urlscan.io logo urlscan.io
SecurityTrails logo

cur.to Open in urlscan Pro
63.250.38.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://cur.to/saef
Submission: On May 31 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 35 HTTP transactions. The main IP is 63.250.38.20, located in United States and belongs to NAMECHEAP-NET, US. The main domain is cur.to.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 29th 2024. Valid for: a year.
This is the only time cur.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 63.250.38.20 22612 (NAMECHEAP...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.45.184.134 8075 (MICROSOFT...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
35 12
14    63.250.38.20 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium89-5.web-hosting.com
cur.to
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ro
1    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    104.45.184.134 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
a.clarity.ms
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
14 cur.to
cur.to
575 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
a.clarity.ms — Cisco Umbrella Rank: 6046
c.clarity.ms — Cisco Umbrella Rank: 1385
28 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
www.google.com — Cisco Umbrella Rank: 2
365 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
233 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
3 KB
2 google.ro
www.google.ro — Cisco Umbrella Rank: 28332
517 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
400 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
72 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
763 B
35 10
Domain Requested by
14 cur.to cur.to
3 www.googletagmanager.com cur.to
www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 www.facebook.com cur.to
2 a.clarity.ms www.clarity.ms
2 www.google.ro cur.to
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net cur.to
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.clarity.ms cur.to
www.clarity.ms
1 c.bing.com 1 redirects
1 www.google.com cur.to
35 13

This site contains links to these domains. Also see Links.

Domain
trudywainwright6.wixsite.com
www.siteground.com
Subject Issuer Validity Valid
cur.to
Sectigo RSA Domain Validation Secure Server CA		 2024-02-29 -
2025-03-01		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.google.ro
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://cur.to/saef
Frame ID: AA89F6AEB1D9D6D0A718710AE20DED6A
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

saef - cur.to

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

97 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

934 kB
Transfer

2906 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E2101AB6D27543779732E14BD97C43B7&RedC=c.clarity.ms&MXFR=1A03B7D83D3861130A6CA34839386FD9 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E2101AB6D27543779732E14BD97C43B7&MUID=379768379F09602D14817CA79E0961AC

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request saef
cur.to/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
b6f29eeb56760c6e7559bd3cfdca2ac2ff313892130a2264a16fc50301f197b8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
2256
content-type
text/html; charset=UTF-8
date
Fri, 31 May 2024 18:33:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
cur.to/themes/altum/assets/css/ 		216 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/css/bootstrap.min.css?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
94e9ffa4a36db6513b07a056e7f9939a90f5dd927a4c5ca6fbd8bb253874861a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:34 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:27:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
28464
expires
Sun, 30 Jun 2024 18:33:34 GMT
custom.css
cur.to/themes/altum/assets/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/css/custom.css?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
445dfad512832ade21ef09c225ea8b69d1266c6435428cae4b643ee0e42dd9e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:34 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:27:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
5343
expires
Sun, 30 Jun 2024 18:33:34 GMT
link-custom.css
cur.to/themes/altum/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/css/link-custom.css?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
9bb2765c88af42eb266dfdf582b449a1a5e690b03c6ed22d85b6a26cebac1961

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:34 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:27:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1118
expires
Sun, 30 Jun 2024 18:33:34 GMT
animate.min.css
cur.to/themes/altum/assets/css/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/css/animate.min.css?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:34 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:27:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4830
expires
Sun, 30 Jun 2024 18:33:34 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-586565-17
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35db7aa52fea23f24d796f2391369eebe9281cd9ef176e11deb50d241d7d5b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72453
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 31 May 2024 18:33:35 GMT
98241a27cf9be6afb1466fc5151d13e3.png
cur.to/uploads/avatars/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.to/uploads/avatars/98241a27cf9be6afb1466fc5151d13e3.png
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
6c68e7437c6b3916767193a12afc58668980f8d4e16fa81af8a386d6087c9d2b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:34 GMT
last-modified
Fri, 31 May 2024 05:25:37 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4296
expires
Sat, 31 May 2025 18:33:34 GMT
jquery.min.js
cur.to/themes/altum/assets/js/libraries/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/js/libraries/jquery.min.js?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:34 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:29:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
29739
expires
Sun, 30 Jun 2024 18:33:34 GMT
popper.min.js
cur.to/themes/altum/assets/js/libraries/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/js/libraries/popper.min.js?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:29:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6545
expires
Sun, 30 Jun 2024 18:33:35 GMT
bootstrap.min.js
cur.to/themes/altum/assets/js/libraries/ 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/js/libraries/bootstrap.min.js?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
8c1dea3ffbb8a0974366fc2c7748d4db4f7ff15e0d6d1dc9f18e7d52a366414b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:29:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
14687
expires
Sun, 30 Jun 2024 18:33:35 GMT
custom.js
cur.to/themes/altum/assets/js/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/js/custom.js?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
2d26027a325c7b664cd20915ce65f7530bcf22fe0c7509c211732e88acb05383

