgfrF9uGpPmHVGOhXN32JnTB2w==
minecraft.jpg
media.forgecdn.net/game-tiles/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/minecraft.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa789175fb607cb822a12c9990a337f84fcd316baee807f89493e9ccb20c294a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
BgZvaCqVJBhTv.YZzzjSWs7R1_C2tnUp
date
Sat, 02 Dec 2023 07:53:01 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jul 2021 13:47:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38275
etag
"7076375b4f8540e197d290da51977fed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
27924
x-amz-cf-id
ZQLQIrXHgYIwoQEICNCHZYlQaamkuNf20d36JtKm3ZDLIbi1mW4s_A==
Runes+of+Magic+Tile.jpg
media.forgecdn.net/game-tiles/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Runes+of+Magic+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b250056e3fccc2a48adab188e50386f0bf47c7ff55e85b31c2cce117b733066

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
cvDCd.1B.kJ.Uaa_wUV4b3ljWkegYxP3
date
Sat, 02 Dec 2023 08:07:55 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 13:10:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
48271
etag
"d97402b8517cb92126d173479bcd9981"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
43180
x-amz-cf-id
BRAWXQfcraYOjojNrg0GrMdWBdcKof_qMC6oA0xFimcwdZtA-zhS1g==
rift_tile.jpg
media.forgecdn.net/game-tiles/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/rift_tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c521befbf60e04839c45d0c85c5d6ce4253d2fce50918b255257f268f1727339

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
eSEWHJsLJVBWltNbQ_g7NVj.kBH9MX_0
date
Sat, 02 Dec 2023 07:39:49 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 21 Apr 2022 20:30:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38964
etag
"ce4f7806c27c1ce0feaa316dfaf7b0a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
38115
x-amz-cf-id
aACcV_PwXN7JHcyBRHsCnwKQBwqBBIXVW_dBN3AT9hKpi1OP3KOn3g==
Stardew+Valley+Tile.jpg
media.forgecdn.net/game-tiles/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Stardew+Valley+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25dce8d38ee2cbe95bc0d2875e02e467c649a975e4f85972e1fcc99d3a325839

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
B3x42oD8yTBPd.l3XerP.513MsAI3AFb
date
Fri, 01 Dec 2023 19:37:30 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 12:32:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
82236
etag
"417cd537533b2a37ecbd1b86fbb7133d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
34279
x-amz-cf-id
LzO_MqI8OOszomXj0noUPHpQmqzBsMj-wzavDEpUn3-hHvpWj6CIFA==
tsw.jpg
media.forgecdn.net/game-tiles/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/tsw.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbee825cb095d6aea7572370d7363b2d4bdea83769463519cce7613214de5468

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 02 Dec 2023 07:36:56 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jan 2021 11:09:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
39161
etag
"046c7583561475294a8dcb2d7c85d382"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
109132
x-amz-cf-id
Orm6U3iH6Dz0E7UNSywDHpsP91P9lwMGJk69Yr5eeCbQVvkP6YAJGQ==
The+Elder+Scrolls+Online+Tile.jpg
media.forgecdn.net/game-tiles/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/The+Elder+Scrolls+Online+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2762a65e0329caba7531eb12a65de6d413e0a3e03e87374ef461e2622bc5ce59

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
DgUfGrHUPPkTSUisbE64.663zH.ynlDu
date
Fri, 01 Dec 2023 22:11:38 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 12:25:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
72999
etag
"5e20ae784f311f1623305931c3961482"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
45169
x-amz-cf-id
Lpzgak0YJbu2qVOE7LYrEkqHX_XN59Q1Xyj4CUMptCthUC5CHzUlfA==
minecraft-dungeons.jpg
media.forgecdn.net/game-tiles/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/minecraft-dungeons.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
600c0650ff64ccc4d105bfca5eaec58c7392874335902f3695bfe1db24adc7ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
.PYeDIvV3.mEv6TRWz9V6cTmUJGs.Tr4
date
Sat, 02 Dec 2023 08:15:55 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 10:18:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
36733
etag
"4e961fc71b649d729c86cb0af1f22392"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
29320
x-amz-cf-id
tuAhTg3_I4zeBYSs6TqlpnySYQF4XFIRg5vxE9pgCUibwROW0PIQiQ==
4819_2d153d76-4dee-4c43-b7bb-d39ce9cfad8b.png
media.forgecdn.net/game-box-art/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-box-art/4819_2d153d76-4dee-4c43-b7bb-d39ce9cfad8b.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8b0403c60c2820fae79c4e08e8983f7e637793172271f6325f4f6f145b3b005

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
VazyxtEe9FGX9wSpImpdh9.Sj.2Se3eG
date
