cute-cursors.com Open in urlscan Pro
2606:4700:e0::ac40:600a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cute-cursors.com/
Effective URL:
https://cute-cursors.com/
Submission: On October 11 via manual (October 11th 2022, 5:00:28 pm UTC) from ID — Scanned from DE

Summary HTTP 145 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 26 domains to perform 145 HTTP transactions. The main IP is 2606:4700:e0::ac40:600a, located in United States and belongs to CLOUDFLARENET, US. The main domain is cute-cursors.com. The Cisco Umbrella rank of the primary domain is 89536.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 6th 2022. Valid for: a year.

This is the only time cute-cursors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 40	2606:4700:e0:... 2606:4700:e0::ac40:600a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:4b::84 2a04:4e42:4b::84	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
19	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3 15	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 2	104.76.200.221 104.76.200.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498	16509 (AMAZON-02) (AMAZON-02)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
145	26

40 2606:4700:e0::ac40:600a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cute-cursors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cp.cute-cursors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:4b::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.76.200.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-221.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	cute-cursors.com 1 redirects cute-cursors.com — Cisco Umbrella Rank: 89536 cp.cute-cursors.com — Cisco Umbrella Rank: 91926	4 MB
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	457 KB
29	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 304 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390	131 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	315 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	1 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703	5 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 915	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 334	3 KB
3	gstatic.com www.gstatic.com	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	139 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3157 log.pinterest.com — Cisco Umbrella Rank: 4428	19 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1482	417 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2488	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1504	793 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5221	914 B
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 41250	635 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2279	296 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 900	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 916	759 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493	459 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2302	351 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	647 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2144	347 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	74 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
145	26

	Domain	Requested by
26	cp.cute-cursors.com	cute-cursors.com
20	pagead2.googlesyndication.com	cute-cursors.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
19	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com cute-cursors.com googleads.g.doubleclick.net
14	cute-cursors.com	1 redirects cute-cursors.com
13	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net cute-cursors.com
9	s0.2mdn.net	cute-cursors.com s0.2mdn.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	cute-cursors.com
2	ssum-sec.casalemedia.com	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	assets.pinterest.com	cute-cursors.com assets.pinterest.com
1	portal.o2online.de
1	ag.innovid.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	log.pinterest.com	cute-cursors.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	cute-cursors.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
145	33

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
www.pinterest.com
chrome.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-06` - `2023-02-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://cute-cursors.com/
Frame ID: 8AB54326911A22F2003854C7AA9754D0
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20190131/zrt_lookup.html
Frame ID: C3A71E168861C657CFEE68564DFE6ED4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&adk=1812271804&adf=3025194257&lmt=1660292196&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcute-cursors.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620819&bpp=4&bdt=238&idt=189&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7945264524576&frm=20&pv=2&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216
Frame ID: DBB979215D0FBFE4FC99E4BA3A1C7A66
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
Frame ID: D8C128C78A85A3012499E916FB7F26E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226
Frame ID: 7616A6B88E8D1C9339EBB8A366B4FCDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226
Frame ID: 81456FEC0715B04A2816A48642BE3CEA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
Frame ID: B487BF7C457641AD5D2182BF4A0E98D7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1A81A5A64CA983CD94DEC41B9A20FDAF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARidx9DOATAB&v=APEucNX0hIJ5efaHHP1__Qd-6Cy0kXTsEWcNkBoABs6-jjV23TYuOyLcq7jNL52DftmgdobfzGdS55MLiJzxU5ppXrAZZHPsMnXsuhOWevwBunRm6EXhP621Un_1tDqfDbkkflOK_foOOkWXddZBhZRDfYRZqHX-PvgnKtAceIU6F5BTxrp0aQo
Frame ID: 6FBF33D626AF21927FFACE58B33AAC59
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AE93690967D533FA952E149BEEDA4248
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C10DBE96C6C57D1D28F587E8C548591A
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DCF541DD5D71B3056803BCC562181216
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 58B76E41810D101DF88D13EB39FE5DE5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FD38EFE43AFA67583537709126B8E02B
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
Frame ID: 7CA3985BD20D16423E7CF81918F4F1BB
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Frame ID: 607259DD458C1D5ACAE88F952D1A6F09
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Frame ID: 5758721EB6CF83551335A6E7D6B550A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 16D6BAC6B471BA7B58F60CD07CD681DF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C30C998F5D57F50FEAADC043ADD9DBC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0F8F67078DB0ABAC1517BD6D6DF8A07
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js
Frame ID: C743453E08A55CCED5C380AA4A9BDF7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cute Cursors — Custom Cursors for Web

Page URL History Show full URLs

http://cute-cursors.com/ HTTP 302
https://cute-cursors.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Page Statistics

145
Requests

92 %
HTTPS

57 %
IPv6

26
Domains

33
Subdomains

26
IPs

5
Countries

4795 kB
Transfer

6981 kB
Size

28
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/CuteCursors

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cute-Cursors-105941778378492

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cutecursors

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/thecutecursors/_created/

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/cute-custom-cursors-for-c/anflghppebdhjipndogapfagemgnlblh
Title: Install to Chrome

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/cute-custom-cursors-for-c/anflghppebdhjipndogapfagemgnlblh/reviews
Title: Rate Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cute-cursors.com/ HTTP 302
https://cute-cursors.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1

Request Chain 91

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0WhJ4w-1BBjWTqD0B49pgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENG2tZR20CZQ0DIJcegfUlA&google_cver=1

Request Chain 93

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4MzYyMDkwNDE5NTcxNjE4Ng%3D%3D

Request Chain 98

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9xvXWEBE4vLyBvTGL2UrBwo_UFtrUnyUQdNGl6R_7B76oo-X3iWH2-ZSWBFjQUeVBvzcTGcuhXGClL4GK6UDFuBVfJ8e4&google_gid=CAESEJEgSgIjLaP_WI6MQQHS-74&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9xvXWEBE4vLyBvTGL2UrBwo_UFtrUnyUQdNGl6R_7B76oo-X3iWH2-ZSWBFjQUeVBvzcTGcuhXGClL4GK6UDFuBVfJ8e4&google_gid=CAESEJEgSgIjLaP_WI6MQQHS-74&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExNzAwMjMwMDA2MjEwODQ1MTU5Nw%3D%3D&google_push=AZmPxg9xvXWEBE4vLyBvTGL2UrBwo_UFtrUnyUQdNGl6R_7B76oo-X3iWH2-ZSWBFjQUeVBvzcTGcuhXGClL4GK6UDFuBVfJ8e4

Request Chain 101

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHhOUrHLpQA7Usqb8vs3PPM&google_cver=1&google_push=AZmPxg-djzpDOFWH3qDn8cIoj8s4XuqowEBJVBDLdAtRirWPMaOlMq2ocGs2KOOEf5-LU_uA_eecLeDd3DHbg6Kw0lLC3QFgg-0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHhOUrHLpQA7Usqb8vs3PPM&google_cver=1&google_push=AZmPxg-djzpDOFWH3qDn8cIoj8s4XuqowEBJVBDLdAtRirWPMaOlMq2ocGs2KOOEf5-LU_uA_eecLeDd3DHbg6Kw0lLC3QFgg-0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-djzpDOFWH3qDn8cIoj8s4XuqowEBJVBDLdAtRirWPMaOlMq2ocGs2KOOEf5-LU_uA_eecLeDd3DHbg6Kw0lLC3QFgg-0

Request Chain 102

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFJAEvkG1YYXhNZkkp5r8Go&google_cver=1&google_push=AZmPxg8Uq6LlIcGiwhpXJTVHaUsjMwjTb8CfjyLopG1OVtUSooyupso3Fz5Xd2VJ5WQJSiZWoV1Kr71mZkBEw1SEep0rOZ2I7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk0RzhKNUctMTctM1BUOA==&google_push=AZmPxg8Uq6LlIcGiwhpXJTVHaUsjMwjTb8CfjyLopG1OVtUSooyupso3Fz5Xd2VJ5WQJSiZWoV1Kr71mZkBEw1SEep0rOZ2I7g

Request Chain 103

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_cver=1&google_push=AZmPxg-U9Car7H8nUewGCL1-ZtROti85KK9lneVD-ApWcUoYdzur_FLWw2WeYayvERTeNf3wKMxvUH0Cc7I0wdar4XIC31TGpQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_push=AZmPxg-U9Car7H8nUewGCL1-ZtROti85KK9lneVD-ApWcUoYdzur_FLWw2WeYayvERTeNf3wKMxvUH0Cc7I0wdar4XIC31TGpQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_hm=Y0WhJ4w_1BBjWTqD0B49pgAABFgAAAAB&google_nid=index&google_push=AZmPxg-U9Car7H8nUewGCL1-ZtROti85KK9lneVD-ApWcUoYdzur_FLWw2WeYayvERTeNf3wKMxvUH0Cc7I0wdar4XIC31TGpQ

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAKgNGJdxF4IjM7u8Viaw4&google_cver=1&google_push=AZmPxg8w-cEycdPLP4MlvTOY9uue8X1oEkqhlc5qt1lx1GUUKbbjp25iB1xTRxQ0IizvEQt5UFqK9aLzpJa6SQMbxx1369THQ5NJ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8w-cEycdPLP4MlvTOY9uue8X1oEkqhlc5qt1lx1GUUKbbjp25iB1xTRxQ0IizvEQt5UFqK9aLzpJa6SQMbxx1369THQ5NJ&google_hm=yGnUgvRm1_GCkgoVBuMODg

Request Chain 116

https://d.agkn.com/pixel/2175/?google_gid=CAESEEeIalkn32LLht5Yefv5or0&google_cver=1&google_push=AZmPxg9EVrHCZmL0pPQm2_XwYCWw3temFYEedfqmH4NRS6cvFwu8Z9E_HWCDzwyT9JUJlAsAvq5vjqiUTVb8xDt8AfKf20GtrQwr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9EVrHCZmL0pPQm2_XwYCWw3temFYEedfqmH4NRS6cvFwu8Z9E_HWCDzwyT9JUJlAsAvq5vjqiUTVb8xDt8AfKf20GtrQwr&google_hm=Q0FFU0VFZUlhbGtuMzJMTGh0NVllZnY1b3Iw

Request Chain 119

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELPrQjgArii8lFe8oSG8L2o&google_cver=1&google_push=AZmPxg80ZJ6TqpQklvijJgqV4FhDvTAi9GBQ1TBIL1IjY1B-_-ubCn_cd2U-fsTcsOL2Ko2q2ysi1m8UTfE9bvhju7umiY9PwcPB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg80ZJ6TqpQklvijJgqV4FhDvTAi9GBQ1TBIL1IjY1B-_-ubCn_cd2U-fsTcsOL2Ko2q2ysi1m8UTfE9bvhju7umiY9PwcPB

145 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cute-cursors.com/
Redirect Chain

http://cute-cursors.com/
https://cute-cursors.com/

1 KB
1 KB

418ms
397ms

Document
text/html

2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cute-cursors.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5f5e1e0b9bee9e7353775e88362845d68c7d92d61d3cd1b930265178b56ea4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 758926c0d93d9b74-FRA
content-encoding: br
content-type: text/html
date: Tue, 11 Oct 2022 17:00:20 GMT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mElQ8F8eDkAVyC8OQwzz%2B5LXjp%2B1jZgI80xrwtgTIuJEiDIdHK0QFlDe4Ci2Ov3dwQ%2FSUAbMvN92W2Nv18KQOu9jeMA%2BrcSEyiTqDJZ1%2BwAhPLdyD3pJsqejow6I36M%2Fa1vU%2BupTPQdM2gIbIsdZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 758926bfccfa915c-FRA
Connection: keep-alive
Content-Type: text/html
Date: Tue, 11 Oct 2022 17:00:19 GMT
Location: https://cute-cursors.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CwaFaIYeHEHFzbTbYhLDNflA6244MgIGoXI%2BvarsBnlI46MbXSXjjssn2mn3q%2Fycc5NkQ7vo9nb6MA79ngNCiL9d3aIVdVEX%2FfnllQ%2BPU578KobNDoZJef9TTbmQg5Aw7MV6K3JrPxk0WboZt7%2F"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
54 KB 75ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc066472d798e6421cb1d5e7ddd8f0c91b69df5e00e607cc90648eee15225be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54598
x-xss-protection: 0
server: cafe
etag: 13410177085556703742
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 17:00:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 50ms
26ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YC965SWLMN

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6dd0b1a7a349d51b89e959109ff9674b348298e094353b21f9b08066f1d44ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 11 Oct 2022 17:00:20 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 649ms
21ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
content-length: 203

GET
H2 200 index.cd5bff7e6e870f6ffab2.js Show response
cute-cursors.com/js/ 481 KB
116 KB 45ms
44ms Script
application/javascript 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cute-cursors.com/js/index.cd5bff7e6e870f6ffab2.js
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8179ef012396214167e0aa1fc7792e2aa13d24b6d7aa6308cf6f403dc02ddf3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5610
etag: W/"62f60c64-782be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiG%2BhftKAz8NNn6jf9YsdlCWV6WU71mbjZhSY9CY9RcpwzPhJdRALEV1JeTvjZ1NWaKO%2FfPEQsHdagujaNfF4AO2ZYnL0JG%2B7KL1aJAuhwFAC8Wl0gTUQSDQg3DEBzahu9AcGmpi7CXJuYTl%2FOQh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 758926c4aaaa9b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Main.2ade4ceef303e5d53873.js Show response
cute-cursors.com/js/ 42 KB
10 KB 24ms
23ms Script
application/javascript 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cute-cursors.com/js/Main.2ade4ceef303e5d53873.js
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/js/index.cd5bff7e6e870f6ffab2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb9e6ee4b2f37e47c1ccb6b484accf52a469349a2859ff482da9a31adac58e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4313
etag: W/"62f60c64-a71b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzbmBvH0uN%2FHaIBQhoyx76bl%2BKq%2Bj5%2B2nZqKknt4C8%2FzaJC08BejE0Awe45E0KVv5k0dAbiP%2FqF6gVkqFmTkeBy10YhnrL4whGKg7RpXkbXZW1ijmkfMGDVJV632c0KzbgTZ1IKI7QV4BiYFKM2M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 758926c56c53b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Inter-Black.e0435a1.woff2
cute-cursors.com/assets/fonts/ 103 KB
104 KB 20ms
19ms Font
font/woff2 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cute-cursors.com/assets/fonts/Inter-Black.e0435a1.woff2
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec0ae4bb52981a6ca92d58df2a6c7d9cc64f08ffbad2e1dbc3740e8a8a026f7