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:27:27 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
7270
expires
Sun, 30 Jun 2024 18:33:35 GMT
fontawesome.min.js
cur.to/themes/altum/assets/js/libraries/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/js/libraries/fontawesome.min.js?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
9d86a276aee130232fa0ef2134c750628acac1072a31e35eb7d65624652f549d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:29:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
15372
expires
Sun, 30 Jun 2024 18:33:35 GMT
fontawesome-solid.min.js
cur.to/themes/altum/assets/js/libraries/ 		807 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/js/libraries/fontawesome-solid.min.js?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
f9442a526f76a4fad3bc9c7b8e7e7a9041f507649c9c8ca653f8ab4ce0d3dc02

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:29:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
261630
expires
Sun, 30 Jun 2024 18:33:35 GMT
fontawesome-brands.min.js
cur.to/themes/altum/assets/js/libraries/ 		465 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cur.to/themes/altum/assets/js/libraries/fontawesome-brands.min.js?v=4200
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
a53e31edb30f99af3ca1057b04b78ffd82306614059042531adea8ee830a25e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
last-modified
Wed, 03 Jan 2024 18:29:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
203054
expires
Sun, 30 Jun 2024 18:33:35 GMT
gtm.js
www.googletagmanager.com/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF56DM3
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ccdb9dc6022d100f4977a9dc24db4b9168792575823334dda77e6ea159819dfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66328
x-xss-protection
0
last-modified
Fri, 31 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 31 May 2024 18:33:35 GMT
74ucooletd
www.clarity.ms/tag/ 		637 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/74ucooletd?ref=bwt
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7a6d9166aa0ebf69b8eedddd989e5a709bf5abf8b100b0330a9e3f1e6708531b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Fri, 31 May 2024 18:33:35 GMT
x-azure-ref
20240531T183335Z-164d49668c6q7xxca9k0g9yhtc0000000mcg00000000e3wm
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
js
www.googletagmanager.com/gtag/ 		286 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-77Z56N8DV8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-586565-17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49b3b9b2ac3423f6406c77337478f8150559d9022f47c8ccd7349197a540b0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99432
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 31 May 2024 18:33:35 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-586565-17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 31 May 2024 18:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
267
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 31 May 2024 20:29:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 31 May 2024 18:33:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1326, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
upeRkWQX3v7JhSMnNLdGIoAxz6h+jWro5yN5ifNjfc06cQNhepNxXA0NUaLd8Dy0wwgrqLNHQAui8Qwg36W9VQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/74ucooletd?ref=bwt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:35 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240531T183335Z-164d49668c6q7xxca9k0g9yhtc0000000mcg00000000e3xb
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c75ddf5e-101e-0065-750a-aa809f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
www.google-analytics.com/j/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1923050342&t=pageview&_s=1&dl=https%3A%2F%2Fcur.to%2Fsaef&ul=de-de&de=UTF-8&dt=saef%20-%20cur.to&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1342648965&gjid=2114829752&cid=790746670.1717180415&tid=UA-586565-17&_gid=1860796513.1717180415&_r=1&gtm=457e45t0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=974831258
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cur.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-77Z56N8DV8&gtm=45je45t0v892109670za200&_p=1717180415158&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=790746670.1717180415&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1717180415&sct=1&seg=0&dl=https%3A%2F%2Fcur.to%2Fsaef&dt=saef%20-%20cur.to&en=page_view&_fv=1&_ss=1&tfd=1551
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77Z56N8DV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cur.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-77Z56N8DV8&cid=790746670.1717180415&gtm=45je45t0v892109670za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77Z56N8DV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cur.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ro/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ro/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-77Z56N8DV8&cid=790746670.1717180415&gtm=45je45t0v892109670za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=937329720