Sat, 02 Dec 2023 08:27:21 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
36049
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
46396
last-modified
Tue, 09 May 2023 09:00:56 GMT
server
AmazonS3
etag
"dd93a5fcd88c4a43b01d2ad5ec65f21f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
DMnOHfWHSncs7I5iiAzYym-Tl75mcYan90S5h3w13V0Vq5ubZfOgKw==
Secret+World+Legends+Tile.jpg
media.forgecdn.net/game-tiles/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Secret+World+Legends+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64d95465a6321d5b953fa0a815179823e788e82ac9c6e68c487662c636792eea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Ax3I2z5tMBkO3o1ex.pxAiZ4lrhQ8j2W
date
Sat, 02 Dec 2023 07:02:55 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 12:35:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
41135
etag
"8e8892f607a0e0c0b6a21be6d4aa463f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
30187
x-amz-cf-id
-UHDt0msVKFU6ACQGOToR42Zqk33Cdi3PQW0HFUhRGBXuI0wk0uVPA==
arcadia.jpg
media.forgecdn.net/game-tiles/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/arcadia.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d5300e159e21ed205a87de4dca5dad59a57a1e586973d1c2a99d11de448c3a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 02 Dec 2023 05:39:17 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jan 2021 16:18:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
46126
etag
"f24a8f652eca885df346fe3cea407130"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
87111
x-amz-cf-id
hhTBE-WuRVPOxWlSMrv5kDbMt_OsqH0QdNjeq113Cnst8QNEagIpJg==
among-us.jpg
media.forgecdn.net/game-tiles/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/among-us.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b5cffa6718bbcf133aa66e2cbbea88ef24b6fea5ca4ae6064418d2e74f2edf4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 02 Dec 2023 06:44:43 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jan 2021 14:59:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
42201
etag
"a951ff053552e8803d8067949cc94217"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
8080
x-amz-cf-id
DylVhkNMwmOibdyRWRB8CHTF39jSpqR0rI4n0kjvzmIuXxUxmMSKog==
eaf07d14-8695-4f69-bd0c-78af44f94b4c.png
cfcore-assets.forgecdn.net/game-tiles/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfcore-assets.forgecdn.net/game-tiles/eaf07d14-8695-4f69-bd0c-78af44f94b4c.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7e00:8:7bb3:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1700ed72a35b3892b94b2730ad7ff8e66ec13d9216796481e724a1dbfb5942f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 10:13:49 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Wed, 15 Dec 2021 04:49:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
29655
etag
"ee97e7d7c83b249a4cab15a95645e095"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
59735
x-amz-cf-id
5ACmyQJap6lkSMiMu9oZ8NV0POrICieb4CNbWYIjqjLOoSYEwuZ3tA==
Darkest+Dungeon+Tile.jpg
media.forgecdn.net/game-tiles/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Darkest+Dungeon+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1d359051f5e2df2fdb49fc263e41fd2610a67e4121980b7538088bc766b5d71

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
0FOmIBHA7KY6KcYZF1r2uJE2abwZ8kT6
date
Fri, 01 Dec 2023 22:29:47 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 12:28:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
71901
etag
"936c3ed3a1dc2b526cb0eb74915f9e52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
37696
x-amz-cf-id
AedHQQGkbVZNmaJnVaVRVZJva62Xs7dg7p9P5Aq3PTPBpwYrNSg6XA==
123da7b8-996e-47be-a65f-da96368ccad4.png
cfcore-assets.forgecdn.net/game-tiles/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfcore-assets.forgecdn.net/game-tiles/123da7b8-996e-47be-a65f-da96368ccad4.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7e00:8:7bb3:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a12ceef77f2713b7782927ae5791a11c998bb4e854ea9007902ddbe9229fb5b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:03:59 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 16:47:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
41045
x-amz-server-side-encryption
AES256
etag
"8927c0c6dbc740b4140ef627407d2ca4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
82014
x-amz-cf-id
AtBfiOizM0suyZ52Hci0c2tNcYgJbAYwcfTRnmQ9wqbXp7DKDBqc9A==
Surviving+Mars+Tile.jpg
media.forgecdn.net/game-tiles/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Surviving+Mars+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
941a49d62d7367dce1ebf2a39c8dbd31a650e1c03218dd67cc814a2aa0ae961c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
fbTnocj8Hd57Lx2nyXhrw5miq_p2dJEs
date
Fri, 01 Dec 2023 23:26:33 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 13:29:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
68632
etag
"b60bb05bb2fb29a571f08b7874d9cdcf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