Request headers

Referer: https://cute-cursors.com/
Origin: https://cute-cursors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4322
etag: "62f60c64-19dc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bjg4CPr5UZOIOCvL1JbBajxyXtkXK%2FSqU%2F5EaepGQMwwmmMhlXXmaU3mKoZQv3wyEjnAnVIxgyfssLaNBsbrH5KlE5KaXZcs8oB498PG461%2BpO8RcYsW4lI4j7dmzmOqfgXaCXmDZ%2FzkE%2FGHrgr9"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926c5cca3b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105920

GET
H3 200 Inter-SemiBold.696df71.woff2
cute-cursors.com/assets/fonts/ 104 KB
104 KB 33ms
32ms Font
font/woff2 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cute-cursors.com/assets/fonts/Inter-SemiBold.696df71.woff2
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d609457ea2e93be9e7b5dd8e9a9a156d2e80144bcd94cf0adf05c553da053b

Request headers

Referer: https://cute-cursors.com/
Origin: https://cute-cursors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4322
etag: "62f60c64-19eb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbfESX8RiIoGkEralAor99BNn01dYdAW9kgyZ0kBpzZ8%2BZddwGsQjnGEs8Cu1lLGD1qHWgk%2Bce3U1Wv5lWU1PN%2Fi%2B6xOU1Xx%2FuP2VQWVESps6VwyUVK0rEpky9kCzkMdT%2F9DPylDXzAzP9tNEVsv"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926c5cca5b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106168

GET
H3 200 Inter-Regular.24a88db.woff2
cute-cursors.com/assets/fonts/ 98 KB
98 KB 78ms
78ms Font
font/woff2 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cute-cursors.com/assets/fonts/Inter-Regular.24a88db.woff2
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 413a527c0ed1833fea654b2bb065bda9ebe46bc1f585cf2d481f8a79dbc51610

Request headers

Referer: https://cute-cursors.com/
Origin: https://cute-cursors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4322
etag: "62f60c64-18618"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAzcPJUcsKSKUJR0y43StLY9OihbuGUyjYH%2FPp1H7kBL32ZVCt%2Foh41rdW87YcMAkRH0At4X%2B8iSDHNm9fYDFXGoklNkvzj%2BPXr4cbknSteOfUBCpr8AONTiA1LfoGJWEsbLXirxrDsR1DzE4yIM"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926c5ccaab3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 99864

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 234ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YC965SWLMN&gtm=2oeaa0&_p=1025284383&cid=191953320.1665507621&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665507620&sct=1&seg=0&dl=https%3A%2F%2Fcute-cursors.com%2F&dt=Cute%20Cursors%20%E2%80%94%20Custom%20Cursors%20for%20Web&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YC965SWLMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cute-cursors.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/ 352 KB
116 KB 72ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271281345046833&plah=cute-cursors.com&bust=31070152

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acc85bf7e29af0589695c882741ec2488ce5f337e7fd779b46b56136983560e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118402
x-xss-protection: 0
server: cafe
etag: 9798289211143142736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 17:00:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221005/r20190131/ Frame C3A7 10 KB
5 KB 44ms
17ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221005/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 05:25:18 GMT
etag: 9671129459699598864
expires: Tue, 25 Oct 2022 05:25:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Inter-Medium.eea97de.woff2
cute-cursors.com/assets/fonts/ 104 KB
104 KB 21ms
21ms Font
font/woff2 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cute-cursors.com/assets/fonts/Inter-Medium.eea97de.woff2
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e2531976fa618cede5863027366e4011760b0610d7136a8f7d7ed149c26348

Request headers

Referer: https://cute-cursors.com/
Origin: https://cute-cursors.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4321
etag: "62f60c64-19e7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRnRRDTvf4WYtb8x5MqCW8RHk1%2BPSrBZHLs%2Fdfg3Z5rnbd0X7ZHnW61vOGYmWJlfrpDa79z%2Br%2Ff9P%2BqTje%2FFeVZfHXSg2%2FHJ0Okkbepzs6VCtVUKuo9KqxXUSEd00H%2F5sU8a8DYWtR0jESGvpEOB"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926c68d53b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106108

GET
H3 200 pattern.png
cute-cursors.com/assets/static/images/ 274 KB
275 KB 28ms
28ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cute-cursors.com/assets/static/images/pattern.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b5acae3662de92344c51c3ef86b44b0512076e3c506b04cf27308b35be07456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4312
etag: "62f60c64-44890"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5IKD7sF5FMRho1PnabtPQQtPecHELQHUNXHYOAmzjLW9Rsy41A6kq24RC3Mcxl8sAOQLHsB1Lv1der32VHtLpKyEPAuuzOY5YwdGblr8gq7idiae%2FKBVbBzGw25S1g2fVv22hxYRm86dHqo%2B16a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926c69d54b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 280720

GET
H2 200 mainpage Show response
cp.cute-cursors.com/api/ 62 KB
16 KB 766ms
628ms XHR
application/json 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.cute-cursors.com/api/mainpage
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/js/index.cd5bff7e6e870f6ffab2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: e506bfe9b83b019ffdb4f52e5e2c0906ff78814d8694ad916badbaeb28bea385

Request headers

Accept: application/json, text/plain, */*
Referer: https://cute-cursors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99H6seQKf4tYbcYcGDHOXtUBZFWTgZteJwUhizeEXO7VWZkWibAy6w12yLKP4QsG0dA1tacMhqRSxPu%2Fg9k8qe5VICtHTsQvNCbtR%2Bqftfhqy8lNAQtNNUrr%2FRAX37wUM1FXjB1VgjH1%2FNHLN4Ur3YPi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 758926c76a8a9201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 backgrounds Show response
cp.cute-cursors.com/api/ 10 KB
3 KB 436ms
299ms XHR
application/json 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cp.cute-cursors.com/api/backgrounds?limit=15
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/js/index.cd5bff7e6e870f6ffab2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: d3b0f175d4a587eb81e28e752a5798c2907018ff30dcda5b7add2f8d3324e778

Request headers

Accept: application/json, text/plain, */*
Referer: https://cute-cursors.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMRpx4BKOOzEoRnKDcgA22agDzGx8oKsF84arc1RzKOKFvA2d6AyPEylW9f7TJtHYTDC33AAeKH3l3ufILkGLYVyov%2BmbPyfKsNGaivmJnNgfql39jB2c9yuQUNiBwNJZdQ%2BJQmx2YOGjseY2hCBumGi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 758926c76a949201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 QKQ5ks5XLm6OKVHbiSyp4wEhvzdq5pOMwBWuNhFv.svg
cute-cursors.com/assets/static/images/ 9 KB
4 KB 25ms
24ms Image
image/svg+xml 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cute-cursors.com/assets/static/images/QKQ5ks5XLm6OKVHbiSyp4wEhvzdq5pOMwBWuNhFv.svg
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4967ed9798c9f6d15834ab33d11641f221a0cb34ad8b6a36a2fab2c081cdaf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4353
etag: W/"62f60c64-2546"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHhve9aqOpCcv5cMLIglD1o4aYWP84%2FpBOjEHchIe8Urd6Hp5LL32Jyj8o8OEYIb%2B35wsBurGiC6%2Fpg1WkN7eQXpYKbV44Yeqd8iWtbXbo0W%2BhXvhD1qsAVHkqfdOCugXLQZROcEOogNB50r07%2BA"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 758926c72ddcb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 FRIlXu3DpgeoL0KJxEGBjytVPElBxxIwMNJ0xFJQ.svg
cute-cursors.com/assets/static/images/ 8 KB
4 KB 21ms
20ms Image
image/svg+xml 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cute-cursors.com/assets/static/images/FRIlXu3DpgeoL0KJxEGBjytVPElBxxIwMNJ0xFJQ.svg
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b9435cdd9aa60521ee0df49e3edaafbde815f5e3dd275e8abe32253d6fd06a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4353
etag: W/"62f60c64-204d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XotfF4e%2FO%2BQ%2F2QZGshYPj2vYUoZ7yzUuvaq6QS9VH%2FhG2hk0%2F%2BFHTghT5eXLwlFlhjHTyxupBZj8ahZryeL2cgRjOf7igStlZxfD59yUK%2Fsa3HqOkq0KoeT18Y0T3U543F%2BmfxU17X8DCA4KUfAF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 758926c72dddb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fb.svg
cute-cursors.com/assets/static/images/ 773 B
916 B 26ms
25ms Image
image/svg+xml 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cute-cursors.com/assets/static/images/fb.svg
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c738652d1ee5a8104df1e777569ddcff45423645fb9d487139715a5c07c4aa03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4353
etag: W/"62f60c64-305"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaVs7XjR15EVfbFvLgcEapbbKaq68c7OvlR9zL7X0FmY76tWpleCJvTp7veH4p7%2F%2FtA24fVNjFh%2F6UbRRMlvlvVJD%2BmGX%2Fg7X6TD02vSFp%2BTQPeyVkmMYgjJItk2Lx1hI8Lz7ejP9oWFQ7OtOyaM"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 758926c72ddfb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 twitter.svg
cute-cursors.com/assets/static/images/ 1 KB
1 KB 23ms
23ms Image
image/svg+xml 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cute-cursors.com/assets/static/images/twitter.svg
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cba836d82455ab8544deed75fc6b32b3e3c141e41cf61416208ec9936426f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4353
etag: W/"62f60c64-407"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpQD8FZiSdZB8vkkTK2mXena3NA8khCVxjaZF4oXtd22sxmt1ngiFzEuz1aJSjfWUOFXZrpeEbsxk0nVVj5WhkXmyrWgef2glHng6oZsE4NKTHU0ykGmMzkLzitHwFKgxleb0YF%2BrlguOLPn9Fkk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 758926c72de2b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sharing_popup_bg.png
cute-cursors.com/assets/static/images/ 277 KB
277 KB 22ms
22ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cute-cursors.com/assets/static/images/sharing_popup_bg.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2b7d296b0482c746ec6cfa855937dd605bb37e6ecf0a498dffa58ea043714f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Aug 2022 08:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4353
etag: "62f60c64-45226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=067UyeaX1kO2LCJYDPbS5QFPaZuCrUVY3J5nuyNwMOk5SP%2BN7Gp92EwlyY5rFUlojdUgKlmqKHSII%2F6W%2FYcVc5e4xXZFxlxYeRuLU%2BtDQcexcJEUUIySbrAea9RixiA723bo75YQYD1X5KPueOHe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926c73df0b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 283174

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
647 B 208ms
181ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cute-cursors.com&callback=_gfp_s_&client=ca-pub-8271281345046833

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8271281345046833&plah=cute-cursors.com&bust=31070152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31b30dddf75ae8eafd3e1a505311a0fa9c5054ed6e6a985c04c4f48a26ca718e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 43ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cute-cursors.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cute-cursors.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcute-cursors.com%2F&tn=DIV&cls=app-share-main-modal%20t-modal&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcute-cursors.com%2F&tn=DIV&cls=app-share-main-modal%20t-modal&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBB9 150 KB
42 KB 421ms
410ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&adk=1812271804&adf=3025194257&lmt=1660292196&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcute-cursors.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620819&bpp=4&bdt=238&idt=189&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7945264524576&frm=20&pv=2&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=216

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a2ac81aac2b0dfc93e4db5a5460e8fe1b66b3355e0bae2bb5340c746e155592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:21 GMT
expires: Tue, 11 Oct 2022 17:00:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D8C1 0
0 730ms
705ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29677
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:21 GMT
expires: Tue, 11 Oct 2022 17:00:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7616 0
0 650ms
648ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:21 GMT
expires: Tue, 11 Oct 2022 17:00:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 21ms
21ms Script
application/javascript 2a04:4e42:4b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.21703843691594527
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:21 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
content-length: 18679

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8145 83 KB
32 KB 598ms
597ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/js/index.cd5bff7e6e870f6ffab2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

786f8a52ff34ec230429c0fce6bb0c961b1d6c2f487c1950a150541a3beb11b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32943
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:22 GMT
expires: Tue, 11 Oct 2022 17:00:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B487 18 KB
10 KB 583ms
575ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/js/index.cd5bff7e6e870f6ffab2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82bfecb39a5036df0238ead667a4339cd241444d1a0533d29ebe68024d1c67b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9723
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:22 GMT
expires: Tue, 11 Oct 2022 17:00:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gXTi6YiAoNaVw4Gq7OIAfF0pQk02LBYbWbVyIkK9.png
cp.cute-cursors.com/uploads/collections/55/ 64 KB
64 KB 108ms
107ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/collections/55/gXTi6YiAoNaVw4Gq7OIAfF0pQk02LBYbWbVyIkK9.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb5b11f72b50389188f1ae310572a18b1c31492ce7dfbca88298ede64ec556f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 11:59:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "6335889b-fffb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmLwNhuVtyxAfYqpmJsrQK%2B7UkQahRJU%2BhIFiQdRrq0H1sCJ9eY9FfZAT1GvnjJ3Q4W9GzEkTsh8yqCu3yq4gUt8JOzz8tnT51aWr6In102jY15bviad1xDi%2Bk2axSmblF7DWlMbnZs08qLizG2cfDKI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d21b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65531

