cursefire.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cursefire.com/
Effective URL:
https://cursefire.com/
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 23 via api (April 23rd 2023, 1:45:08 pm UTC) from FI — Scanned from NL

Summary HTTP 74 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 13 domains to perform 74 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cursefire.com.
TLS certificate: Issued by GTS CA 1P5 on March 9th 2023. Valid for: 3 months.

This is the only time cursefire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:1a00:19:f28c:cd92:c761	16509 (AMAZON-02) (AMAZON-02)
18	13.32.99.91 13.32.99.91	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2491:1800:8:7bb3:3800:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
74	19

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cursefire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cursefire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:1a00:19:f28c:cd92:c761 (United States)

ASN16509 (AMAZON-02, US)

static-cdn.jtvnw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.32.99.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-91.fra60.r.cloudfront.net

media.forgecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:1800:8:7bb3:3800:93a1 (United States)

ASN16509 (AMAZON-02, US)

cfcore-assets.forgecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	393 KB
19	forgecdn.net media.forgecdn.net — Cisco Umbrella Rank: 61502 cfcore-assets.forgecdn.net — Cisco Umbrella Rank: 978960	800 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	75 KB
6	cursefire.com 1 redirects cursefire.com	82 KB
5	gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com fonts.gstatic.com	70 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	98 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 11490	696 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	605 B
1	jtvnw.net static-cdn.jtvnw.net — Cisco Umbrella Rank: 5247	29 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1718	252 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	77 KB
74	13

	Domain	Requested by
18	media.forgecdn.net	cursefire.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	cursefire.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net cursefire.com
6	cursefire.com	1 redirects cursefire.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cfcore-assets.forgecdn.net	cursefire.com
1	encrypted-tbn0.gstatic.com	cursefire.com
1	static-cdn.jtvnw.net	cursefire.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	cursefire.com
74	18

This site contains links to these domains. Also see Links.

Domain
www.overwolf.com
curseforge.com
overwolf.github.io
support.curseforge.com
www.curseforge.com
download.overwolf.com
ideas.overwolf.com
medium.com
brands.overwolf.com
core.curseforge.com
support.overwolf.com
alphas.overwolf.com
discord.gg
www.reddit.com
www.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
*.cursefire.com GTS CA 1P5	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
static-cdn.jtvnw.net Amazon RSA 2048 M01	`2023-03-13` - `2024-04-10`	a year	crt.sh
curseforge.com Amazon RSA 2048 M01	`2023-02-23` - `2023-08-10`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://cursefire.com/
Frame ID: CCE4625A1F73C9F8BB63729F8778EAFA
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 4BC8A1231F55B3F221E9BC264BA3261A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&adk=1812271804&adf=3025194257&lmt=1682257502&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fcursefire.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682257502579&bpp=10&bdt=948&idt=254&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1277739678974&frm=20&pv=2&ga_vid=591632911.1682257503&ga_sid=1682257503&ga_hid=1602424136&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074011&oid=2&pvsid=3514326614603255&tmod=512489690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276
Frame ID: CB7EAC02E1E7CBA780BAF2C886DF5B75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682257502&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682257502592&bpp=2&bdt=961&idt=271&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1277739678974&frm=20&pv=1&ga_vid=591632911.1682257503&ga_sid=1682257503&ga_hid=1602424136&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074011&oid=2&pvsid=3514326614603255&tmod=512489690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=H7TjluzyWD&p=https%3A//cursefire.com&dtd=277
Frame ID: 2A502F9E8FB16535559AA1DDCD731C30
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: D91A1ACDFD3E9A9EE9098CFD00AA88C2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E585FE1FCF4A39F7D850993F865EB7F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Frame ID: 3BD63FA6C7C3F9D8E8F17B80498845D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Frame ID: 500826176691671D51C40380803125F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B2F7D0D3FBE08D7CC90314CF065132C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1045CE9F5490163A951AEA89AFDE4DCB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CurseFireCurseFireCurseFireCurseFire

Page URL History Show full URLs

http://cursefire.com/ HTTP 301
https://cursefire.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