23458
x-amz-cf-id
2_Wx7cxK1mQ47PfJYCI-n0Yai7WC37DYI-3h9OcpxbSWcXfUdCvQpg==
Staxel+Tile.jpg
media.forgecdn.net/game-tiles/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/Staxel+Tile.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29ac3bf07bf7f57eeddf0a2a8c7ac1d66ab35fe321f4fbb5593b875f2b685507

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
loya9FWf_bUuYr5W4qdgONNrGLqnTamx
date
Sat, 02 Dec 2023 10:04:24 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 07 Oct 2021 13:27:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
30276
etag
"5901355a9074b4aaced40eed9f489c3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
75265
x-amz-cf-id
XJ0VkluUqzoCFSPEPMzNzcvIO4JuXt_d6Ih_gGhQ_MaaE0V9F-hKtg==
dyson-sphere-program.jpg
media.forgecdn.net/game-tiles/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/dyson-sphere-program.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
816a742901c8fb2a71874a59eb53ff5599908e44bad0f98bd3b86e39a2a251a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 10:59:35 GMT
x-amz-version-id
h_yNewV893GYuEbVfvMZX9YIreNlFf13
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Thu, 21 Apr 2022 20:43:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
26908
etag
"fce42777f59ce5543c5b4860c2a8e262"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
x-amz-meta-version-id
null
accept-ranges
bytes
content-length
24371
x-amz-cf-id
XabPbljVvu76KmtrZlyl_KIQHnvKM581GqrhGpTppva_AAMZQ7wMlQ==
10976.jpg
gamestracker.org/_ld/109/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gamestracker.org/_ld/109/10976.jpg
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.109.247.75 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
9147758812b93507dd2dcca6a8f56ebff276a9b20126a3b58c5f67f5eb03a693
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 18:28:05 GMT
Last-Modified
Sun, 03 Jun 2018 05:49:48 GMT
Server
nginx
ETag
"5b13817c-af3a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=1728000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
44858
Expires
Fri, 22 Dec 2023 18:28:05 GMT
civilization-6.png
media.forgecdn.net/game-tiles/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-tiles/civilization-6.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d1bdc6e323c09af76f50461ce28fc50c6df293ffe6430a03887aa935af57170

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Ofd605VX.unV5cSNFrhhOaq.6WfS6qxj
date
Sat, 02 Dec 2023 08:20:06 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Tue, 13 Apr 2021 14:01:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
56602
etag
"61f801cf54f23a33f680485b9c465376"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
78581
x-amz-cf-id
WSBHB_kaYdNuv9VeUQqgxl0zMTkvzNwt5mCmwh9XwEZy7Uja8vkb1Q==
4773_0069c4c2-18b0-4885-a439-25adb81b9a82.png
media.forgecdn.net/game-box-art/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-box-art/4773_0069c4c2-18b0-4885-a439-25adb81b9a82.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d88cbcab64ed7cb2e5547a3d05a2750487af484d87c40f94c33847f1bc2f2042

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Q73636yuAlFjsAA_L3oolwysZPLKQhDn
date
Sat, 02 Dec 2023 11:14:57 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 11:10:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
26057
etag
"b8770c34d3a601d5b31ca538dc9eebf1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
62429
x-amz-cf-id
lL3YOmSg3XUDt3400nrjUCcBV2o8FbqV9lbV8Yy3jK5tOuqQgKJetw==
66022_e3e7a2ba-e283-491a-92da-af444c4dc4c6.png
media.forgecdn.net/game-box-art/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.forgecdn.net/game-box-art/66022_e3e7a2ba-e283-491a-92da-af444c4dc4c6.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aec3ba9c733f7155a566f4d7228bdcf5338445a750546dd299c7136f453ee28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
oFiiiliQsoSbqaQhfFoPMLXUonfaGSA0
date
Sat, 02 Dec 2023 07:55:31 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Wed, 17 Aug 2022 06:48:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
37975
etag
"4af67b408020ec95f059c42bffddd05e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
62374
x-amz-cf-id
IZzFcvdvO38yWMsphy61sPgZe_QLTcJ3iTNMmxHBOt_sg8SlqkFy-w==
5ce2a487-5c5f-4756-a530-cde687972281.png
cfcore-assets.forgecdn.net/game-tiles/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfcore-assets.forgecdn.net/game-tiles/5ce2a487-5c5f-4756-a530-cde687972281.png
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:7e00:8:7bb3:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2a9a37cce99a7c7521c8a157982e1d939ed957824355da26bfb89385c22556b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:38:00 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Sun, 06 Aug 2023 05:15:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
39004
x-amz-server-side-encryption
AES256
etag
"7560bd1fbc5d7fc134c4766b580ac2eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