GET
H3 200 19MmJoZnTTVuBoQbj0ldTTiGEggrar9wA7JCipEH.png
cp.cute-cursors.com/uploads/collections/54/ 54 KB
55 KB 114ms
112ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/collections/54/19MmJoZnTTVuBoQbj0ldTTiGEggrar9wA7JCipEH.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77375e0cf2f8f34b815c8ff8ee55307d08c63419cb0305b90752b46f38611a6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 12:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "62fcdea7-d8eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh%2BJYaG5I5H2md6UqsKtq5Kc7MfdEH2aRmaZYdgpBaMsaf4d%2BxghuRNnNpYvmizAGlVIEyrj1%2Bl2XiYBb9NPGmVg%2FLOSX8ARYrne%2Fm7w7RzZGK01NEGI0k%2Bk7G%2BAOa8YCkcj%2FpbxB9Xjf4rcjYy6%2BCsd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d2ab3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55531

GET
H3 200 94QD64U1po5qMCh4UFNIRN6QPeJB81BwbyXoAHnD.png
cp.cute-cursors.com/uploads/collections/53/ 54 KB
54 KB 31ms
29ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/collections/53/94QD64U1po5qMCh4UFNIRN6QPeJB81BwbyXoAHnD.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c354b33eda0ea1f5e5603d502e95c9262e213364c970039d584811a5acfe20e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Aug 2022 11:30:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "62f396c6-d665"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3%2BfJ26%2B3yb6C6KiIA4MlSHkEramH%2F8prUny7hJkGsLGuEk5SiJ%2F6ElEk5HQGkdJkq%2Bvh%2BZUxpTebNx7zZD9ufF%2FvIf43SF9qG00ERmShECkz6aVQdc3mHExno4NeFw1OPYW3K8gpU3ZKnl7wHb9u0MS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d33b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54885

GET
H3 200 P35AJv5E0TMqcIWIlCifEJo8OjdzIFMY7t88OQDh.png
cp.cute-cursors.com/uploads/collections/52/ 55 KB
56 KB 33ms
31ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/collections/52/P35AJv5E0TMqcIWIlCifEJo8OjdzIFMY7t88OQDh.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35039731bf962b59c3ac3c8092db0f85b8e248deb834fe6b225ea344fed32bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Mon, 04 Jul 2022 12:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "62c2da49-dcf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rbk7uzxs5byCZ0c28AMJhv1ESivsu4Oe4AGCLe4tamNfywb2p68H8Pe%2FKXuF%2BMMXUS8lNXCqxK%2B8b8qL8RU7NzyUf224hRaoCZGMDjNfuhFtNX789%2BvOjfUhp%2FlZhBU6JqD3pZvZ3g7K2QmZqvAI%2FaT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d37b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56561

GET
H3 200 gJIMosUEvVGMAQtcEcMltA3xQtq9ZEpUt4qZDHyU.png
cp.cute-cursors.com/uploads/collections/51/ 54 KB
54 KB 36ms
34ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/collections/51/gJIMosUEvVGMAQtcEcMltA3xQtq9ZEpUt4qZDHyU.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a79dc0d87d00e35b5f8fcaf20c493a65996d0541865129771c68f98c4588fb64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Mon, 20 Jun 2022 11:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "62b054a0-d77a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdzgTur3Vj%2FnZ9jN0zoK0vRu4A6LfjY3pbK85thzJq8C%2BwKd0qn396jwOqZy%2BzYixdbqky6zFklaTbuve226USTXy2sfNglvUXACxitg66FC8vW8N5UFL7wVlW0Tg9ctest7KnGr1sCIg4neYbfK8gR9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d3db3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55162

GET
H3 200 1144-cover.png
cp.cute-cursors.com/uploads/cursors/1144/ 76 KB
77 KB 39ms
37ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1144/1144-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46935e14018119997b046d0f832da7af46491705b430051c992296c467376e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 11:59:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "63455a98-13193"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neC6Z3elF%2FCCst0M%2FOTpGJjnfvtr%2Fttpj3n3ntHif5a7dgxjw9dRprjMrobldOWi6WuUCzZrDhpQJTeGeUPgzK44JPXf4n38oS2S6fSu35fRmgxoo6xbCDmcSvNnKhLIMR7vpFOfgu2AjWFd7tGUXRp9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d40b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78227

GET
H3 200 1143-cover.png
cp.cute-cursors.com/uploads/cursors/1143/ 83 KB
83 KB 85ms
83ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1143/1143-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3848f1abe7503ab4a85d11e4c2865d0a0d127d9ac8083a208d04a293b5bf8ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 11:56:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "63455a09-14a2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9O9CsyIhR7mKH6EVC6Ontv3Xtj3Z8KtWJpBYSlg3MYK3CJtoJQnWtarV2mFrvvTZMgapbiTqgTb4UfyWLOUimSaPzDUdofiePKEtKC7Is8c4ubXn8dsXC3iBDyCzpOvp0oVKWRagFQDlDEgAky1Ypbd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d46b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84525

GET
H3 200 1142-cover.png
cp.cute-cursors.com/uploads/cursors/1142/ 62 KB
63 KB 116ms
114ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1142/1142-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0d7164fe7c63be002022e0fedb2683e4dc4f36c4732966a0785a874b80bb03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 11:53:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "6345592d-f848"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1lb0H4jWer091It%2BTNxb6v0H8ehPi1QKe57oTKhH2ZobaCnnN8c%2FQgHYWmy7CmQW%2BiT%2FDEZeMoUY12VrBLN7j7NWoAtTXa7gs3vFwBvQYyMx2ow8bBgxXhY2F%2B%2F%2BwNzIL20%2B3Nr2Q0n%2BWa8sD38xN2Y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d48b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63560

GET
H3 200 1141-cover.png
cp.cute-cursors.com/uploads/cursors/1141/ 7 KB
7 KB 122ms
120ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1141/1141-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70da84d27c8b28812c7392027d66b5536a3e9629395323195715b21ced983098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Oct 2022 11:51:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "634558a4-1c0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr4qgRc2%2F%2FKQHqjghBkHobsCdrPj3WSxebbo%2FuDgEzjbBylktSSRZO2uGvJxMrpWpaR957%2Bo7kFekvMNV1aEZTxSIeS2RQArOyKma8Ju9aylzFCckcjzdExay1hkR3BMNwFXAEpi2Bgp85717U8vIxyn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d4ab3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7181

GET
H3 200 1140-cover.png
cp.cute-cursors.com/uploads/cursors/1140/ 82 KB
83 KB 122ms
120ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1140/1140-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc8be29810b5c27048d6e7a45fbf8ee51a29a0abb81144fc2bb3138fd4b19e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 12:48:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "633ece87-14967"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BU7reYUR7FvmbQZxJXkcCti8BVBw%2F9um1ZnOl5KiokaPVVPk6UEmtFOQUDIX%2B5Zcs41BH90kTrINTXGIzH9Zy2VlosbqY6%2BblMhDlvGekFkPm65AXRpJcY3kLS5Je7eW%2BjmzxvxdCxiFK9nK5ZwaY1hP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d4bb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84327

GET
H3 200 1139-cover.png
cp.cute-cursors.com/uploads/cursors/1139/ 84 KB
85 KB 124ms
123ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1139/1139-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e93c98df389a720a76c518f4d557ec28c286590d6855da92eddb1aee2ac424df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 12:37:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "633ecbfe-1501e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrgXHpooB0h6WRktK9NFVAf3MpNdPFi%2B2FncmZ6Hr2D2yhckDac70A075zJlAJfpl%2FRY%2FgffRd1QyIN7RPB8Yunkp%2Fh%2BHXhdeWePIW7jUvH5GmWdsC1ZaJMq40u2q8jyW7U5HDIf%2BBBAj66Er2%2BRUx8I"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d4db3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86046

GET
H3 200 1138-cover.png
cp.cute-cursors.com/uploads/cursors/1138/ 31 KB
31 KB 129ms
128ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1138/1138-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52f45159c82afafb31f2e9c28c9627e3988c515584751a64111334f9b9c2142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 12:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "633ecb81-7a9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88zKAB2F2Cl5bOP0FZqelrvza41zs%2FulDZsIz8xmdzQ1%2BszD9NFMuMhEYzJH6TC4qN1jY3kV677%2FLPPS6d%2B%2F1gTsRFozMggiHeZ3P%2F1FMMaKJs0TZNjXXNSuxxVr8SyBd0hyxMGFfI9ow6uqsJCk5noJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d4eb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31391

GET
H3 200 1137-cover.png
cp.cute-cursors.com/uploads/cursors/1137/ 41 KB
42 KB 134ms
133ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/1137/1137-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf7cdf4ea0bef5e790ccf5601d96868de19a71a54c9fa53e267a3f598fa32eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 12:33:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "633ecb14-a467"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HizAnJq9TLturr1DaqWo20XAqvebPfLjwuRCHcljqhUnzD43Hq9w%2Fmh532r0%2F8m%2Bjbw%2BxuPe7t3o5rKLSRAGd%2FDRrvbevnfPAxMcfMoECHKN%2BMogDIbJZkiMhxZXz1uvm9FU2PkDwwHFzVOXIM1djhDf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d4fb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42087

GET
H3 200 o0170AjlNp22lk5C3jEKYfRd3d8JiFaMtAlPpuhU.png
cp.cute-cursors.com/uploads/backgrounds/28/ 506 KB
506 KB 43ms
43ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/backgrounds/28/o0170AjlNp22lk5C3jEKYfRd3d8JiFaMtAlPpuhU.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 963b5b650b6044da4123627d2e90db7c844af774aa16b74de5cebb52666da218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 12:52:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "633ecf76-7e706"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBEJKL60kChmGezcJOecTwrWkxUY2v8lOyNxtf0gaWT0CZuKGSMZCdtz8q%2Fyh6oJONE8gZiaFtYf1tX8XU850T1EFrRVIg0mUFHYQUkUacFWXoXiz010N%2BpKYuSg%2FFq3hgCYVNkmm2lgKw68KXZOk2p%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d50b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 517894

GET
H3 200 Nroa5eL1wktecTOwfNRCDNLCOwadfkHSl9MgyYtO.png
cp.cute-cursors.com/uploads/backgrounds/27/ 718 KB
719 KB 146ms
146ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/backgrounds/27/Nroa5eL1wktecTOwfNRCDNLCOwadfkHSl9MgyYtO.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72241cf63d29c5a29e7689ceb8d2fc43e1867ad7270534058311f632a0914199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 12:01:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "632c4e95-b38f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwrmRnu%2BRZf0WRZWL19oix%2FAx0A7DfzrbzUS1R3XYSyTjZ4Y4oLHLsLvsAZm9T59crfodtAs%2BKROY41rkebfdo4SufeVNUCpaqDyVVSwNfjwN6l4gMzTGai8ZaqqPjgH50DlfQ%2FY0Kuf8dmi7n88oCno"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d52b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 735477

GET
H3 200 aMnFZECCo8nERmXhPEHqsOfQlBdiBJojzil5ztsk.png
cp.cute-cursors.com/uploads/backgrounds/26/ 152 KB
153 KB 204ms
203ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/backgrounds/26/aMnFZECCo8nERmXhPEHqsOfQlBdiBJojzil5ztsk.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a611ec5e8310f9c449ff3a165ea4eae88d24f76c3034a0a5318f65b0f3665d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 11:54:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "63231270-260dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scalsGDeDzRnTfZaIEnzIgkaoQA5qkzw2fsWTIpnkFbE68Pf%2FUHbGbiSyD%2F2JkfQyPe1tZBDkfWbjfjS9UfvF8b878e5TkLO9RIjWkHKa8Zqqafzh19CtVfS%2Fhvb%2BX4yjG33CqpD0%2Fq45FBmakBkv2yK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d53b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 155868

GET
H3 200 194-cover.png
cp.cute-cursors.com/uploads/cursors/194/ 40 KB
41 KB 214ms
213ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/194/194-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e74f7d3edfdc50577c3816c6524eb9136c8c627ab0fbaa0663bcb4df90da38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f1d-a13f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NpHuXUE2T8NL60Ta363OmIzgE0XUJiMqJCcoW4ZpMowky4MXWCgQRkI5%2BZv3IL%2B7HiJcnfSDjFrzYHa089Qw1cmrm830D5dgb9qE%2FS%2FdGgC4LtpHYHwLggM2m%2F5eLQ53%2FytCuT2y0%2BUCDLZq1QSu6dH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d54b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41279

GET
H3 200 190-cover.png
cp.cute-cursors.com/uploads/cursors/190/ 34 KB
35 KB 214ms
214ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/190/190-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad3555dee6a2d9851de0ce952798fcff0a0a7bf518c7f679f3f172720deeed4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f1d-8943"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcNyK9MQF7QfUtm33BROKbNlKrTtuGtl7k4wIxyh4tLJXlQF0tRZOSGUiNjrR3TSck8tUSZNmoEfnHdNeChpHlB%2FsyyohtOOBF2kFc6ZKn0cYq8lJF1D8gtUHg4t7bZWxgAfIql1wUwUEQjVrvo7BrhJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d58b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35139