74
Requests

100 %
HTTPS

95 %
IPv6

13
Domains

18
Subdomains

19
IPs

2
Countries

1627 kB
Transfer

2768 kB
Size

6
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.overwolf.com/creators/build-an-app/
Title: Build an App

Search URL Search Domain Scan URL

URL: https://curseforge.com/
Title: Publish a mod

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/why-overwolf/
Title: Why Overwolf

Search URL Search Domain Scan URL

URL: https://overwolf.github.io/docs/start/getting-started
Title: App documentation

Search URL Search Domain Scan URL

URL: https://support.curseforge.com/en/support/solutions/folders/9000194118
Title: Mod documentation

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/creators/creators-services/
Title: Creator services

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/fund/home
Title: Apply for funding

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/
Title: Discover Mods

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/appstore
Title: Discover Apps

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/our-commitment/
Title: Gameplay First

Search URL Search Domain Scan URL

URL: https://download.overwolf.com/install/Download?Channel=web_dl_btn
Title: Download Overwolf

Search URL Search Domain Scan URL

URL: https://ideas.overwolf.com/
Title: Suggest a feature

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/about-overwolf/
Title: About us

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/our-story/
Title: Our story

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/jobs/
Title: Careers

Search URL Search Domain Scan URL

URL: https://medium.com/overwolf
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/brand-guidelines/
Title: Brand Guidelines

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/partners
Title: Partners

Search URL Search Domain Scan URL

URL: https://brands.overwolf.com/
Title: Advertisers

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/influencers
Title: Influencers

Search URL Search Domain Scan URL

URL: https://core.curseforge.com/
Title: Game Developers

Search URL Search Domain Scan URL

URL: https://support.overwolf.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/supported-games/
Title: Supported Games

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/legal/terms/
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/legal/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://alphas.overwolf.com/
Title: Overwolf Alphas

Search URL Search Domain Scan URL

URL: https://support.overwolf.com/en/support/solutions/articles/9000203492-licenses-we-use
Title: Licenses

Search URL Search Domain Scan URL

URL: https://discord.gg/YwHjmfe

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/Overwolf/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Overwolf/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/overwolf.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/TheOverwolf

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cursefire.com/ HTTP 301
https://cursefire.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

74 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cursefire.com/
Redirect Chain

http://cursefire.com/
https://cursefire.com/

18 KB
4 KB

936ms
869ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef39fa46e261a4bc2f729c7aa89fe552b8c8bbc75add9f330aa4a80cdec04104

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bc68b63d8ea1e85-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 23 Apr 2023 13:45:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT0%2FZOpGISW14K1%2FZt%2BOBQpNpy2Mj97RDbsjP1pAxMkqDHPYSpDzADu4m8E04Jq%2BjnTkHA0fJdje7Ur73IlVCt3OjSrmT%2FiwAnkBmG1sQgSuOG85kOT3dAbq9dAKGOOn42RxLJjAvecHeOQp"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 7bc68b6338e3b72a-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 23 Apr 2023 13:45:00 GMT
Expires: Sun, 23 Apr 2023 14:45:00 GMT
Location: https://cursefire.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyjAFjXmkGpisgMvTQ84Fa%2FDTogAGaS3c9UJeO44%2BLcrzShI1m5cwLldAbrBRJ6oX1N%2FC%2FnwlaNy6%2FvBvkTjcR10qbQT2mdppitBr2Q4sQW0oUb9OVXwQcU85g1boObsuEVdfysPtx42s1gp"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 common-1f7cdda8.css
cursefire.com/css/ 30 KB
7 KB 896ms
896ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cursefire.com/css/common-1f7cdda8.css
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a6f8e1e555cc3ec16c675469570519f9cb5363f895575d930c54b61986ae32