accept-ranges
bytes
content-length
59075
x-amz-cf-id
Tb7eDKtEbFGhJ2uvM7DncR9jotuM3Pzp0syg4MpyWanJIh8zKzyAnA==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5115739931490824
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57645f580d8997d313a9cded230f3076d55afb6cf4dd79b5362f58c0caefd8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137283
x-xss-protection
0
server
cafe
etag
4609649011129460338
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:28:03 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A8EF 		486 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&adk=1812271804&adf=3025194257&lmt=1701541683&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fcursefire.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683106&bpp=16&bdt=970&idt=262&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6533177112913&frm=20&pv=2&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eaa212deae425a590bb935d404aad1765c8d471ac661b7af4c169eecfa2537c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
81585
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:04 GMT
expires
Sat, 02 Dec 2023 18:28:04 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0047 		120 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4661e8a5d0b557c19165cb61e30a4b6391691b6625e308a2ccf1bac77e472787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40575
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:04 GMT
expires
Sat, 02 Dec 2023 18:28:04 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 0047 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 18:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 17:23:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 18:28:04 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0047 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
21831
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:24:13 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/13697637372753338124/ Frame 0047 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13697637372753338124/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbb8eef3964f3c2d998a5e14f66df4c65db76fff8af5c057cc7283a8c254f88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 14:02:16 GMT
x-content-type-options
nosniff
age
15948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31451
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 16:31:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Dec 2024 14:02:16 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/6281506118495498245/ Frame 0047 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6281506118495498245/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37ec5143fcf5f50e7aa98282c6d8149c67ad71372b73f65f4357f2664a18bfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:05:04 GMT
x-content-type-options
nosniff
age
1380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2542
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 13:40:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Dec 2024 18:05:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0047 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
21874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:23:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0047 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0047 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0047 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:28:04 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 0047 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:28 GMT
truncated
/ Frame 0047 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e47a89de0e01872fc029d9a4c0ee7f44ef5fa36282f3d135ee417cd1dbfec5f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
511037f1c9fde8450ae5c75a4aebabacba49727ed3cc1d552e4ba8123e79d2f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55848
x-xss-protection
0
server
cafe
etag
17833807519813745175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:28:04 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4D14 		436 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701541684&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541684715&bpp=1&bdt=2578&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8545edd0c817df69%3AT%3D1701541683%3ART%3D1701541683%3AS%3DALNI_MavERCp4CvzPNirz6ZOyRMN6VQ--g&gpic=UID%3D00000ce25c0d5329%3AT%3D1701541683%3ART%3D1701541683%3AS%3DALNI_MaE_6VutnGWKfE0Kv1ia8XzA8fg-g&prev_fmts=0x0%2C1200x280&nras=3&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2769&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&psts=AOrYGslbW1tB02R1r2W3EmOPQrRdqfxZfX0PvzKr0x5SCwfyKNCAwCD-r3YMoZajmsU03SfJECHx5CIpUSZPz6lWayqocqPR&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e483d3827217f7229077646570ba3dbb645e4de6cdeb494769df91cfaf6bc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:05 GMT