GET
H3 200 234-cover.png
cp.cute-cursors.com/uploads/cursors/234/ 58 KB
58 KB 222ms
221ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/234/234-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5f277bc52112f73953bc80f909624b894efea5f9a33c6ce68cb2969442ee0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f20-e690"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPTto3iQF3ifbHZxtJaQZAklLaZLC20IVpnlBDe4Njv2RIb29afDyIny6yqVYxqsDAGkWZwge%2Bgmzu0LLO0ynHVyAcKV%2BhxF71Szchojnq88wWJMSeIOpXE1IESuqFlfmPuZsRvsqLlEM56xLAhNUykv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d5ab3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59024

GET
H3 200 178-cover.png
cp.cute-cursors.com/uploads/cursors/178/ 32 KB
33 KB 223ms
223ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/178/178-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b307e082bedcbf969055d06494ae7252f908c24ff2daddf9a0d658b321a38e93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f1c-8062"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNem%2F1uFGE%2FrULVPRfKUKyvXh3Y5VnrdRXqVcGGTdbyGV3tI%2BiwGFkpRMXoZswGafn3k9RqAqkqaD78zsD6i270vzs5ZxWpP2qPrn9uPC5jxHnVtammDsgbo4xA2fr9nVZxwbHZewbk7BdCdSMLZmJiW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d5cb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32866

GET
H3 200 233-cover.png
cp.cute-cursors.com/uploads/cursors/233/ 50 KB
50 KB 225ms
224ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/233/233-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf5c68e3b12f366e7d986e68764c200917d0ec91eb87f8348e9a25e74254524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f20-c705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7nLYmFVswiO%2Bm9OyZuukueao845IP6ccAKGwk%2FBOnGNtsEctmO%2BWWvt2wKsQi2sTdUUwjIBe00VpzPurW8nTT8nWg3cBhhxea9FjQdwuLhiUSMIjtSnypfMTjmdxorGH02r58Mg7ANT78CoF0G4kGt7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d5eb3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50949

GET
H3 200 195-cover.png
cp.cute-cursors.com/uploads/cursors/195/ 43 KB
43 KB 226ms
226ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/195/195-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e34866cf6600ef156087d77e6de893f8ded4d900171d62aa71e7d53896ffdd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f1d-abbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VopW%2BCm3uHkNq60mm1qrjjdg1chdKXhJah9OyGptsVUeZQNF%2BuJLejqLEaRqMCD6fYl2IVm%2FJEG8443CL1KIVBW2jCmNAxzyjJsPQWjE8ebinDzsayCwTgQgVpBmdnmU1d6i4G%2BhVn55uj8ga2Dfa5W9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d61b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43965

GET
H3 200 246-cover.png
cp.cute-cursors.com/uploads/cursors/246/ 79 KB
80 KB 232ms
231ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/246/246-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28dbb765ee047b45e7699700c5cc3c6d13a4f856c6fbb06423673a49136b3b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f20-13d2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OP4UvGbc2DFbBJw3TU9E4efdbOg89Gin61d9ojyPXpIIaAcS%2BkNhTLlkTBdo7jAGxVHlW6b%2BqCE2HLmIQXc1J5qJW0r0x%2FmPhVc3c9C90sSIpwCa1RCiROk%2FxcOrKIGVVMhTdAGr2z3FFz%2FNSqQSFLpI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d63b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81197

GET
H3 200 198-cover.png
cp.cute-cursors.com/uploads/cursors/198/ 47 KB
48 KB 235ms
234ms Image
image/png 2606:4700:e0::ac40:600a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cp.cute-cursors.com/uploads/cursors/198/198-cover.png
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:600a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62cef9f8169c55b785378f2785443e36132051c6c0600a494531767cf38825ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 12:52:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4311
etag: "61603f1d-bdf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlY66fj3lumHaYaaQmowsufMvJvwR7of2iPxCfrrFRsxSrB0WolCyF%2BBksOdbcPnrE77AGnT06zH%2FuozIE6qXPeMqmosbJAXIUR4XlMfSe5cpiB60yHbl%2F0yk1jbGYw67Pm%2F9EmGH2%2Fibs3kSToqiu9q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 758926d01d65b3af-MUC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48629

GET
H2 200 /
log.pinterest.com/ 0
332 B 141ms
106ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=N2g4WFQW32zU&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fcute-cursors.com%2F
Requested by: Host: cute-cursors.com
URL: https://cute-cursors.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 11 Oct 2022 17:00:22 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 5
x-pinterest-rid: 1512294151921145
content-length: 0
x-served-by: cache-hhn4054-HHN
pragma: no-cache
server: envoy
x-timer: S1665507623.509439,VS0,VE98
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/ 151 KB
54 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/reactive_library_fy2021.js?bust=31070152

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb05fda7499d40e657f6aac9e0f46e3bf3a269f01082fc0bfe2da83e0407cb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55071
x-xss-protection: 0
server: cafe
etag: 6654977130975805220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 17:00:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 41ms
21ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cute-cursors.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 39ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cute-cursors.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/ Frame 1A81 10 KB
4 KB 26ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 21:17:33 GMT
etag: 9671129459699598864
expires: Mon, 24 Oct 2022 21:17:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4219073793260234323
tpc.googlesyndication.com/simgad/ Frame 8145 8 KB
9 KB 83ms
14ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4219073793260234323?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk2HtBSEJh0YPMntwv7G6bsoQT10Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e666155adc38b774e429caed499ae332417bf8de3a0818fc847b0fea0708ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 08:16:58 GMT
x-content-type-options: nosniff
age: 31404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8445
x-xss-protection: 0
last-modified: Thu, 13 May 2021 12:59:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Oct 2023 08:16:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/ Frame 8145 23 KB
10 KB 72ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

880b54918b4a62ebf033b5063c0398a2e3173533c69e87aa7ea9ad8af6b9ed72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9572
x-xss-protection: 0
server: cafe
etag: 13714838864795470651
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:53:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 8145 3 KB
1 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:49:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 8145 17 KB
7 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 9181008806812530437
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:51:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8145 0
0 60ms
21ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlRsC8fOLR1wycN5n9JNHIoExaAPPpBL-y9gDDjX66pDQA1lLrCtttrvyGnETZ-80vFeyj4IM5vvdNb4Pni1KXUbIQBw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8145 151 KB
46 KB 148ms
75ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 17:00:22 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 8145 32 KB
13 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3489c00af8048ca172b7ea6042bcb05c2fd3b51943947237c44ec37f2646f591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 02:44:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13659
x-xss-protection: 0
server: cafe
etag: 13969702118757762483
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:44:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8145 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChCspJaFFY_zIPJOFtwe0u6X4C8nf1e9qybqYm48Q_ZrmuJYdEAEgo-PPgQFglQKgAfGaoNAByAECqAMByAPJBKoEywFP0MC7cIoeoMx5eKYJcB5AhKsZpBK-5LGVRwhp7UtMq8WbO_-l2LjLcmzjeJISwQByCC28ZdOSZ-BAOMjpvDIOmY_ZXqkSUWumV6Zcm61xzvQGR-kl3W58ff4OZsl2NjA6GTGQtV8nhGmuRnK-LOsJt20LaHVBCgDm4y773MrbOjPKIeLchVSNatrUGMRjq-RJyd6WIzIGpxpVybS4IR_puUM9eIEF7Oe_rTGUe0UJUME6Z0aWCeF6IY74wNtZxQ5gj-P55vLEyB8cisAEk6La65MEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB_fk368CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQjbQT0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItODI3MTI4MTM0NTA0NjgzMxgA&sigh=7B9daL5G8Ug&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Oct 2022 17:00:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B487 42 B
63 B 46ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A2WW_vUW6MIId8gZcSFpvKBS-ypwbt1Re6GiItKA1yLXu5yoLY31R_GnDGSNl6aw2oprQm_S-Fius4ozMC1FL-auAV8_HHqxxidk6r_Q_DQYHF4EU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame B487 3 KB
1 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:49:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame B487 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 9181008806812530437
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:51:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B487 0
0 19ms
17ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRm9gNAy8r-Q7H5L6-NBs1V8ICi16kij8eqdf9fmy7laZ9_TrEyh2MCvhINpSE_2f_NXSYOklIo0nOcpvLZtGUfRb4UFg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B487 151 KB
47 KB 98ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 17:00:22 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1A81 4 KB
1 KB 71ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Oct 2022 17:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 16:35:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Oct 2022 17:00:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A81 205 B
294 B 67ms
16ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:55:16 GMT
x-content-type-options: nosniff
age: 306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 11 Oct 2023 16:55:16 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A81 604 B
1 KB 66ms
15ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 14:39:16 GMT
x-content-type-options: nosniff
age: 8466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 11 Oct 2023 14:39:16 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/ Frame 1A81 19 KB
8 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d6b185c25855ec7d560c46a127f8f28ea723d0bd8bd6b1c2b610cd219016207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 969526298976576263
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:52:58 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/ Frame 1A81 12 KB
6 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34543254976bef9b8849810aaac3ef231e940e941cae5531c67be2daf33f4473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 14:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5790
x-xss-protection: 0
server: cafe
etag: 11630929575998830700
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 14:40:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6FBF 624 B
297 B 58ms
32ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARidx9DOATAB&v=APEucNX0hIJ5efaHHP1__Qd-6Cy0kXTsEWcNkBoABs6-jjV23TYuOyLcq7jNL52DftmgdobfzGdS55MLiJzxU5ppXrAZZHPsMnXsuhOWevwBunRm6EXhP621Un_1tDqfDbkkflOK_foOOkWXddZBhZRDfYRZqHX-PvgnKtAceIU6F5BTxrp0aQo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B487 84 KB
34 KB 87ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVJmVChZbpPvIlRRhkqaqm88-IdUjyEGVp1LyBsrjRVbRHMwS6I4w73D8X6vIx2hoUnV8qmGmwfMiejTLnzAM4_noxImENiAbew5y9LpBhlhtS4ZKbfYRIVEVyfSNpYrMjvu8qeJwUe7g89u-P3apU8JQ9PSuNCa6-o3yoDv3nGcAd650&dbm_d=AKAmf-AysOaDtCT1EZVuoT-3lN6WU-KZAebm0mcDXQScvbvGbm47fgiP3wJI3_O9kWGrKzZZtoCvoFavq8-nb9Go9iKZ2XOmMym-MpiFcXubC9vsV1qh4lQw5Wp9NvIcA1SlT62-MSk4g6OqAFjMaxjOsM0lr5shWd7m1J3HzdwYhtiVURVj0cRuxyQcDoJM092DE_7mRtP-l2ZsDtOJdlr986mXZELFYdxURVe9SiXKETys95KHIaS5MMEItg-eV42nk7UsDsRCYSbuc-qLS0l2bMW125vVyAG1xCjwusBJUDmuy7po2DGinyctnIV9fsoOmKC-uLNpz8mjy9lpHzAB9WyJBhdHbx0kmzCb0_Ge_mYzTIzlB-7Deerp8W59X3gvzGUgCxdtVMGcgyoABKz2VHDsTXX-NXFPkWc0kQE352tGz0hfrNRA8MYev1UBpa36iQFUplskmLN-Ux_h9vTMdd2PlpwFSz3_2ajP4_ky-zTJafMZmc9Zu6gyfvzhTTQ1_06SX7OZMvMkJpfYja-WEer3-dpYqiK5Q3rpLARJE5jkl-QqJKsNyr5aP1tZiiJTZ79QIRWCUuYwPTfR6RGC_GeHOdyUEYOiGIJMTdj-jZWwyN3_WlfHpzrOG3KB-b8d2FIEwsw4BCgindm_hUuQC8UVPR3GXMhCRUwtODLy5ES4Q_o_U_bGsAWUrZTNmb3e8haSAZZw-CFgXmdOE95KqZJQxllPPQXL9k_5WPQcg6azJJVkwk9ekgTCFdCYdkw1EMXearLrug0tfZLhuWNj7hS2w2vr-jwjmFeY_2siwkvIJ83-0NigUgQpN2wzOyJ60-CUd848QEiLj73fUVqDXeV6BWbNmr69nq1Y8QdmjTqaSgSTeMxfhX-Jrv7xa2Wa0Ly4b9vRRUyemHIMIYafutB4w-86xvDukx43aezwXzz3s3BVngDLK71AAuikEVGIAEdORpnK7O3UAaNwBv_C74RIaXoyAgwls_lpFblgNJN-86tq1GNjwp_zw_6qfn8aLH0LrctVdiP9oYuc7Sn5WQC6ACtRDfXjsITzW8w6G_osTPRumT7E01mNkqnwz02wR3NIq7Q1bZZYkIPK52b1am7S6tfBIkWUXyJVSHf4rJ6Jh8b-EdLYl5AxLbenSomHydvWNatVGtoZNwdRenFKQBNM-xYmj6QNRQfRHnVeNCPvJF_toiKx00iL2h9b8FkCOnEsgVg72wgFA2WHoImVGbLJy-t4YHpJ1KHrKjly6LOhopbr53-gqIfg1QTWOdTBFoocwd7QBsIB-UhZqcMdU72W0Mv7dKIzcxeettNgsJm3S38pAcKJD255_i8azUtcfyq6Ne9SNmMgO2ik1fhuLuhEbPQueA8uJoFr0_fOPPMDyFhrbeFk364TMCuMGUoZHNUZG6mhDtGOGTjAfBH1fMGCamgbmXnitNHmHIrATpl7UVspQmXnojz6T4QqrTfMOzUkyY5D2md7AfUJ1LXAIMaJlGLEBjN33pjJYQ1KW-or00tx9-IB6kSYxE2xQe1EN7HS1sJICxoi_EPvN8ndFGPkQ67SYSuC7aji6mwXCGSLZ_4fASH2iPzwqfzMDXkAPRVvF-hwpoZVjLBDBMfZ6CRQMfhwyTag72RwTPRwpSf0DNPYVXcs-81fpujcqnYpDvfEj7jQ-kUIkDHdSIWygqKuU7ZWwfx6NAf0UbNwEua9c9m7MRB3DkEPQHp_A3E48YeMICMadSu8itJ7NufDZWEr6D44rpQec-2ti_xxYsWPyPN_jZo-jpLOIK1XSPuBhq4jEEWDfu-df9OYMQ4PxvJpsuE7Qxaq0huL7eNktSb5oj1uXO42QZy-QrnSUIQtweXbiwKQxDHIEsXOTdLg1lR3pMvfwzpy7fcFqacNZrUUzWxzJAmP35WA6Sdp8fMP7aJbjuZjoZmI6-ir-B1KPP0kmnsNevFRbgXKF8g7QDex_B9GUXEhoRFJ8g072L352_35xAYIcTxIAhqxuha2NQ1twb8wXW0IPqlL4Hl3SVbftiLO670PIqZ_CSoT7zrYiJ6BsCLRIZNdneTurlTO7L5GFwHWDqOAIhsCYieO_lVMSgnN__w8L9eGIzdAvdieVhdJU1YzwpXtK0fpApVFc5cGHAylLFMp068pV-qBZMARO-iyXu7tNsHakE0tswpOqCyDeVxEbg5ykjY55IxL0gCWv0bjCPUFpcMKblOT3MPxctc8eoIT-Q25SLuKbvrA0qqv5JtSzqE5lnatC38yjLwEiu6H5k5m_3a6Ybfj_gF7rs80JwJtfSj-vEHC2VBep_pi_ECSXgC2uZOyIm2QiOAetYZwYgYqhS54wH3_JTjNBEvEFfnRKx1jbXs8mvrqx25wvP32nRcAW6O_nxom_KP62UK-C5MpxQEB4dIzoe28jWEgs23qsKCESdIpIDFqHZZxMNIoIaK4Ja7fX_DNdiHMn79Rolp781m2EZYnQ7rhVK9r27op_ppYJN8vgwFDoxAXd-jW5bj_gOCTbxLVPC5ymvSVM1HHjnSzu4hoOcENYJWuesHplgfPeeqXmgwWU8nhhr3nkaUfr-9-uZGyeDnPsFJuLQN_GfviIdImUmxhTpMfL5U71w1vcaZ-sP9wYG8XnjMG5T7XI1VbqWMxTRk8Aa0SAeYCPPPlkHfk2Q4hSUQWp7s0czfKvWQS6Gx6nBE5YGi4W490lOfYmGGK-Xt94ciAe-q350i1wQkI3Grltv38xr1Aub1pevV8tSFReMkU6Pd-kiup6o_n-ixDmXgCOZcC4nrZV0K2FTXssxKNqQXO6Eu_55Qlykku7z-iD2tPPdI9jZEtVvvxzIyRi3eDSbE4axFP5w5DuvlN6WsmNJ4WI3I2uMTztHr0ieLpcHytmp8htvjzNcANMBlZ-dmHNTrpvEzBHRGlkEdChnmXhjEaXf1fSZY5LF5ebA3VHLEGOJ0wu8Dm6EXZQGsQ-auSt8YxJaGoHXtYB1FvefUvwyjFC_rxHX5gHfEiDVybYTf0wAvunj__PZgKYUQqx3GHf0WlWq-ukomYPcrladVho-oAyQOpXVaoOxmaa9uVnxYpsHlEbqzFQrTpi9CU0rdFiPk1H1WQXdUGi5qqlPyP4gyYP2KFqzOtP920vTTwAAE1-Bds&cid=CAASEuRo8edEOGNA2YIpbRs57KKOMg&rfl=1%2Chttps%253A%252F%252Fcute-cursors.com%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a07bc4ba5459480979f216aa3dbe388d645b0c82834b41999b08ca6861901341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34842
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE93 143 B
166 B 22ms
19ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 16:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C10D 1 KB
643 B 13ms
9ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Tue, 11 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8145 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13d02ee2e2b1b6805f28d1e507015230f2aca6a32da79403f6554024b8f4b5c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame DCF5 8 KB
895 B 38ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Oct 2022 17:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 16:33:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Oct 2022 17:00:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame DCF5 2 KB
983 B 308ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:33:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/ Frame DCF5 23 KB
9 KB 307ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