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 21 Nov 2022 10:20:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"790e-18499b3df08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ndDQi6fZv%2FepNIY%2F9Vxsl5jdf%2BKjciKtclYXdeCsYvbpmCtTXFjl9etX8Vl%2BLWCYhmjROHsFkUC6s%2FOSxrewou9029w3vTSlv5hMKglMS5Ahh2kXhpuKYpablKlYe6DQ9Nlz5f4%2Fi%2Fz536%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7bc68b695c3f1e85-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cursefire.e84d4e0c.js Show response
cursefire.com/js/ 4 KB
2 KB 690ms
689ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cursefire.com/js/cursefire.e84d4e0c.js
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a501ceccb8673f211db8cabb2654606a18d010b29fb1553073ac82255fe5305f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 23 Nov 2022 13:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e2a-184a4c0eee8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwZ4oQu5hjp1pP3YMhFlHohqWcGreFzVNwC2XlgyYM7Jp%2Fcx7oYmpTqRn6DK0Pc85StNtLLE4RukbeOVYVbQN0y0uRPJoPgkjX5v5PNUAFMLFjLaz%2BjfDAlPzxaJnGTaJtWl1G6U0wEQXioo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 7bc68b695c401e85-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sprites.svg
cursefire.com/images/ 14 KB
6 KB 803ms
803ms Other
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cursefire.com/images/sprites.svg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7a35a1dca1f6a57694532e4463082ab48ab67b4fe652080d876eb8c787ece5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 21 Nov 2022 10:20:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"389e-18499b3df0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYOqENX4LsA18pYKAATcLCCMeEsrqQiTUEDzxS0h31x2KyQQDZjLLX71gDGCaKvjPl8LXnFb%2BMXJPhsIks6R57sxNhE95mDGLPafBKiJn1ReBcXPxNlznWZgjh6SjsTizYWqFmnXOtcmiU8V"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7bc68b696c481e85-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 119ms
46ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QC4593XVBQ

Requested by

Host: cursefire.com
URL: https://cursefire.com/js/cursefire.e84d4e0c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

033b217917edb16541fb8f416d989255ecb80d247f852a4e36c77484daf59c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 23 Apr 2023 13:45:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 155ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5115739931490824

Requested by

Host: cursefire.com
URL: https://cursefire.com/js/cursefire.e84d4e0c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fd700c4bea6fb369e5fd92af73acfcf5b94ee5e247c63bdba7f305e1a097d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48139
x-xss-protection: 0
server: cafe
etag: 2172233663893635754
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 13:45:02 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 82ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QC4593XVBQ&gtm=45je34j0&_p=1602424136&cid=591632911.1682257503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682257502&sct=1&seg=0&dl=https%3A%2F%2Fcursefire.com%2F&dt=CurseFire&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QC4593XVBQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 13:45:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cursefire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 banner.jpg
cursefire.com/images/ 62 KB
63 KB 1008ms
1007ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cursefire.com/images/banner.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/css/common-1f7cdda8.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d52163d7ccfc89c6de8f5105f254d99c534cbc4ccf98545f6356f093dc1ffa9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/css/common-1f7cdda8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:03 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 21 Nov 2022 10:20:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f8e4-18499b3df0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=090mBy8xEcZ5nX33xGQyyZwKR3dXXpmhsPfwyV6OMQALtk1jSFFz8x8dYNmkQn%2FqAniA4nlFLOk%2BHQ8wAdQMjgU0U%2Bh3pTCu0E9cVwgJ2mlUTxnL%2FYCOXeIlfaKN3I%2B5NnmTCggyx77oUZNP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bc68b6f1fe2b71c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63716

GET
H2 200 Minecraft-285x380.jpg
static-cdn.jtvnw.net/ttv-boxart/ 29 KB
29 KB 133ms
40ms Image
image/jpeg 2600:9000:223d:1a00:19:f28c:cd92:c761
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-cdn.jtvnw.net/ttv-boxart/Minecraft-285x380.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:1a00:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f2c9bad74f6e53a3f9e61059166dfe66355d0e4a486c30146e4552ece044f7d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:07:18 GMT
via: 1.1 varnish-v4, 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 2264
x-cache: Hit from cloudfront
last-modified: Fri, 15 Oct 2021 17:31:05 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
x-varnish: 967840315, 780620177
cache-control: max-age=14400
timing-allow-origin: https://www.twitch.tv
x-amz-cf-id: rSU0m-MdsacTOi1DZJsp3SDjkCIYAixcQvBG0gt4aB0CV84d6-Tqhw==
expires: Sun, 23 Apr 2023 17:07:18 GMT