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-586565-17&cid=790746670.1717180415&jid=1342648965&gjid=2114829752&_gid=1860796513.1717180415&npa=1&_u=YEBAAUAAAAAAACAAI~&z=154940238
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5654fc07addd73e8ad92adf86e9b2d81e0c5d8e539375a654ad2e2dca191c35f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 31 May 2024 18:33:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cur.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
504409673851280
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/504409673851280?v=2.9.156&r=stable&domain=cur.to&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7bae1e396ce51134194e26385c21b23c1164306e2a1d015ea74216ba014ce98
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 31 May 2024 18:33:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=63, mss=1326, tbw=63383, tp=-1, tpl=-1, uplat=130, ullat=0
pragma
public
x-fb-debug
F6RURvMWng8q44r95N/UGy8InHWkjVhYEeoJlzVEsgYmoq0OkXP7c0/vS1/n7QFXr1by3yIniZZlBPBxyg4ssQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-586565-17&cid=790746670.1717180415&jid=1342648965&npa=1&_u=YEBAAUAAAAAAACAAI~&z=2051733018
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ro/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ro/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-586565-17&cid=790746670.1717180415&jid=1342648965&npa=1&_u=YEBAAUAAAAAAACAAI~&z=2051733018
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
a.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://cur.to
Date
Fri, 31 May 2024 18:33:35 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
/
www.facebook.com/tr/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=504409673851280&ev=PageView&dl=https%3A%2F%2Fcur.to%2Fsaef&rl=&if=false&ts=1717180415638&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1717180415637.77389313&cs_est=true&ler=empty&cdl=API_unavailable&it=1717180415475&coo=false&rqm=GET
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1326, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 31 May 2024 18:33:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=504409673851280&ev=PageView&dl=https%3A%2F%2Fcur.to%2Fsaef&rl=&if=false&ts=1717180415638&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1717180415637.77389313&cs_est=true&ler=empty&cdl=API_unavailable&it=1717180415475&coo=false&rqm=FGET
Requested by
Host: cur.to
URL: https://cur.to/saef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa2312104921d9b2a","source_keys":["1","2"]},{"key_piece":"0xe2d3616b0b0db15e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 31 May 2024 18:33:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1326, tbw=3104, tp=-1, tpl=-1, uplat=171, ullat=0
pragma
no-cache
x-fb-debug
Wm6GwMJHQVUDaiDl3Cyp1wfLpYgEe2Q08TMnW8HYjAWkEZDcCpanuizvqvKN98asd6XtB7J0DmOwCJrwu1i2sA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E2101AB6D27543779732E14BD97C43B7&RedC=c.clarity.ms&MXFR=1A03B7D83D3861130A6CA34839386FD9
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E2101AB6D27543779732E14BD97C43B7&MUID=379768379F09602D14817CA79E0961AC
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E2101AB6D27543779732E14BD97C43B7&MUID=379768379F09602D14817CA79E0961AC
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://cur.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6A7AD2890C3846FFA80B60E879F408E4 Ref B: FRAEDGE1911 Ref C: 2024-05-31T18:33:36Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E2101AB6D27543779732E14BD97C43B7&MUID=379768379F09602D14817CA79E0961AC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
03c83b81644b65e8acb9c9c65c3e16f8.jpeg
cur.to/uploads/favicons/ 		766 B
969 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cur.to/uploads/favicons/03c83b81644b65e8acb9c9c65c3e16f8.jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.250.38.20 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium89-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
a93e7de4a764650f2cd2437d20ee1a03661c3c2e780ce93f6a6dcc3444efe2d0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/saef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 18:33:36 GMT
last-modified
Fri, 31 May 2024 05:27:17 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
766
expires
Sat, 31 May 2025 18:33:36 GMT
collect
a.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://cur.to
Date
Fri, 31 May 2024 18:33:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-77Z56N8DV8&gtm=45je45t0v892109670za200&_p=1717180415158&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=790746670.1717180415&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1717180415&sct=1&seg=0&dl=https%3A%2F%2Fcur.to%2Fsaef&dt=saef%20-%20cur.to&en=scroll&epn.percent_scrolled=90&_et=3&tfd=6555
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-77Z56N8DV8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cur.to/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 31 May 2024 18:33:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cur.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| clarity object| altum function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| Popper object| bootstrap object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