880b54918b4a62ebf033b5063c0398a2e3173533c69e87aa7ea9ad8af6b9ed72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9572
x-xss-protection: 0
server: cafe
etag: 13714838864795470651
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:53:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame DCF5 3 KB
1 KB 309ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:49:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame DCF5 17 KB
7 KB 310ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 9181008806812530437
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:51:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCF5 151 KB
46 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 17:00:23 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame DCF5 33 KB
13 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:21:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6FBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1

43 B
766 B

52ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARidx9DOATAB&v=APEucNX0hIJ5efaHHP1__Qd-6Cy0kXTsEWcNkBoABs6-jjV23TYuOyLcq7jNL52DftmgdobfzGdS55MLiJzxU5ppXrAZZHPsMnXsuhOWevwBunRm6EXhP621Un_1tDqfDbkkflOK_foOOkWXddZBhZRDfYRZqHX-PvgnKtAceIU6F5BTxrp0aQo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 17:00:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6FBF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0WhJ4w-1BBjWTqD0B49pgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARidx9DOATAB&v=APEucNX0hIJ5efaHHP1__Qd-6Cy0kXTsEWcNkBoABs6-jjV23TYuOyLcq7jNL52DftmgdobfzGdS55MLiJzxU5ppXrAZZHPsMnXsuhOWevwBunRm6EXhP621Un_1tDqfDbkkflOK_foOOkWXddZBhZRDfYRZqHX-PvgnKtAceIU6F5BTxrp0aQo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 17:00:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ0n76-TXZdZ5TWx2y0Jvk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6FBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENG2tZR20CZQ0DIJcegfUlA&google_cver=1

43 B
1018 B

64ms
15ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENG2tZR20CZQ0DIJcegfUlA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARidx9DOATAB&v=APEucNX0hIJ5efaHHP1__Qd-6Cy0kXTsEWcNkBoABs6-jjV23TYuOyLcq7jNL52DftmgdobfzGdS55MLiJzxU5ppXrAZZHPsMnXsuhOWevwBunRm6EXhP621Un_1tDqfDbkkflOK_foOOkWXddZBhZRDfYRZqHX-PvgnKtAceIU6F5BTxrp0aQo

Protocol

HTTP/1.1

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 17:00:23 GMT
AN-X-Request-Uuid: d40d6449-91ee-44c6-9053-d0b11c5d35db
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENG2tZR20CZQ0DIJcegfUlA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FBF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4MzYyMDkwNDE5NTcxNjE4Ng%3D%3D

170 B
188 B

40ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4MzYyMDkwNDE5NTcxNjE4Ng%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 17:00:23 GMT
AN-X-Request-Uuid: bdd1ade4-0186-4f2d-abe8-9f473ff83ab9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4MzYyMDkwNDE5NTcxNjE4Ng%3D%3D
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B487 170 KB
59 KB 633ms
7ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 10:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Oct 2022 10:22:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/ Frame B487 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVJmVChZbpPvIlRRhkqaqm88-IdUjyEGVp1LyBsrjRVbRHMwS6I4w73D8X6vIx2hoUnV8qmGmwfMiejTLnzAM4_noxImENiAbew5y9LpBhlhtS4ZKbfYRIVEVyfSNpYrMjvu8qeJwUe7g89u-P3apU8JQ9PSuNCa6-o3yoDv3nGcAd650&dbm_d=AKAmf-AysOaDtCT1EZVuoT-3lN6WU-KZAebm0mcDXQScvbvGbm47fgiP3wJI3_O9kWGrKzZZtoCvoFavq8-nb9Go9iKZ2XOmMym-MpiFcXubC9vsV1qh4lQw5Wp9NvIcA1SlT62-MSk4g6OqAFjMaxjOsM0lr5shWd7m1J3HzdwYhtiVURVj0cRuxyQcDoJM092DE_7mRtP-l2ZsDtOJdlr986mXZELFYdxURVe9SiXKETys95KHIaS5MMEItg-eV42nk7UsDsRCYSbuc-qLS0l2bMW125vVyAG1xCjwusBJUDmuy7po2DGinyctnIV9fsoOmKC-uLNpz8mjy9lpHzAB9WyJBhdHbx0kmzCb0_Ge_mYzTIzlB-7Deerp8W59X3gvzGUgCxdtVMGcgyoABKz2VHDsTXX-NXFPkWc0kQE352tGz0hfrNRA8MYev1UBpa36iQFUplskmLN-Ux_h9vTMdd2PlpwFSz3_2ajP4_ky-zTJafMZmc9Zu6gyfvzhTTQ1_06SX7OZMvMkJpfYja-WEer3-dpYqiK5Q3rpLARJE5jkl-QqJKsNyr5aP1tZiiJTZ79QIRWCUuYwPTfR6RGC_GeHOdyUEYOiGIJMTdj-jZWwyN3_WlfHpzrOG3KB-b8d2FIEwsw4BCgindm_hUuQC8UVPR3GXMhCRUwtODLy5ES4Q_o_U_bGsAWUrZTNmb3e8haSAZZw-CFgXmdOE95KqZJQxllPPQXL9k_5WPQcg6azJJVkwk9ekgTCFdCYdkw1EMXearLrug0tfZLhuWNj7hS2w2vr-jwjmFeY_2siwkvIJ83-0NigUgQpN2wzOyJ60-CUd848QEiLj73fUVqDXeV6BWbNmr69nq1Y8QdmjTqaSgSTeMxfhX-Jrv7xa2Wa0Ly4b9vRRUyemHIMIYafutB4w-86xvDukx43aezwXzz3s3BVngDLK71AAuikEVGIAEdORpnK7O3UAaNwBv_C74RIaXoyAgwls_lpFblgNJN-86tq1GNjwp_zw_6qfn8aLH0LrctVdiP9oYuc7Sn5WQC6ACtRDfXjsITzW8w6G_osTPRumT7E01mNkqnwz02wR3NIq7Q1bZZYkIPK52b1am7S6tfBIkWUXyJVSHf4rJ6Jh8b-EdLYl5AxLbenSomHydvWNatVGtoZNwdRenFKQBNM-xYmj6QNRQfRHnVeNCPvJF_toiKx00iL2h9b8FkCOnEsgVg72wgFA2WHoImVGbLJy-t4YHpJ1KHrKjly6LOhopbr53-gqIfg1QTWOdTBFoocwd7QBsIB-UhZqcMdU72W0Mv7dKIzcxeettNgsJm3S38pAcKJD255_i8azUtcfyq6Ne9SNmMgO2ik1fhuLuhEbPQueA8uJoFr0_fOPPMDyFhrbeFk364TMCuMGUoZHNUZG6mhDtGOGTjAfBH1fMGCamgbmXnitNHmHIrATpl7UVspQmXnojz6T4QqrTfMOzUkyY5D2md7AfUJ1LXAIMaJlGLEBjN33pjJYQ1KW-or00tx9-IB6kSYxE2xQe1EN7HS1sJICxoi_EPvN8ndFGPkQ67SYSuC7aji6mwXCGSLZ_4fASH2iPzwqfzMDXkAPRVvF-hwpoZVjLBDBMfZ6CRQMfhwyTag72RwTPRwpSf0DNPYVXcs-81fpujcqnYpDvfEj7jQ-kUIkDHdSIWygqKuU7ZWwfx6NAf0UbNwEua9c9m7MRB3DkEPQHp_A3E48YeMICMadSu8itJ7NufDZWEr6D44rpQec-2ti_xxYsWPyPN_jZo-jpLOIK1XSPuBhq4jEEWDfu-df9OYMQ4PxvJpsuE7Qxaq0huL7eNktSb5oj1uXO42QZy-QrnSUIQtweXbiwKQxDHIEsXOTdLg1lR3pMvfwzpy7fcFqacNZrUUzWxzJAmP35WA6Sdp8fMP7aJbjuZjoZmI6-ir-B1KPP0kmnsNevFRbgXKF8g7QDex_B9GUXEhoRFJ8g072L352_35xAYIcTxIAhqxuha2NQ1twb8wXW0IPqlL4Hl3SVbftiLO670PIqZ_CSoT7zrYiJ6BsCLRIZNdneTurlTO7L5GFwHWDqOAIhsCYieO_lVMSgnN__w8L9eGIzdAvdieVhdJU1YzwpXtK0fpApVFc5cGHAylLFMp068pV-qBZMARO-iyXu7tNsHakE0tswpOqCyDeVxEbg5ykjY55IxL0gCWv0bjCPUFpcMKblOT3MPxctc8eoIT-Q25SLuKbvrA0qqv5JtSzqE5lnatC38yjLwEiu6H5k5m_3a6Ybfj_gF7rs80JwJtfSj-vEHC2VBep_pi_ECSXgC2uZOyIm2QiOAetYZwYgYqhS54wH3_JTjNBEvEFfnRKx1jbXs8mvrqx25wvP32nRcAW6O_nxom_KP62UK-C5MpxQEB4dIzoe28jWEgs23qsKCESdIpIDFqHZZxMNIoIaK4Ja7fX_DNdiHMn79Rolp781m2EZYnQ7rhVK9r27op_ppYJN8vgwFDoxAXd-jW5bj_gOCTbxLVPC5ymvSVM1HHjnSzu4hoOcENYJWuesHplgfPeeqXmgwWU8nhhr3nkaUfr-9-uZGyeDnPsFJuLQN_GfviIdImUmxhTpMfL5U71w1vcaZ-sP9wYG8XnjMG5T7XI1VbqWMxTRk8Aa0SAeYCPPPlkHfk2Q4hSUQWp7s0czfKvWQS6Gx6nBE5YGi4W490lOfYmGGK-Xt94ciAe-q350i1wQkI3Grltv38xr1Aub1pevV8tSFReMkU6Pd-kiup6o_n-ixDmXgCOZcC4nrZV0K2FTXssxKNqQXO6Eu_55Qlykku7z-iD2tPPdI9jZEtVvvxzIyRi3eDSbE4axFP5w5DuvlN6WsmNJ4WI3I2uMTztHr0ieLpcHytmp8htvjzNcANMBlZ-dmHNTrpvEzBHRGlkEdChnmXhjEaXf1fSZY5LF5ebA3VHLEGOJ0wu8Dm6EXZQGsQ-auSt8YxJaGoHXtYB1FvefUvwyjFC_rxHX5gHfEiDVybYTf0wAvunj__PZgKYUQqx3GHf0WlWq-ukomYPcrladVho-oAyQOpXVaoOxmaa9uVnxYpsHlEbqzFQrTpi9CU0rdFiPk1H1WQXdUGi5qqlPyP4gyYP2KFqzOtP920vTTwAAE1-Bds&cid=CAASEuRo8edEOGNA2YIpbRs57KKOMg&rfl=1%2Chttps%253A%252F%252Fcute-cursors.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:56:38 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/ Frame B487 30 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221005/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ad6f5f8daa1d32b6ac0d0dba787f1a014c159d0b5836f72bc699080f664d176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11728
x-xss-protection: 0
server: cafe
etag: 14397739518267393275
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 16:57:52 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C10D 35 B
463 B 627ms
13ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOfA36b0eWPf9n7K-IwOy0s&google_cver=1&google_push=AZmPxg8mKsZMDei1vRSjbPOLCCxRAFSeLq6ZMDod2sj9iA29jZA3-Iigzio9uGQ6ky5GcdWx2X7BMML9hQL33hD3KQIBI_sx7A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9xvXWE...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9xvXWE...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExNzAwMjMwMDA2MjEwODQ1MTU5Nw%3D%3D&google_push=AZmPxg9xvXWEBE4vLyBvTGL2UrBwo_UFtrUnyUQdNGl6R_7B76oo-X3iWH2-ZSWBFjQUeV...