GET
H2 200 World+of+Warcraft+Tile.jpg
media.forgecdn.net/game-tiles/ 27 KB
28 KB 234ms
155ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/World+of+Warcraft+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3277411945108743bff2a8d13d1709b3df34cad86c20b2f6b44904d0dfb65a25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: VyqgnH6Y0YcYQu_lvLmHg7.hAayHOcke
date: Sat, 22 Apr 2023 14:33:30 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 12:42:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 83493
etag: "10326a61560da22e1f72d45a027b4ef5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 28108
x-amz-cf-id: o7aZf86SBTE96kHxVf3GiFyr9P-GbdSEuESERT5fJnpsXfXFX5yPnA==

GET
H2 200 StarCraft+II+Tile.jpg
media.forgecdn.net/game-tiles/ 31 KB
31 KB 231ms
152ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/StarCraft+II+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6df21f6294a75539a2c775a601a988f18a9eeca619b011a7fccb82723a010317

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: K4uLWPVDduO7mNMGFtuKwzrBXXTMTbzy
date: Sat, 22 Apr 2023 20:16:57 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 12:49:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 62886
etag: "4c53eae355cfa81a1bdfee9471ea054e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 31236
x-amz-cf-id: 2buRr352C2ZPdA-ZzHQ6A356195xKRNkGi1vdSqSNy0ymQ1P85Ml_w==

GET
H2 200 Kerbal+Space+Program+Tile.jpg
media.forgecdn.net/game-tiles/ 23 KB
23 KB 226ms
147ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/Kerbal+Space+Program+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3be218f161a122c56a3d5af8d3e1c8e492d1ddddb89dbf37aec90cf507fecba0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: oVBgegI45w.p6jwO137a1ZSMirTNg_3P
date: Sat, 22 Apr 2023 19:50:44 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 13:17:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 64466
etag: "19069f9efe65eb4e7355fd0517d914a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 23400
x-amz-cf-id: LlPu7ryUeRTiZuQE4tJYm9AEZQ-bH8gRHZaZQnL8vLLBWWrt3p6_nQ==

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 9 KB
9 KB 125ms
31ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTd1d6F8NswgRELpoAUGCP5RuPK8QiJ9_FRuFCMCrZeSfSb74sxee3-jNArcIcKeLh4OuE&usqp=CAU

Requested by

Host: cursefire.com
URL: https://cursefire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb924dcc1254c1614f7d283b5a22809579cc3f40db0cfa835ebae2af10849b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 02:40:27 GMT
x-content-type-options: nosniff
age: 39875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8720
x-xss-protection: 0
last-modified: Fri, 04 May 2018 12:24:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 22 Apr 2024 02:40:27 GMT

GET
H2 200 WildStar+Tile.jpg
media.forgecdn.net/game-tiles/ 31 KB
31 KB 201ms
123ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/WildStar+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 410b90f78406172eadb70e51f63bf41c8dd299495aba60255f6e577179793239

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: _x44xJCXP1eSRdppR_8JohEJAT7L2aEi
date: Sun, 23 Apr 2023 02:28:22 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 13:13:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 40637
etag: "a5a493caa5262e203a7e6046bf255ecd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 31507
x-amz-cf-id: o_LG9a43NEMv_vQ43qDQ22JcOEfhPnzVYTs158MMvxpTuVJgKMVjag==

GET
H2 200 World+of+Tanks+Tile.jpg
media.forgecdn.net/game-tiles/ 26 KB
26 KB 232ms
153ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/World+of+Tanks+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 392c6ed9bb119e47e1eeb6b22b059ecfc535a6df50d20b94e00df199280ba51f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: pcUqkiQD_mDON7qxaBU3S3iJg_jwi2L4
date: Sun, 23 Apr 2023 06:38:41 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 12:22:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 39522
etag: "215ccb034007fdd915239628f9763151"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 26649
x-amz-cf-id: 920bkF_GhhsUJIe7A7uGEnFuZuN0qqZ7VAA0A1K9c_oPZIjaxSIMdQ==