expires
Sat, 02 Dec 2023 18:28:05 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0047 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:19:38 GMT
x-content-type-options
nosniff
age
36506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 08:19:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0047 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options
nosniff
age
17455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 13:37:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 0047
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CNsmtM3drZY7WKvGb29gPjcKC6ATru9SscJz7_KmdDNrZHhABIL7tiH9gkYSghYwYoAGumIqiAsgBCakChxZyOYpCsj6oAwHIA8sEqgTJAU_QkCR2L3UAhWtLeod_Nci2GWKxdX2iCiTHCZx...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224960589600735207433%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224960589600735207433%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215153264117929536017%22}&andc=true
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"4960589600735207433","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"15153264117929536017"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 02 Dec 2023 18:28:05 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 02 Dec 2023 18:28:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4960589600735207433","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"15153264117929536017"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 565C 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701541683&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701541683124&bpp=1&bdt=987&idt=271&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6533177112913&frm=20&pv=1&ga_vid=67974594.1701541683&ga_sid=1701541683&ga_hid=77845057&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532600%2C44809315%2C31078297%2C44807764%2C44808148%2C44808285%2C44809072&oid=2&pvsid=807226920267728&tmod=100311060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=274
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:49:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
250699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 20:49:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame A7DF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
52428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 03:54:16 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 03:54:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 18CF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
52428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 03:54:16 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 03:54:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 523F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
52428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 03:54:16 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 03:54:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame A7DF 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:27 GMT
78b00c21e40332afd18050ebd59c6b08.js
www.gstatic.com/mysidia/ Frame A7DF 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4753
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 17:10:38 GMT
css
fonts.googleapis.com/ Frame A7DF 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 17:52:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 18:28:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A7DF 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
21832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:24:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame A7DF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
21875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:23:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A7DF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A7DF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A7DF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:28:05 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame A7DF 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:28 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 18CF 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
21832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:24:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 18CF 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
21875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:23:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 18CF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 18CF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 18CF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:28:05 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 18CF 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:28 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224960589600735207433%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215153264117929536017%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 02 Dec 2023 18:28:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 523F 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 17:23:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 18:28:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 523F 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:24:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