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExNzAwMjMwMDA2MjEwODQ1MTU5Nw%3D%3D&google_push=AZmPxg9xvXWEBE4vLyBvTGL2UrBwo_UFtrUnyUQdNGl6R_7B76oo-X3iWH2-ZSWBFjQUeVBvzcTGcuhXGClL4GK6UDFuBVfJ8e4

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTExNzAwMjMwMDA2MjEwODQ1MTU5Nw%3D%3D&google_push=AZmPxg9xvXWEBE4vLyBvTGL2UrBwo_UFtrUnyUQdNGl6R_7B76oo-X3iWH2-ZSWBFjQUeVBvzcTGcuhXGClL4GK6UDFuBVfJ8e4
pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 11 Oct 2022 17:00:24 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C10D 43 B
356 B 653ms
39ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEC9RERptjUrDCtqhG5NUIjs&google_push=AZmPxg8fWchMFmT8Y5NH2xTIAgf-5VaahEUHOCN6ZPTIQIsenjQztZoESH0xJ3nmbYv4XJyKrOSSZFpm_eJ0G8UL_kRaf9y6TKg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C10D 43 B
351 B 642ms
29ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENYH2mF6itBDord7dN8Bwv0&google_cver=1&google_push=AZmPxg8HAcQ3TreW8pEPsl8yJ5a9yIPlNMnsksclXlAEHrFwD0yaXIwb3QZvWBYp6V27zUAvg5po65wnw0xhRExy6m35iN4wN2A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1987417020&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620907&bpp=2&bdt=325&idt=221&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=930&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=sU3XadT5ZT&p=https%3A//cute-cursors.com&dtd=226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: p4699eq9kjl5qqh1r96emklnt4uhs0eq

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

85ms
85ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-djzpDOFWH3qDn8cIoj8s4XuqowEBJVBDLdAtRirWPMaOlMq2ocGs2KOOEf5-LU_uA_eecLeDd3DHbg6Kw0lLC3QFgg-0

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-djzpDOFWH3qDn8cIoj8s4XuqowEBJVBDLdAtRirWPMaOlMq2ocGs2KOOEf5-LU_uA_eecLeDd3DHbg6Kw0lLC3QFgg-0
date: Tue, 11 Oct 2022 17:00:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFJAEvkG1YYXhNZkkp5r8Go&google_cver=1&google_push=AZmPxg8Uq6LlIcGiwhpXJTVHaUsjMwjTb8CfjyLopG1OVtUSooyupso3Fz5Xd2VJ5WQJSiZWoV1...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk0RzhKNUctMTctM1BUOA==&google_push=AZmPxg8Uq6LlIcGiwhpXJTVHaUsjMwjTb8CfjyLopG1OVtUSooyupso3Fz5Xd2VJ5WQJSiZWoV1Kr71mZkBEw1SEep0rOZ2I7g

170 B
188 B

79ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk0RzhKNUctMTctM1BUOA==&google_push=AZmPxg8Uq6LlIcGiwhpXJTVHaUsjMwjTb8CfjyLopG1OVtUSooyupso3Fz5Xd2VJ5WQJSiZWoV1Kr71mZkBEw1SEep0rOZ2I7g

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk0RzhKNUctMTctM1BUOA==&google_push=AZmPxg8Uq6LlIcGiwhpXJTVHaUsjMwjTb8CfjyLopG1OVtUSooyupso3Fz5Xd2VJ5WQJSiZWoV1Kr71mZkBEw1SEep0rOZ2I7g
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C10D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_hm=Y0WhJ4w_1BBjWTqD0B49pgAABFgAAAAB&google_nid=index&google_push=AZmPxg-U9Car7H8nUewGCL1-ZtROti85KK9ln...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_hm=Y0WhJ4w_1BBjWTqD0B49pgAABFgAAAAB&google_nid=index&google_push=AZmPxg-U9Car7H8nUewGCL1-ZtROti85KK9lneVD-ApWcUoYdzur_FLWw2WeYayvERTeNf3wKMxvUH0Cc7I0wdar4XIC31TGpQ

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0POfDYlDTZZ5JKOLeb1fzc8R0OTzKhdgCYlxOLUP10BK8NNEj0YvJ87UX6rXzam09zy2S%2FQqU7IK8wlgaWNRiqGVMpE0Jdadm3dOpRAgg0nK77JiKVfzeHqjkDc8dAGP%2FXFxRTBD6wlHCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIKILrIYkjaKOezxxJOlf3E&google_hm=Y0WhJ4w_1BBjWTqD0B49pgAABFgAAAAB&google_nid=index&google_push=AZmPxg-U9Car7H8nUewGCL1-ZtROti85KK9lneVD-ApWcUoYdzur_FLWw2WeYayvERTeNf3wKMxvUH0Cc7I0wdar4XIC31TGpQ
cache-control: no-cache
cf-ray: 758926d8fb355bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C10D 0
232 B 636ms
24ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kb_Po7pwF52D_6hAXAeQTNTzYhDprYyYCLYDRDdskGxvSFXEDrgSV8SfgXQep_J8mjVMb5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AE93
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

46ms
34ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:23 GMT
expires: Tue, 11 Oct 2022 17:00:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 58B7 143 B
166 B 39ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 16:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B487 41 KB
15 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:22:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FD38 1 KB
643 B 55ms
16ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Tue, 11 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B487 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e21d47faa0670fa40a0f13f17fcca144c76d5cdeb2ce1c4ca7bb6344cf86cc40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/5798567487121391616/ Frame 7CA3 45 KB
12 KB 51ms
28ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b341623cd3ab06b1ab6cdf2fc9f133648da75db0b6e6c15812545e536af2bfd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:23 GMT
expires: Wed, 11 Oct 2023 17:00:23 GMT
last-modified: Wed, 14 Sep 2022 11:46:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B487 0
304 B 96ms
71ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn3GxeLW9tyv9y8Dftwg_JS9AHqoifee8tYVv3smlDxHs5V1OdElWj-HdXhjwiLQiexhkQNLY_3zlfL8dhZsoafOXCoM5ue17LB0743T8qWI6Fy1wI6xFlztL1GRG3VUZ_pse5FaT001BeOoPWMPNW3KO4k6bn2S4ws4WDLiGW8xALN9w4FUGkyGIR_GUSR57TyovK3JEpB2UcNMgBcROTU3NTygcxhtPUK4L7Vcg3HsGXP5_riiNjajBMhlbhpvpg4IXYgEiblUyTmOWQxQNOC8xgINA3r1MvIyZ29Lva7_etI3i1zp7oLcnOkQ-Ld7MfkqSJHL_8hW56DlZR-NPEGdmvIZJM50DeHmaKEMQSmLgamuYhs0_9N3ZFa6IeYfOseyARHpnrN88x37s84d8TV0S7OlS00zsIZHt5cmCrko-jibD1LY129x6Q7blUOZMDkNWDnVTww76DrTl1Ew_IL22784zsEK_6Fk4wBourYN2tJbHAARiNWo6GyNXDOHZ-80abA40v42ra13YMo9LFG8s7FF5U-CCDOn-YlYyiCTa2NtkynRGcqzP1Pr0I16P2JYrd8BcD9gWtPkqPXMk4Bvb5BRs2itc4t7OLa57VByrxZ4frowWziy23P3GxLq0g6sbEQE2csnFWRfb4EVMlvGZ_8V9qDv54-cn9Ub8vQOon9zeaKixnesTRBVwRKZNeASzl-OTl2IEKwmycM6gusQVLbaCqEWS49V9yC8V8Cxzi-bugcMFgNK27tA1ucMWF137G7TEsxl6ZQMw7b588Xbys_Awy0qTeePtd7RajJlVoRHfPauweRAccdpycIu4BNp3pSQeNCfMOCuQPjpzW4agZd-NfQrr8Ms9om4RY1hBGl486VjHvai9c5_6CtJN7fz1MAtnPokAzgMjMjyPTDZK0QR17HKT0XPrl_0eJ-Z7aWXFQWv6SHo7KLpvZu_QAU-TT0CeLC4JM-LWR_h6ByeqK1CRtrTP3hey0wos50MEP4OxHER3Ig4NpYtQRsxTk27tGBCOsMDyMAe8h56g94TV8KHJ-hiPxb-K_1ehQPJ3QGXBABiy3mK6Pm0saCUKhUCxria_RXRzo5shVLYFOOwsAsebJLvl0Wjsbcw6WFlLzC6B7fHsxN2odKdodEEJ9Am0OGBNoB3cVfOfw4RlZ6nb33x_0xlrjBNdQPpUhOjwDtZlFOwcaME8IhwZaRJdogtOCnPNlHbNQeg&sai=AMfl-YSa4W-TPZpN4CfcuYCnFv9QTCxv6qGbiidX0j5A5d1l9-Ia3KiiJoZFK3K6LVe6dhHl6quQ4Nbm5AP_pMlxWk12j9xEP2FlwOxxTL_sdBjUTaHjP9oSPH7qEI_vn3w63ZmuIOTW2qyGQFLVUXjGzFOSA4ntQU-TNf0&sig=Cg0ArKJSzI2vayKnXw0zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=816&cbvp=1&cstd=805&cisv=r20221005.46195&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Oct 2022 17:00:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 6072 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 13:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 13:37:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 58B7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
23ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221005/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:24 GMT
expires: Tue, 11 Oct 2022 17:00:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 5758 36 KB
16 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 13:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 13:37:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD38
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELAKgNGJdxF4IjM7u8Viaw4&google_cver=1&google_push=AZmPxg8w-cEycdPLP4MlvTOY9uue8X1oEkqhlc5qt1lx1GUUKbbjp25iB1...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8w-cEycdPLP4MlvTOY9uue8X1oEkqhlc5qt1lx1GUUKbbjp25iB1xTRxQ0IizvEQt5UFqK9aLzpJa6SQMbxx1369THQ5NJ&google_hm=yGnUgvRm1_GC...

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8w-cEycdPLP4MlvTOY9uue8X1oEkqhlc5qt1lx1GUUKbbjp25iB1xTRxQ0IizvEQt5UFqK9aLzpJa6SQMbxx1369THQ5NJ&google_hm=yGnUgvRm1_GCkgoVBuMODg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8w-cEycdPLP4MlvTOY9uue8X1oEkqhlc5qt1lx1GUUKbbjp25iB1xTRxQ0IizvEQt5UFqK9aLzpJa6SQMbxx1369THQ5NJ&google_hm=yGnUgvRm1_GCkgoVBuMODg
pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD38
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEeIalkn32LLht5Yefv5or0&google_cver=1&google_push=AZmPxg9EVrHCZmL0pPQm2_XwYCWw3temFYEedfqmH4NRS6cvFwu8Z9E_HWCDzwyT9JUJlAsAvq5vjqiUTVb8xDt8AfKf20GtrQwr
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9EVrHCZmL0pPQm2_XwYCWw3temFYEedfqmH4NRS6cvFwu8Z9E_HWCDzwyT9JUJlAsAvq5vjqiUTVb8xDt8AfKf20GtrQwr&google_hm=Q0FFU0VFZUlhbGtuMzJMT...