17 Cookies

Domain/Path Name / Value
cur.to/ Name: PHPSESSID
Value: cfb8db107c286dcdad4d992153ad1ab4
cur.to/ Name: s_statistics_4119
Value: 0
www.clarity.ms/ Name: CLID
Value: 25dc03473dee4c8b9ed9eeb3487a88ce.20240531.20250531
.cur.to/ Name: _gid
Value: GA1.2.1860796513.1717180415
.cur.to/ Name: _gat_gtag_UA_586565_17
Value: 1
.cur.to/ Name: _ga
Value: GA1.1.790746670.1717180415
.cur.to/ Name: _ga_77Z56N8DV8
Value: GS1.1.1717180415.1.0.1717180415.60.0.0
.cur.to/ Name: _clck
Value: 19zgiy8%7C2%7Cfm8%7C0%7C1612
.cur.to/ Name: _fbp
Value: fb.1.1717180415637.77389313
.cur.to/ Name: _clsk
Value: 16whj8f%7C1717180415967%7C1%7C1%7Ca.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 379768379F09602D14817CA79E0961AC
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 379768379F09602D14817CA79E0961AC
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 379768379F09602D14817CA79E0961AC
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

14 Console Messages

Source Level URL
Text
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cur.to/saef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
c.bing.com
c.clarity.ms
connect.facebook.net
cur.to
region1.analytics.google.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.ro
www.googletagmanager.com
104.45.184.134
2001:4860:4802:34::36
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c0d::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
63.250.38.20
68.219.88.97
2d26027a325c7b664cd20915ce65f7530bcf22fe0c7509c211732e88acb05383
35db7aa52fea23f24d796f2391369eebe9281cd9ef176e11deb50d241d7d5b6c
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
445dfad512832ade21ef09c225ea8b69d1266c6435428cae4b643ee0e42dd9e3
49b3b9b2ac3423f6406c77337478f8150559d9022f47c8ccd7349197a540b0da
5654fc07addd73e8ad92adf86e9b2d81e0c5d8e539375a654ad2e2dca191c35f
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
6c68e7437c6b3916767193a12afc58668980f8d4e16fa81af8a386d6087c9d2b
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
7a6d9166aa0ebf69b8eedddd989e5a709bf5abf8b100b0330a9e3f1e6708531b
8c1dea3ffbb8a0974366fc2c7748d4db4f7ff15e0d6d1dc9f18e7d52a366414b
94e9ffa4a36db6513b07a056e7f9939a90f5dd927a4c5ca6fbd8bb253874861a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bb2765c88af42eb266dfdf582b449a1a5e690b03c6ed22d85b6a26cebac1961
9d86a276aee130232fa0ef2134c750628acac1072a31e35eb7d65624652f549d
a53e31edb30f99af3ca1057b04b78ffd82306614059042531adea8ee830a25e3
a93e7de4a764650f2cd2437d20ee1a03661c3c2e780ce93f6a6dcc3444efe2d0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b6f29eeb56760c6e7559bd3cfdca2ac2ff313892130a2264a16fc50301f197b8
ccdb9dc6022d100f4977a9dc24db4b9168792575823334dda77e6ea159819dfc
d7bae1e396ce51134194e26385c21b23c1164306e2a1d015ea74216ba014ce98
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9442a526f76a4fad3bc9c7b8e7e7a9041f507649c9c8ca653f8ab4ce0d3dc02
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a