21832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:24:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 523F 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 12:23:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
21875
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 12:23:30 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0261 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:04:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 523F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 523F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
80927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:59:18 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 523F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 18:28:05 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 523F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 07:40:28 GMT
9944863452386463966
tpc.googlesyndication.com/simgad/ Frame A7DF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9944863452386463966?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c719719aa173687ff2e6155c6002a43b98ba664b1f66ba05507e6416cf970883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:46:42 GMT
x-content-type-options
nosniff
age
351683
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3164
x-xss-protection
0
last-modified
Tue, 31 Aug 2021 20:26:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 16:46:42 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8A59 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1423
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:04:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A7DF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e3214ded063fe0587058056fca59ed59d868cffb26c2e5214d3e9ee0c5ef3b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0261
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:05 GMT
expires
Sat, 02 Dec 2023 18:28:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:05 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame A7DF 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:01:51 GMT
x-content-type-options
nosniff
age
249974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:01:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8A59
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:05 GMT
expires
Sat, 02 Dec 2023 18:28:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:05 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame B8B3 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:49:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
250700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 20:49:45 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame A7DF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CEgVKM3drZYGAK5ya29gP3b-jwAjS177AdOOKn5SJEK4CEAEgvu2If2CRhKCFjBigAZmYrdsDyAEBqAMByAPLBKoEwQFP0NsrYX1iLpfBVVN45IEKpHMJFIhonaevmlFQwVw2yvksSM_0DeA...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217371789370550832606%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_windo...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217371789370550832606%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996887577%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225758096691742226529%22}&andc=true
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"17371789370550832606","debug_reporting":true,"destination":"https://driversupport.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996887577"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"5758096691742226529"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 02 Dec 2023 18:28:05 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 02 Dec 2023 18:28:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17371789370550832606","debug_reporting":true,"destination":"https://driversupport.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["996887577"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"5758096691742226529"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 4EDB 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: cursefire.com
URL: https://cursefire.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:49:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
250700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 20:49:45 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 0015 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:49:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