170 B
188 B

22ms
21ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9EVrHCZmL0pPQm2_XwYCWw3temFYEedfqmH4NRS6cvFwu8Z9E_HWCDzwyT9JUJlAsAvq5vjqiUTVb8xDt8AfKf20GtrQwr&google_hm=Q0FFU0VFZUlhbGtuMzJMTGh0NVllZnY1b3Iw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Oct 2022 17:00:23 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9EVrHCZmL0pPQm2_XwYCWw3temFYEedfqmH4NRS6cvFwu8Z9E_HWCDzwyT9JUJlAsAvq5vjqiUTVb8xDt8AfKf20GtrQwr&google_hm=Q0FFU0VFZUlhbGtuMzJMTGh0NVllZnY1b3Iw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame FD38 0
98 B 131ms
26ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8y71M_btWba2QBCIA7FXXI87T251aAH0nGErKFnnZ1BkxWTnnGeqjt_jgAVoSpwh5aA92Cpzb6Qe-TyvAHX2WBzADF-jE&google_gid=CAESEPsdD-is_ZfZORSdtvhmfuM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame FD38 43 B
61 B 122ms
31ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGPBPX6gtj0zasb_RzBreFs&google_push=AZmPxg9FzOYUkROWCWGddF0J2n3nY2KRm1SW_9RHZfuls3CkN8nbamixPgfm9vN6v-lIcaH-Temz_nUr0dsJTYiG6RXKxO2maVE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD38
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg80ZJ6TqpQklvijJgqV4FhDvTAi9GBQ1TBIL1IjY1B-_-ubCn_cd2U-fsTcsOL2Ko2q2ysi1m8UTfE9bvhju7umiY9PwcPB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BQL9suJhQBanT1h7931Uxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg80ZJ6TqpQklvijJgqV4FhDvTAi9GBQ1TBIL1IjY1B-_-ubCn_cd2U-fsTcsOL2Ko2q2ysi1m8UTfE9bvhju7umiY9PwcPB
date: Tue, 11 Oct 2022 17:00:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 trk
ag.innovid.com/ Frame FD38 43 B
296 B 974ms
25ms Image
image/gif 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJnHWklw-jP6MHjR3-i-F20&google_cver=1&google_push=AZmPxg99yHTK2_SPSJLiMgT7xcJ9OLScUrsspe6zcPD_b7CtYxAz_TKijl8RDj12T7TTG6mhaKqGDjEmjU_s-Lg12y4vwfm-Rlk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Oct 2022 17:00:24 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame FD38 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FD38 0
12 B 95ms
24ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JlG4fTu1GDynAbdcSdslRhVuguBLn_tQl7wHy_mhld78GKG2LcbruM1EUL-lknL8TA3bzAwQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8271281345046833&output=html&h=90&slotname=1990370685&adk=3959728115&adf=1817241583&pi=t.ma~as.1990370685&w=728&lmt=1660292196&rafmt=11&format=728x90&url=https%3A%2F%2Fcute-cursors.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665507620900&bpp=2&bdt=318&idt=158&shv=r20221005&mjsv=m202210050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7945264524576&frm=20&pv=1&ga_vid=191953320.1665507621&ga_sid=1665507621&ga_hid=1025284383&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=571&ady=810&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070152%2C44770881%2C44774605&oid=2&pvsid=3918258867269380&tmod=881444133&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2g6fZzt0s4&p=https%3A//cute-cursors.com&dtd=180

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 16D6 22 KB
8 KB 86ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 381136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 07:08:08 GMT
expires: Sat, 07 Oct 2023 07:08:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 7CA3 118 KB
40 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 17:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 17:25:10 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7CA3 63 KB
25 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 17:00:24 GMT

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 16D6 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 13:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 13:37:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B487 0
26 B 48ms
48ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvn3GxeLW9tyv9y8Dftwg_JS9AHqoifee8tYVv3smlDxHs5V1OdElWj-HdXhjwiLQiexhkQNLY_3zlfL8dhZsoafOXCoM5ue17LB0743T8qWI6Fy1wI6xFlztL1GRG3VUZ_pse5FaT001BeOoPWMPNW3KO4k6bn2S4ws4WDLiGW8xALN9w4FUGkyGIR_GUSR57TyovK3JEpB2UcNMgBcROTU3NTygcxhtPUK4L7Vcg3HsGXP5_riiNjajBMhlbhpvpg4IXYgEiblUyTmOWQxQNOC8xgINA3r1MvIyZ29Lva7_etI3i1zp7oLcnOkQ-Ld7MfkqSJHL_8hW56DlZR-NPEGdmvIZJM50DeHmaKEMQSmLgamuYhs0_9N3ZFa6IeYfOseyARHpnrN88x37s84d8TV0S7OlS00zsIZHt5cmCrko-jibD1LY129x6Q7blUOZMDkNWDnVTww76DrTl1Ew_IL22784zsEK_6Fk4wBourYN2tJbHAARiNWo6GyNXDOHZ-80abA40v42ra13YMo9LFG8s7FF5U-CCDOn-YlYyiCTa2NtkynRGcqzP1Pr0I16P2JYrd8BcD9gWtPkqPXMk4Bvb5BRs2itc4t7OLa57VByrxZ4frowWziy23P3GxLq0g6sbEQE2csnFWRfb4EVMlvGZ_8V9qDv54-cn9Ub8vQOon9zeaKixnesTRBVwRKZNeASzl-OTl2IEKwmycM6gusQVLbaCqEWS49V9yC8V8Cxzi-bugcMFgNK27tA1ucMWF137G7TEsxl6ZQMw7b588Xbys_Awy0qTeePtd7RajJlVoRHfPauweRAccdpycIu4BNp3pSQeNCfMOCuQPjpzW4agZd-NfQrr8Ms9om4RY1hBGl486VjHvai9c5_6CtJN7fz1MAtnPokAzgMjMjyPTDZK0QR17HKT0XPrl_0eJ-Z7aWXFQWv6SHo7KLpvZu_QAU-TT0CeLC4JM-LWR_h6ByeqK1CRtrTP3hey0wos50MEP4OxHER3Ig4NpYtQRsxTk27tGBCOsMDyMAe8h56g94TV8KHJ-hiPxb-K_1ehQPJ3QGXBABiy3mK6Pm0saCUKhUCxria_RXRzo5shVLYFOOwsAsebJLvl0Wjsbcw6WFlLzC6B7fHsxN2odKdodEEJ9Am0OGBNoB3cVfOfw4RlZ6nb33x_0xlrjBNdQPpUhOjwDtZlFOwcaME8IhwZaRJdogtOCnPNlHbNQeg&sai=AMfl-YSa4W-TPZpN4CfcuYCnFv9QTCxv6qGbiidX0j5A5d1l9-Ia3KiiJoZFK3K6LVe6dhHl6quQ4Nbm5AP_pMlxWk12j9xEP2FlwOxxTL_sdBjUTaHjP9oSPH7qEI_vn3w63ZmuIOTW2qyGQFLVUXjGzFOSA4ntQU-TNf0&sig=Cg0ArKJSzI2vayKnXw0zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1212&vt=11&dtpt=396&dett=3&cstd=805&cisv=r20221005.46195&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: cute-cursors.com
URL: https://cute-cursors.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 42ms
26ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221005&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0af10fcdb94d9af8ed8ab99f4da86ee81fec8847c11fada15703239c0e127fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11158
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 7CA3 47 KB
47 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:54:23 GMT
x-content-type-options: nosniff
age: 361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 17:09:23 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 7CA3 46 KB
46 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:58:28 GMT
x-content-type-options: nosniff
age: 116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 17:13:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7CA3 7 KB
5 KB 29ms
28ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30a92915ddbaf19d5d84b18f06418c30fb11ca26d14141cba663dfc3488132a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5579
x-xss-protection: 0

GET
H3 200 60005582_20220128053050094_iPhone13_AirPods-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7CA3 29 KB
29 KB 28ms
28ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220128053050094_iPhone13_AirPods-Pro_Asset.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d809cf7392c8b9db8407a0ff5553f718a3fdc86b9fe52ae73e3d0aea42feb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 13:05:22 GMT
x-content-type-options: nosniff
age: 14102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30129
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 13:30:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Oct 2022 13:05:22 GMT

GET
H3 200 60005582_20220825085202338_728x090_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7CA3 30 KB
30 KB 28ms
28ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085202338_728x090_BG.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 11:14:19 GMT
x-content-type-options: nosniff
age: 20765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30980
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:52:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 12 Oct 2022 11:14:19 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 7CA3 43 B
635 B 583ms
10ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=26952494_4307561_340582468_145341330_PO2703A20220907&ref=26952494_4307561_340582468_145341330_PO2703A20220907
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Tue, 11 Oct 2022 17:00:24 GMT
Last-Modified: Wed, 11 May 2022 05:12:26 GMT
Server: Apache
ETag: "2b-5deb57cb16280"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 43

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 7CA3 26 KB
26 KB 14ms
13ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5798567487121391616/728x090.html?e=69&leftOffset=0&topOffset=0&c=4pqQDoEG2F&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 16:53:09 GMT
x-content-type-options: nosniff
age: 435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Oct 2022 17:08:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 17:00:24 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7CA3 17 KB
6 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Oct 2022 17:00:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C30C 13 KB
5 KB 26ms
23ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 15:41:13 GMT
expires: Wed, 11 Oct 2023 15:41:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F0F8 783 B
535 B 26ms
21ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

40f5ab5f2934e9ac247ff78da9f508f37a2dcde273a38ce7102cb43926686404

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MPQlMUyHYqHniwN4DpVpKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cute-cursors.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MPQlMUyHYqHniwN4DpVpKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 17:00:24 GMT
expires: Tue, 11 Oct 2022 17:00:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame C743 36 KB
16 KB 19ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 13:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 13:37:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F0F8 0
0 49ms
49ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221005&jk=3918258867269380&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 200 75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js Show response
pagead2.googlesyndication.com/bg/ Frame C30C 36 KB
16 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/75n5MIkdKjMQGlOCWCYwhumMUPtaURPkn9Lrop-Fp5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 13:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 13:37:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16D6 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV9sbJqFFY4SdNaCT7_UP0a6DiAsAAAAAOAHgBAI&bg=!pqWlpeHNAAYqRg79CkY7ACkAdvg8WltsESyZ-czKXI_NXnIkeW718i62hsaYJGf1fJi6EB7j9cbYBgIAAAF6UgAAAAJoAQcKAGqyulXHRkk5zJmYsOgYniyt57NLwhYJiuyKi7vCniy8vl6U-sczsn648JXqZdU94pv3UzNprzat-YCU83Zq6ZvSk6mXR3EJrjYicGa7xylTI2bvIl3Jxr1Kbtl0l2rehF1GkWkPN7HePcUumQL5j2_KKhSQN-ZqGa84bdGZd6hgXXeb171sLUl-WaFg_7NeBvX9xIWc55S0s-ExMB2R-GR3cFLAT_fEEKDPpVUO71fWNN3HK7hTPpe_siYVmd6CZPEH2M--EXOPFHxUms9wUcDdTr1_RZv6L4RolRDM8blVwe97N6qTb_8tLLF8n8mcEqj1VREgGdXKbieOPKUptg10X2COL13thjhyyECa78AkGEmcZR_UN9WUEIY9jyKlrN5bd3G8CkujbsAe0zjKI7aBA_NOi-ax1bD-5bGtXnf_1NRyvcLjSnRbKtteR_JR-BYzHBRC2-2o-AGQcus6958gGcTsyUB8VUQBMMyOIKKQQFmeqZty2oVarBcjmHwMlQ_zt7eJSPIWqcJXt1TCcV5UzGDetyFnhJlC5dLtVfN-wbKnvQqdSVj8HD009q4NooJLmuf4Ftbm4ZXfD7E8beustlcMbrsGPDWHHITOj3uHZ8UV5at0HHwrJliucvXamvFufv1Tj0zLOopAxxdjWqwyGfXJg89Nyi5Eiql0yP68No6ky9kgtU6q1V8LYLA4xihz17t7zm4_3LFBn1Xmcp-s4XEVmRtERGkzWrYirtpGt-Hte2GbB_5V2o-cVxvR8FGzKb88jdZVho1OcViTpmGX6wneowzzmbKjx2SSSVyznkc3Ein0Mb3yuzrrrlLmIIzWXvoPfobRKdIG3o0E_m4sByAKk16gwBI3eMU4nd0uY4CccKTo4CM-I0c4V2n7PcnW0r48MQpqEPjwoKi0WToyCGbInXFp94LLhUmbHWEcNT75xINKnotPxoaT5TwTBwMgX_6MK9--pqAbK2Us8xBWZLRM6Vy1ZLkAWtrhInMhWPvjBGQgP5dD4Uf4AHYn2HyM7bZFiDmHPf2gJZdmNQW6cA9xjbTeL27TNNwYA1rlSsC5qxjV44-n25hsEC3mAO3cQyuBwwYGIk25t6L7L5I5JJd_YPtlHXTQoxsM7E8whLRYCvtyTU19tZASBRQFW9E5RtL2UwI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Oct 2022 17:00:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C30C 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hQpIig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 17:00:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221005&jk=3918258867269380&bg=!7-yl7KjNAAYqRg79CkY7ACkAdvg8Wssr8GsUtQQke15xVxK8rKEUF1S5toy8QsLfFoi5hRsg3ip-tgIAAADyUgAAAAFoAQeZAtwBUCO6JhCW4R4vblBH71qQga4GWgNdDT6kimmCjwIns4o2U7fu9ypXMa6SaKjYoV_bmb74HDoSsk4IyxXNhB6-AnYgg-v7dCTYtvB5dmJ0lbOhGlFZBimy5VmHsfEQHjD6tB_HbFvzpzSIUDXOFotOZd_6jW8A_VlWec6JXPC_X8NAWsn1hX6Kvv_DLs5shtNcRwCe6gd1m4KfzGyQT7ygh8gekdMcpvgQpqrSuFkTahAqOF0_DPsdk5oul_qVMxIDxvGYdwtax919XFkcgZO_hNPBgpwVW2vxrufmoahSSWpixZWzxCLiwy_VbWgo-bzVvTtvP_SF7wtVv5yC_GXVArCQ0Zt5Xy4kl40o7Yp-jS1XdPYBheQS6N7rujoVyNHvl8BKFJFDO_KQT4BZgRaiqmzi_Ko2FFfdtA2xJTIiGYjOu7vTbKOBTs-KjIXe1mx62-ECmT5qCy6_YVlVpMTtX67zqh4VArrkXRspavSDZxT6Mqu_gtdMnsJQRFOOgkE6eYHK4ArVXfFQmfodSmirR4dijFPVUwADVEhLn1USIFk555opALmKgXf0AkpHEbxqdniwF5iJW9V6Lj8lKcPgYvU9s0p73lfyFMqJo-eCHL1ZbluRq8YzCAAgyK7oI8_ZC6p8GjI38bvvH7KIFR55pMa8l8dNdo0jODXPH_NZKpO0myES9zDU_oR1RiVjzB9DXkgrmHa1tPRegDsKWSYrfwk4Nji-6n0bd6kifx8VrAm9pVDU7-OvUYwY-I7XPajUP-o377Nwn_VdqDSHlM5prIxdHueE70wckE336m5gHFRH5KBpyCYU8vbRknLU_Y-IK7fyfqFcSk1tZpbSbFjjvm85GHNLknNPVauJSijoQD8jAqJRN9BFid-hswg0TEbMRSZjlELRDhb5OGCnpsEahwXYDAFUh9otGzsxjv7HyuxumSsXVoMCqttP3QKyhxjjlizelg-rnwBOujk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cute-cursors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHOZI_4DUpI_n6sA2cRXdNo&google_cver=1&google_push=AZmPxg8WfRe1lsS4frKRkMZ_avzfAPRyyc7YMSB0EnIOom-F9_hdqdueLi88mrhjZiybVaPqxMi7yj1fe7NkehIzA15jjXcxgedLzw