GET
H2 200 Sims+4+Tile.png
media.forgecdn.net/game-tiles/ 46 KB
46 KB 229ms
151ms Image
image/png 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/Sims+4+Tile.png
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1c66a0c75591bef403ac0093395787b96e7833a1290393c34ac370c28c55e23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: bYJ4kkO8250eCE2eCqbIVlfmpI5Y9Dwk
date: Sun, 23 Apr 2023 04:49:53 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 21 Apr 2022 20:37:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 36525
etag: "f81ca5f868bf793bc6bd62819905e475"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-meta-version-id: brnz_WbmwkCVyVieZQ.zRtaqfcI4x7YU
accept-ranges: bytes
content-length: 46603
x-amz-cf-id: xB3-MeBDnwZ2LWlBgdnjww0BiOD6qOGpu0HTqI5SrOmr3UtJcCPlVg==

GET
H2 200 rift_tile.jpg
media.forgecdn.net/game-tiles/ 37 KB
38 KB 93ms
38ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/rift_tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c521befbf60e04839c45d0c85c5d6ce4253d2fce50918b255257f268f1727339

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: eSEWHJsLJVBWltNbQ_g7NVj.kBH9MX_0
date: Sun, 23 Apr 2023 05:59:54 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 21 Apr 2022 20:30:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 28288
etag: "ce4f7806c27c1ce0feaa316dfaf7b0a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 38115
x-amz-cf-id: SJuuU1OYqWrS2rD7gzRaiLtjk5FgRpTXhqG-er4jqQqO8c_vRNXNQQ==

GET
H2 200 Runes+of+Magic+Tile.jpg
media.forgecdn.net/game-tiles/ 42 KB
43 KB 145ms
90ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/Runes+of+Magic+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b250056e3fccc2a48adab188e50386f0bf47c7ff55e85b31c2cce117b733066

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:03:09 GMT
x-amz-version-id: cvDCd.1B.kJ.Uaa_wUV4b3ljWkegYxP3
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 13:10:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 67313
etag: "d97402b8517cb92126d173479bcd9981"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 43180
x-amz-cf-id: ia5YkAaV4gzeLmYtpCp95JKcqC4ITv-dxbEbtq1-8_iSQqsk4EDs0Q==

GET
H2 200 tsw.jpg
media.forgecdn.net/game-tiles/ 107 KB
107 KB 115ms
60ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/tsw.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbee825cb095d6aea7572370d7363b2d4bdea83769463519cce7613214de5468

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 23 Apr 2023 01:22:19 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jan 2021 11:09:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 64797
etag: "046c7583561475294a8dcb2d7c85d382"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 109132
x-amz-cf-id: KoJS9dTZ20V7E_wY500MDHFvg4FL9viboV-Ti2Rk_Z7NHiKrjVYyug==

GET
H2 200 The+Elder+Scrolls+Online+Tile.jpg
media.forgecdn.net/game-tiles/ 44 KB
45 KB 123ms
68ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/The+Elder+Scrolls+Online+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2762a65e0329caba7531eb12a65de6d413e0a3e03e87374ef461e2622bc5ce59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: DgUfGrHUPPkTSUisbE64.663zH.ynlDu
date: Sat, 22 Apr 2023 19:28:42 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 12:25:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65781
etag: "5e20ae784f311f1623305931c3961482"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 45169
x-amz-cf-id: McxEY2uMDifUMRemtnia1zQ7JqJ7MK3bpClLVrKx4eoH8FJ4OZunyg==

GET
H2 200 Stardew+Valley+Tile.jpg
media.forgecdn.net/game-tiles/ 33 KB
34 KB 204ms
150ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/Stardew+Valley+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25dce8d38ee2cbe95bc0d2875e02e467c649a975e4f85972e1fcc99d3a325839

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: B3x42oD8yTBPd.l3XerP.513MsAI3AFb
date: Sun, 23 Apr 2023 03:54:59 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 12:32:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 35404
etag: "417cd537533b2a37ecbd1b86fbb7133d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 34279
x-amz-cf-id: 7mxLvs9PwKhY2OZYFwX4k4nSJlt02YyPkglhv4qw5DN4uyk94Pd1CA==