250700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 20:49:45 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d979046c791a3d8330245688dee0eef219efce96d498ec8cb272fbcf171b4c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12345
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217371789370550832606%22,%22debug_reporting%22:true,%22destination%22:%22https://driversupport.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22996887577%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225758096691742226529%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 02 Dec 2023 18:28:05 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 18:28:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E228 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
159096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 22:16:29 GMT
expires
Fri, 29 Nov 2024 22:16:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DFA2 		829 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8c519285edcc196be6590defc9ee53e582b3b061c8b53c7a44cfb6825fcb66dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KL0vP1DJP3St9kAI3knEKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cursefire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KL0vP1DJP3St9kAI3knEKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 18:28:05 GMT
expires
Sat, 02 Dec 2023 18:28:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame DFA2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=807226920267728&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E228 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 17:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 17:33:55 GMT
generate_204
tpc.googlesyndication.com/ Frame E228 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?f30F9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 18:28:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0047 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT-L0rXgpoMmJtkLR2ujFfClxgbxAlr_CATHWSluzqouwVrC5YsLyNJ7PjnR4_d1nPpQVG7WmiFjlZTXrxEQwrcotzjMJ8m0nQ6i4SUeE6gJpLuvOgBYoYs3_8poc4iDCf4r0XRNq5Lvjq&sai=AMfl-YRLcZz3HphEYYCoLzl4YdS3YBXlMXHhEkLqfMdgpQEbYCZePizAsPGvz47h8jFuB3yKiVTmqJ_cL0nhDGQBzOlM_l8fX02NMavwXnO_oAgDgNwbCXrf2H-18qs2YRfaHf9ifcHb7J7C4SSlAoW5116ky-VuQ9IqeSkI&sig=Cg0ArKJSzLB9JJPIISU6EAE&cid=CAQSTwDICaaN0WbSBA-GBCkVEMnN-Z5S1i_ZJ2v1_fwJvFNHXRVfplymXUDkCalDoxMvPWCPEFTESoD9P0v-2WVoSGuXP5NCll6M3zFc3L-x7mgYAQ&id=lidar2&mcvt=1003&p=0,0,280,1200&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701541683399&rpt=1465&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 18:28:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A7DF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_TlA_fxw_3C_98lrvQ7TPAIrbNQyTAKRXnHv4iTb9HE8NMeGDS4DeVlZVwRfZsq-rQfS9X4h3n8bl8DfnFhhnDG65uo551kYqBRHFh06860SEg5dCIpCA-lqaVnTVr-3Rx57SWpcWwWFh&sai=AMfl-YS94hnJrKk5jPc48gyU0vFRrquJSVPpxMjalfCb1E7vTt6dKRpMWXBmjG_WbXaZZ3mpGe0QpeYUg5hf8TcoEu8K_WZDrjYQPVIA_qG_C8SjPhtgQ7PPT-42MdHEjeUYljx8HDJXYcAtZ0DORZ1TRIbB_HeIQ3h1QdyX&sig=Cg0ArKJSzKcsmxSfYzoOEAE&cid=CAQSTwDICaaNsYppfUSEZ8klEaQ_ozmnXeQ-_RNqZIhNYj--Le0HXNL9EGAGTgF0xZiKcHdht6IKnT5mwRGaGkC9BSFCXTnDGtU9Q8amh6FvN98YAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=186,834,1000,1000,1000&tos=186,648,166,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701541684885&rpt=487&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 18:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=807226920267728&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOMqBZjlmnriN73HVFoFSbBBOYYR1SOiioiz2YYSRiAMmcEE-ZlFHseWFEjkkmuyfAgAAAElSAAAAAmgBB5kCwXcjeN_1g1bmhbJ9Zf_Eedwzr6VuHAjLB5kydLA7MD5PiLb_n6scGX9nbcXserIihxeny9kzwfMfeFe5Henuhf_jgqnHiIi04ECE1sAnAEsNnIqMUbWXAqSMdCUQDrN0_ug_Zm4kMP2tvm63ISwauPBWpk69UShTCPFVA8FXFpjxC933RZxIojjJ9ms6poQbG4d3dbrBw_HFRGvPomQ_1DzacSHLnvnNMCV7IGUv81qL4FtbQr2WNu9y7nuMnUj8tYbF8zdkF8J5wn_Tifwc3fmV-OcJT0Xk4MC7O_aM4BDqk4fKidPDe-QYArc_53AKr8A6UJrbUXzxOSIa_wV273pc2Q3WZJtSsBuGW8ryFDtUI64c8V4qttKCY6fvvpPwL4QhENvPVORV1_DMk9iHQuu6pMRkv9rCyRUlR9rYADpLp7vMqDdnjcd8xiGZUd7tzVKWeEPDS9KVsKPbT78T3zszY1DcNEx16VoYDO3Dgz9AFPt9wsWR8Rwa4S--A_Uilm6YpTx1pZdYzI114zYDfortOZI-vwzXdOir57_BcoV_YHqJIrKLrO7_LcKLCrSl2D0jlzeuHzFnUahxXlOcs2-hvQ9PM56j2m9ZFY1qQ9pLykpZUg98-fkQJDBiM-vzK2N-u8lyebLKfqB45fskEqejU4tzBp-Xx7-gSOkJc6du6NkQ5iFxy6Xk0gL7nDYLec5KiNWl3bIqE80JoEEJYf2x2eskq1vcDJHC_0iVOfsl6jDvcDsmCbLkSUInk32qkql0iEBByR-Yx-zHio8yV5igDfj0FfH4SIy91SNiw_eKHBnmF7zp1MQ3AkTjlO6CIB3iFjF_ebWB14KwSRZVYQHFddaBiztOfMm4z41la2RaBOaU-_tpu4Y3vjEp9pl16ykCKtZM6tjMQWEiuX0fbA9tPh5kh7bS1OfpLo3Xw2nTjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cursefire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| dataLayer object| adsbygoogle object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.cursefire.com/ Name: _ga_QC4593XVBQ
Value: GS1.1.1701541682.1.0.1701541682.0.0.0
.cursefire.com/ Name: _ga