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cute-cursors.com/	1970-01-20 16:14:27	Name: _ga_YC965SWLMN Value: GS1.1.1665507620.1.0.1665507620.0.0.0
.cute-cursors.com/	1970-01-20 16:14:27	Name: _ga Value: GA1.1.191953320.1665507621
.cute-cursors.com/	1970-01-20 16:00:03	Name: __gads Value: ID=e6746195ede2d684-22965d4fa9d70043:T=1665507621:RT=1665507621:S=ALNI_MaXhkcC5hmHCmbaaByam8K0ScmWdg
.doubleclick.net/	1970-01-20 16:00:03	Name: IDE Value: AHWqTUkSwO9xVvY7RwRfmreheLvDzu_luYjFtf1mYb_05DwKY0PjPwJWF37_sNulWDQ
.adnxs.com/	1970-01-20 08:48:03	Name: uuid2 Value: 4583620904195716186
.quantserve.com/	1970-01-20 08:48:03	Name: d Value: EBgBCQGnJ4EA
.quantserve.com/	1970-01-20 16:08:42	Name: mc Value: 6345a127-a3b59-610cc-f8485
.pubmatic.com/	1970-01-20 06:39:54	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 15:24:03	Name: CMID Value: Y0WhJ4w-1BBjWTqD0B49pgAA
.casalemedia.com/	1970-01-20 08:48:03	Name: CMPS Value: 1112
.casalemedia.com/	1970-01-20 08:48:03	Name: CMPRO Value: 1112
.doubleclick.net/	1970-01-20 06:38:31	Name: DSID Value: NO_DATA
.pubmatic.com/	1970-01-20 08:48:03	Name: KADUSERCOOKIE Value: 0502FDB2-E261-4016-A74F-587BF77D54C6
.e.dlx.addthis.com/	1970-01-20 16:08:42	Name: na_tc Value: Y
.adnxs.com/	1970-01-20 08:48:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?(EfP9W!@wnfH8K6pQK`!5=E<L5?%M-m8HWOfR51[1f^zQiorJ=7^<Q5?136sFx_K?bpRzqF1`b^!@)d58*
.casalemedia.com/	1970-01-20 08:48:03	Name: CMTS Value: 1114
.agkn.com/	1970-01-20 15:24:03	Name: ab Value: 0001%3AH9zDZylGaiS8g3TNkxiOLg0U4MsWmEjo
.agkn.com/	1970-01-20 15:24:03	Name: u Value: C\|0CEAq2F2oKthdqAAAAAAAAQ13AQCAAQpAAAAAAA
.addthis.com/	1970-01-20 16:08:42	Name: na_id Value: 2022101117002300062108451597
.addthis.com/	1970-01-20 16:08:42	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:08:42	Name: uid Value: 6345a127a2f56c91
.addthis.com/	1970-01-20 16:08:42	Name: ouid Value: 6345a12700016881acfd74b5a168cafcb1b674cdc5dd171cc419
.dlx.addthis.com/	1970-01-20 07:21:39	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:21:39	Name: na_sr Value: 20221011
.dlx.addthis.com/	1970-01-20 06:38:27	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:21:39	Name: na_sc_e Value: 0
.o2online.de/	1970-01-20 06:48:32	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=26952494_4307561_340582468_145341330_PO2703A20220907&ref=26952494_4307561_340582468_145341330_PO2703A20220907
.innovid.com/	1970-01-20 08:48:03	Name: uuid Value: d506c234-cdc3-4cdf-a99c-2e9e95062303-20221011 13:00:24

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHOZI_4DUpI_n6sA2cRXdNo&google_cver=1&google_push=AZmPxg8WfRe1lsS4frKRkMZ_avzfAPRyyc7YMSB0EnIOom-F9_hdqdueLi88mrhjZiybVaPqxMi7yj1fe7NkehIzA15jjXcxgedLzw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg8y71M_btWba2QBCIA7FXXI87T251aAH0nGErKFnnZ1BkxWTnnGeqjt_jgAVoSpwh5aA92Cpzb6Qe-TyvAHX2WBzADF-jE&google_gid=CAESEPsdD-is_ZfZORSdtvhmfuM&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
assets.pinterest.com
cm.g.doubleclick.net
cms.quantserve.com
cp.cute-cursors.com
cute-cursors.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
log.pinterest.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
portal.o2online.de
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.19.126
104.76.200.221
142.250.186.66
151.101.0.84
185.64.190.78
185.80.39.216
2001:4860:4802:34::36
2606:4700:e0::ac40:600a
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2006
2a00:1450:4001:806::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200a
2a04:4e42:4b::84
2a05:d01c:1d8:8102:bdb7:7e9e:5642:c498
3.123.239.111
34.98.67.61
35.227.252.103
35.244.174.68
37.252.171.149
69.173.144.138
82.113.101.132
07d609457ea2e93be9e7b5dd8e9a9a156d2e80144bcd94cf0adf05c553da053b
0a611ec5e8310f9c449ff3a165ea4eae88d24f76c3034a0a5318f65b0f3665d6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d02ee2e2b1b6805f28d1e507015230f2aca6a32da79403f6554024b8f4b5c0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b5acae3662de92344c51c3ef86b44b0512076e3c506b04cf27308b35be07456
1c0d7164fe7c63be002022e0fedb2683e4dc4f36c4732966a0785a874b80bb03
1cba836d82455ab8544deed75fc6b32b3e3c141e41cf61416208ec9936426f9d
1cf5c68e3b12f366e7d986e68764c200917d0ec91eb87f8348e9a25e74254524
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
30a92915ddbaf19d5d84b18f06418c30fb11ca26d14141cba663dfc3488132a1
31b30dddf75ae8eafd3e1a505311a0fa9c5054ed6e6a985c04c4f48a26ca718e
33e74f7d3edfdc50577c3816c6524eb9136c8c627ab0fbaa0663bcb4df90da38
34543254976bef9b8849810aaac3ef231e940e941cae5531c67be2daf33f4473
3489c00af8048ca172b7ea6042bcb05c2fd3b51943947237c44ec37f2646f591
35039731bf962b59c3ac3c8092db0f85b8e248deb834fe6b225ea344fed32bfe
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
40f5ab5f2934e9ac247ff78da9f508f37a2dcde273a38ce7102cb43926686404
413a527c0ed1833fea654b2bb065bda9ebe46bc1f585cf2d481f8a79dbc51610
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
46935e14018119997b046d0f832da7af46491705b430051c992296c467376e89
47d809cf7392c8b9db8407a0ff5553f718a3fdc86b9fe52ae73e3d0aea42feb1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ad6f5f8daa1d32b6ac0d0dba787f1a014c159d0b5836f72bc699080f664d176
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cef9f8169c55b785378f2785443e36132051c6c0600a494531767cf38825ca
6a5f5e1e0b9bee9e7353775e88362845d68c7d92d61d3cd1b930265178b56ea4
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e666155adc38b774e429caed499ae332417bf8de3a0818fc847b0fea0708ccd
70da84d27c8b28812c7392027d66b5536a3e9629395323195715b21ced983098
72241cf63d29c5a29e7689ceb8d2fc43e1867ad7270534058311f632a0914199
77375e0cf2f8f34b815c8ff8ee55307d08c63419cb0305b90752b46f38611a6e
786f8a52ff34ec230429c0fce6bb0c961b1d6c2f487c1950a150541a3beb11b2
7a2ac81aac2b0dfc93e4db5a5460e8fe1b66b3355e0bae2bb5340c746e155592
7d6b185c25855ec7d560c46a127f8f28ea723d0bd8bd6b1c2b610cd219016207
8179ef012396214167e0aa1fc7792e2aa13d24b6d7aa6308cf6f403dc02ddf3b
82bfecb39a5036df0238ead667a4339cd241444d1a0533d29ebe68024d1c67b6
880b54918b4a62ebf033b5063c0398a2e3173533c69e87aa7ea9ad8af6b9ed72
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c2b7d296b0482c746ec6cfa855937dd605bb37e6ecf0a498dffa58ea043714f
963b5b650b6044da4123627d2e90db7c844af774aa16b74de5cebb52666da218
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07bc4ba5459480979f216aa3dbe388d645b0c82834b41999b08ca6861901341
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3848f1abe7503ab4a85d11e4c2865d0a0d127d9ac8083a208d04a293b5bf8ec
a3b9435cdd9aa60521ee0df49e3edaafbde815f5e3dd275e8abe32253d6fd06a
a4967ed9798c9f6d15834ab33d11641f221a0cb34ad8b6a36a2fab2c081cdaf2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f277bc52112f73953bc80f909624b894efea5f9a33c6ce68cb2969442ee0b1
a79dc0d87d00e35b5f8fcaf20c493a65996d0541865129771c68f98c4588fb64
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
acc85bf7e29af0589695c882741ec2488ce5f337e7fd779b46b56136983560e7
b0af10fcdb94d9af8ed8ab99f4da86ee81fec8847c11fada15703239c0e127fa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b307e082bedcbf969055d06494ae7252f908c24ff2daddf9a0d658b321a38e93
b341623cd3ab06b1ab6cdf2fc9f133648da75db0b6e6c15812545e536af2bfd1
b5bfdb5e4886a5d739b60e2a8938706714242d4e9a68cb77281630a3e518faad
bcc8be29810b5c27048d6e7a45fbf8ee51a29a0abb81144fc2bb3138fd4b19e7
bf7cdf4ea0bef5e790ccf5601d96868de19a71a54c9fa53e267a3f598fa32eb8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9
c354b33eda0ea1f5e5603d502e95c9262e213364c970039d584811a5acfe20e4
c738652d1ee5a8104df1e777569ddcff45423645fb9d487139715a5c07c4aa03
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
cbb9e6ee4b2f37e47c1ccb6b484accf52a469349a2859ff482da9a31adac58e8
cc066472d798e6421cb1d5e7ddd8f0c91b69df5e00e607cc90648eee15225be4
ccb5b11f72b50389188f1ae310572a18b1c31492ce7dfbca88298ede64ec556f
d28dbb765ee047b45e7699700c5cc3c6d13a4f856c6fbb06423673a49136b3b3
d3b0f175d4a587eb81e28e752a5798c2907018ff30dcda5b7add2f8d3324e778
d6e2531976fa618cede5863027366e4011760b0610d7136a8f7d7ed149c26348
e21d47faa0670fa40a0f13f17fcca144c76d5cdeb2ce1c4ca7bb6344cf86cc40
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34866cf6600ef156087d77e6de893f8ded4d900171d62aa71e7d53896ffdd6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e506bfe9b83b019ffdb4f52e5e2c0906ff78814d8694ad916badbaeb28bea385
e6dd0b1a7a349d51b89e959109ff9674b348298e094353b21f9b08066f1d44ce
e93c98df389a720a76c518f4d557ec28c286590d6855da92eddb1aee2ac424df
eec0ae4bb52981a6ca92d58df2a6c7d9cc64f08ffbad2e1dbc3740e8a8a026f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef99f930891d2a33101a538258263086e98c50fb5a5113e49fd2eba29f85a795
f52f45159c82afafb31f2e9c28c9627e3988c515584751a64111334f9b9c2142
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fad3555dee6a2d9851de0ce952798fcff0a0a7bf518c7f679f3f172720deeed4
fb05fda7499d40e657f6aac9e0f46e3bf3a269f01082fc0bfe2da83e0407cb73

cute-cursors.com Open in urlscan Pro 2606:4700:e0::ac40:600a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

92 %HTTPS

57 %IPv6

26 Domains

33 Subdomains

26 IPs

5 Countries

4795 kBTransfer

6981 kBSize

28 Cookies

6 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cute-cursors.com Open in urlscan Pro
2606:4700:e0::ac40:600a Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

92 %
HTTPS

57 %
IPv6

26
Domains

33
Subdomains

26
IPs

5
Countries

4795 kB
Transfer

6981 kB
Size

28
Cookies

145 HTTP transactions
2 data transactions