GET
H2 200 minecraft-dungeons.jpg
media.forgecdn.net/game-tiles/ 29 KB
29 KB 206ms
151ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/minecraft-dungeons.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 600c0650ff64ccc4d105bfca5eaec58c7392874335902f3695bfe1db24adc7ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: .PYeDIvV3.mEv6TRWz9V6cTmUJGs.Tr4
date: Sun, 23 Apr 2023 02:14:39 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jul 2021 10:18:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 41424
etag: "4e961fc71b649d729c86cb0af1f22392"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 29320
x-amz-cf-id: Gi_lZps4GOSVWTUxpXxXLC6JcajWbPEPxHuxmeyOkMeuIkUG5gazvg==

GET
H2 200 Secret+World+Legends+Tile.jpg
media.forgecdn.net/game-tiles/ 29 KB
30 KB 176ms
121ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/Secret+World+Legends+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64d95465a6321d5b953fa0a815179823e788e82ac9c6e68c487662c636792eea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ax3I2z5tMBkO3o1ex.pxAiZ4lrhQ8j2W
date: Sun, 23 Apr 2023 01:39:08 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 12:35:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 43954
etag: "8e8892f607a0e0c0b6a21be6d4aa463f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 30187
x-amz-cf-id: dmOVahHh40MUd07cxzjox6gBC7J5hCcexJG0kxvajnm_FIWY2l_f-g==

GET
H2 200 among-us.jpg
media.forgecdn.net/game-tiles/ 8 KB
8 KB 118ms
63ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/among-us.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b5cffa6718bbcf133aa66e2cbbea88ef24b6fea5ca4ae6064418d2e74f2edf4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 22 Apr 2023 18:09:23 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jan 2021 14:59:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 70547
etag: "a951ff053552e8803d8067949cc94217"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 8080
x-amz-cf-id: _Cb4diMk5pHBb6UElgFaSi_EQ8zjDGmn7CWZue_pb1lk7QWzJbfk-A==

GET
H2 200 arcadia.jpg
media.forgecdn.net/game-tiles/ 85 KB
86 KB 147ms
92ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/arcadia.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d5300e159e21ed205a87de4dca5dad59a57a1e586973d1c2a99d11de448c3a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 22 Apr 2023 19:28:42 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jan 2021 16:18:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65781
etag: "f24a8f652eca885df346fe3cea407130"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 87111
x-amz-cf-id: V6Sp-c6xAx2mfdD0FQYenY3Kre7rVeJD16QEn1VC7BHL68MZQLNeew==

GET
H2 200 eaf07d14-8695-4f69-bd0c-78af44f94b4c.png
cfcore-assets.forgecdn.net/game-tiles/ 58 KB
59 KB 127ms
38ms Image
application/octet-stream 2600:9000:2491:1800:8:7bb3:3800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cfcore-assets.forgecdn.net/game-tiles/eaf07d14-8695-4f69-bd0c-78af44f94b4c.png
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1800:8:7bb3:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1700ed72a35b3892b94b2730ad7ff8e66ec13d9216796481e724a1dbfb5942f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 02:40:28 GMT
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 04:49:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 39874
etag: "ee97e7d7c83b249a4cab15a95645e095"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 59735
x-amz-cf-id: oKIs527JESbvYZBC03yaE93k8GJclhesHw5YgVdMkGEtZ6yYVNyL9g==

GET
H2 200 Darkest+Dungeon+Tile.jpg
media.forgecdn.net/game-tiles/ 37 KB
37 KB 110ms
110ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/Darkest+Dungeon+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1d359051f5e2df2fdb49fc263e41fd2610a67e4121980b7538088bc766b5d71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 0FOmIBHA7KY6KcYZF1r2uJE2abwZ8kT6
date: Sat, 22 Apr 2023 19:26:52 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 12:28:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65908
etag: "936c3ed3a1dc2b526cb0eb74915f9e52"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 37696
x-amz-cf-id: IQ4klr-MbTUqrrtyRaghjWFdwk1NeYYHhRZuaiZrnzvZnp2TgaAC4w==

GET
H2 200 Surviving+Mars+Tile.jpg
media.forgecdn.net/game-tiles/ 23 KB
23 KB 112ms
111ms Image
image/jpeg 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/Surviving+Mars+Tile.jpg
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 941a49d62d7367dce1ebf2a39c8dbd31a650e1c03218dd67cc814a2aa0ae961c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: fbTnocj8Hd57Lx2nyXhrw5miq_p2dJEs
date: Sat, 22 Apr 2023 19:28:41 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 13:29:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 65781
etag: "b60bb05bb2fb29a571f08b7874d9cdcf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 23458
x-amz-cf-id: hk3C_fGYeF2V35HnHI0zOyIH4aX8YqEJu9LaZwS3xo8ETp5fqKY9tA==