Value: GA1.1.67974594.1701541683
.cursefire.com/ Name: __gads
Value: ID=8545edd0c817df69:T=1701541683:RT=1701541683:S=ALNI_MavERCp4CvzPNirz6ZOyRMN6VQ--g
.cursefire.com/ Name: __gpi
Value: UID=00000ce25c0d5329:T=1701541683:RT=1701541683:S=ALNI_MaE_6VutnGWKfE0Kv1ia8XzA8fg-g
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUljlypTQ7YmPNAqmpBapHnmS2YA0kju8YPRkryLsrp6UfZtWjX0dHAIPKu3D-o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfcore-assets.forgecdn.net
cursefire.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gamestracker.org
googleads.g.doubleclick.net
media.forgecdn.net
pagead2.googlesyndication.com
region1.google-analytics.com
static-cdn.jtvnw.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.99.76
142.250.186.162
193.109.247.75
2001:4860:4802:34::36
2600:9000:2090:800:19:f28c:cd92:c761
2600:9000:2491:7e00:8:7bb3:3800:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a06:98c1:3120::3
2a06:98c1:3121::3
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1700ed72a35b3892b94b2730ad7ff8e66ec13d9216796481e724a1dbfb5942f7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1aec3ba9c733f7155a566f4d7228bdcf5338445a750546dd299c7136f453ee28
1d5300e159e21ed205a87de4dca5dad59a57a1e586973d1c2a99d11de448c3a0
25dce8d38ee2cbe95bc0d2875e02e467c649a975e4f85972e1fcc99d3a325839
2762a65e0329caba7531eb12a65de6d413e0a3e03e87374ef461e2622bc5ce59
29ac3bf07bf7f57eeddf0a2a8c7ac1d66ab35fe321f4fbb5593b875f2b685507
2b5cffa6718bbcf133aa66e2cbbea88ef24b6fea5ca4ae6064418d2e74f2edf4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37ec5143fcf5f50e7aa98282c6d8149c67ad71372b73f65f4357f2664a18bfdf
392c6ed9bb119e47e1eeb6b22b059ecfc535a6df50d20b94e00df199280ba51f
3be218f161a122c56a3d5af8d3e1c8e492d1ddddb89dbf37aec90cf507fecba0
410b90f78406172eadb70e51f63bf41c8dd299495aba60255f6e577179793239
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4661e8a5d0b557c19165cb61e30a4b6391691b6625e308a2ccf1bac77e472787
4a7a35a1dca1f6a57694532e4463082ab48ab67b4fe652080d876eb8c787ece5
4e483d3827217f7229077646570ba3dbb645e4de6cdeb494769df91cfaf6bc5f
5063749bfbcd929853e78ec76fc536b643b42249cc0d7b3d731ea995be837997
511037f1c9fde8450ae5c75a4aebabacba49727ed3cc1d552e4ba8123e79d2f3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57645f580d8997d313a9cded230f3076d55afb6cf4dd79b5362f58c0caefd8c5
5d1bdc6e323c09af76f50461ce28fc50c6df293ffe6430a03887aa935af57170
5eaa212deae425a590bb935d404aad1765c8d471ac661b7af4c169eecfa2537c
600c0650ff64ccc4d105bfca5eaec58c7392874335902f3695bfe1db24adc7ea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d95465a6321d5b953fa0a815179823e788e82ac9c6e68c487662c636792eea
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6b250056e3fccc2a48adab188e50386f0bf47c7ff55e85b31c2cce117b733066
6cb924dcc1254c1614f7d283b5a22809579cc3f40db0cfa835ebae2af10849b6
6df21f6294a75539a2c775a601a988f18a9eeca619b011a7fccb82723a010317
6e3214ded063fe0587058056fca59ed59d868cffb26c2e5214d3e9ee0c5ef3b7
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
816a742901c8fb2a71874a59eb53ff5599908e44bad0f98bd3b86e39a2a251a3
8c519285edcc196be6590defc9ee53e582b3b061c8b53c7a44cfb6825fcb66dd
9147758812b93507dd2dcca6a8f56ebff276a9b20126a3b58c5f67f5eb03a693
941a49d62d7367dce1ebf2a39c8dbd31a650e1c03218dd67cc814a2aa0ae961c
9a12ceef77f2713b7782927ae5791a11c998bb4e854ea9007902ddbe9229fb5b
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a501ceccb8673f211db8cabb2654606a18d010b29fb1553073ac82255fe5305f
aa789175fb607cb822a12c9990a337f84fcd316baee807f89493e9ccb20c294a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afea8bea27b2f23840be6af3e96d66db144ae1e263c06af87971901705042e25
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0294d1fc2caf7d87f86fd5cd0a36cd3aa6b577fea37b5200059e1fb25ebc92f
b2a9a37cce99a7c7521c8a157982e1d939ed957824355da26bfb89385c22556b
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
c521befbf60e04839c45d0c85c5d6ce4253d2fce50918b255257f268f1727339
c66bf3390b0c9c383a2d40054e4d48d74d9aaa10c0c11e27d5558affdce0f9aa
c719719aa173687ff2e6155c6002a43b98ba664b1f66ba05507e6416cf970883
cbee825cb095d6aea7572370d7363b2d4bdea83769463519cce7613214de5468
d52163d7ccfc89c6de8f5105f254d99c534cbc4ccf98545f6356f093dc1ffa9a
d88cbcab64ed7cb2e5547a3d05a2750487af484d87c40f94c33847f1bc2f2042
d979046c791a3d8330245688dee0eef219efce96d498ec8cb272fbcf171b4c9b
dbb8eef3964f3c2d998a5e14f66df4c65db76fff8af5c057cc7283a8c254f88b
e1d359051f5e2df2fdb49fc263e41fd2610a67e4121980b7538088bc766b5d71
e3a6f8e1e555cc3ec16c675469570519f9cb5363f895575d930c54b61986ae32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a89de0e01872fc029d9a4c0ee7f44ef5fa36282f3d135ee417cd1dbfec5f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c66a0c75591bef403ac0093395787b96e7833a1290393c34ac370c28c55e23
f2c9bad74f6e53a3f9e61059166dfe66355d0e4a486c30146e4552ece044f7d6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8b0403c60c2820fae79c4e08e8983f7e637793172271f6325f4f6f145b3b005