GET
H2 200 civilization-6.png
media.forgecdn.net/game-tiles/ 77 KB
77 KB 112ms
112ms Image
image/png 13.32.99.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.forgecdn.net/game-tiles/civilization-6.png
Requested by: Host: cursefire.com
URL: https://cursefire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d1bdc6e323c09af76f50461ce28fc50c6df293ffe6430a03887aa935af57170

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ofd605VX.unV5cSNFrhhOaq.6WfS6qxj
date: Sun, 23 Apr 2023 06:05:23 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Apr 2021 14:01:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 41704
etag: "61f801cf54f23a33f680485b9c465376"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 78581
x-amz-cf-id: cssXfYMsO2tkHW6JXQ-QEBJF6DoHmtfgL3X1BsbJU3d5ZzFnAXW6CA==

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/ 345 KB
116 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com&bust=31074011

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5115739931490824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a5a0ec62bfb14f016f608e66615dcb1f9cf8ebc834d3a019e4355102c5e8f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118240
x-xss-protection: 0
server: cafe
etag: 11812537533353310533
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 13:45:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 4BC8 10 KB
5 KB 188ms
61ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5115739931490824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cursefire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:19:42 GMT
etag: 2378337311435320485
expires: Sun, 07 May 2023 13:19:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
605 B 196ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cursefire.com&callback=_gfp_s_&client=ca-pub-5115739931490824

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5115739931490824&plah=cursefire.com&bust=31074011

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4130cabaa7993c5de9c8840ab01155e0d9b62f2b3d36aa8464f66b3ea1ea9bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 114ms
42ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=cursefire.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 187ms
59ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cursefire.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB7E 109 KB
35 KB 560ms
559ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&adk=1812271804&adf=3025194257&lmt=1682257502&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fcursefire.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682257502579&bpp=10&bdt=948&idt=254&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1277739678974&frm=20&pv=2&ga_vid=591632911.1682257503&ga_sid=1682257503&ga_hid=1602424136&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074011&oid=2&pvsid=3514326614603255&tmod=512489690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc39c5d67b9634ac5032bb5e5ecf9234127c033c3800f323df7ab9c278fd9e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cursefire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:45:03 GMT
expires: Sun, 23 Apr 2023 13:45:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A50 86 KB
31 KB 656ms
656ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682257502&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682257502592&bpp=2&bdt=961&idt=271&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1277739678974&frm=20&pv=1&ga_vid=591632911.1682257503&ga_sid=1682257503&ga_hid=1602424136&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074011&oid=2&pvsid=3514326614603255&tmod=512489690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=H7TjluzyWD&p=https%3A//cursefire.com&dtd=277

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a95174e75e80768a13aa94295b0767e7b4f605dc4af57b5a40ad150b8703c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cursefire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31589
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:45:03 GMT
expires: Sun, 23 Apr 2023 13:45:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/ 150 KB
51 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120102/reactive_library_fy2021.js?bust=31074011

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5127538d55c57fe9ef672474d04a64b3efa06ba5dc56077add394627f020b3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52056
x-xss-protection: 0
server: cafe
etag: 12530371046282966154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 13:45:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2A50 6 KB
1 KB 112ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682257502&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682257502592&bpp=2&bdt=961&idt=271&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1277739678974&frm=20&pv=1&ga_vid=591632911.1682257503&ga_sid=1682257503&ga_hid=1602424136&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074011&oid=2&pvsid=3514326614603255&tmod=512489690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=H7TjluzyWD&p=https%3A//cursefire.com&dtd=277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 23 Apr 2023 13:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 13:24:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 23 Apr 2023 13:45:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2A50 2 KB
846 B 117ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75072
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 16:53:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A50 0
0 76ms
76ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C29W9XjZFZNH5N5P1tgfbwIvoDfD3-Ndv_KqIl_gQ2dkeEAEgvu2If2CRhKCFjBigAc2Fk_MCyAEJqAMByAPLBKoEyAFP0IbqCGO4B8hV8Z1c0VuRoXlvjh41DVHkpTAbbwRAgQsbYav5MzQtBItUhL7G_fxM8Vzs17-oGshSEvpqU8m7k7vdT5leo5EfvUBSQJj2p9357kXh0mp762K4fLN8HUXqOWWb0SEEtIwfNlrUsaiN5nkD4Uh_4d7gCB4zV5kE6i-nPQMUQ3EYCrWY5OTYC87bpnhVala6Rl5nW8e61AGHYyCbYpVlKCFldc8DKmPEGCIIAR_hWJI4pYZUjT1wTMUIT82-jI5Z28AEoZLbhY8EkgUECAQYAZIFBAgFGASgBi6AB8WirJkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQi9kb0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTUxMTU3Mzk5MzE0OTA4MjQYAA&sigh=JyzqBIKCNmQ&uach_m=[UACH]&cid=CAQSGwBygQiDnfGmMxNwSaBO6r63j3XjButn9X6FKhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5115739931490824&output=html&h=280&adk=3088186576&adf=3247881204&pi=t.aa~a.410060602~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682257502&rafmt=1&to=qs&pwprc=4446164132&format=1200x280&url=https%3A%2F%2Fcursefire.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682257502592&bpp=2&bdt=961&idt=271&shv=r20230418&mjsv=m202304120102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1277739678974&frm=20&pv=1&ga_vid=591632911.1682257503&ga_sid=1682257503&ga_hid=1602424136&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31074011&oid=2&pvsid=3514326614603255&tmod=512489690&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=H7TjluzyWD&p=https%3A//cursefire.com&dtd=277
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 13:45:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 23 Apr 2023 13:45:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 2A50 21 KB
9 KB 106ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2A50 3 KB
1 KB 115ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2A50 19 KB
8 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A50 159 KB
49 KB 187ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 13:45:03 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 2A50 32 KB
14 KB 106ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 05:50:21 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6738121982298163663/ Frame 2A50 27 KB
27 KB 133ms
63ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6738121982298163663/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69beb5f7797f1d1696949095b756287a450b98b8259a6f12969935135aedda2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:00:40 GMT
x-content-type-options: nosniff
age: 53063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27891
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 13:22:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 23:00:40 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5086147991828003975/ Frame 2A50 2 KB
3 KB 130ms
60ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5086147991828003975/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d65a65c8f8ad87301099e787319f05c4d401c945d0cad33c0bb019396159a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:34:13 GMT
x-content-type-options: nosniff
age: 69050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2317
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 14:09:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 18:34:13 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 42ms
40ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=cursefire.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 45ms
42ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cursefire.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame D91A 10 KB
4 KB 32ms
31ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cursefire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 26953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 06:15:50 GMT
etag: 2378337311435320485
expires: Sun, 07 May 2023 06:15:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D91A 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CR7DpXjZFZMm9N8nwtwfstbfYDPD3-NdvzvmUpYsR2dkeEAEgvu2If2CRhKCFjBigAc2Fk_MCyAECqAMByAPJBKoExQFP0DPbCn0c46EcfeeBPWaQR8vlOlt_fnCIdZPIKCtu4h6yZh8U9qQWZwNYvNVVlXk1PU4qNa2QAYHKXVc1qsVnMy3o_itvnOM-JmmAI1vvhJRX0AzP3RaUkwe9Tyhifc7HFZNapSj4dYAoIb6iAl8YhVLN7eS-Bfe-mDAgIauGOIDOEKlM164MIBV6UKedCfKsozJDgqHUffoqjmDrS27CPYX4bicHfb4r6j87ae6GFijJ16Tsdzhayh8MlE36IhR98NzDPMAEoZLbhY8EkgUECAQYAZIFBAgFGASgBgKAB8WirJkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8ccY0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTExNTczOTkzMTQ5MDgyNBgA&sigh=pO7Lbk1Yw1c&uach_m=[UACH]&cid=CAQSGwBygQiDvGopHfIIeZB_CZ5fNq2dp5ZZBfru0BgB

Requested by

Host: cursefire.com
URL: https://cursefire.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 23 Apr 2023 13:45:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame D91A 21 KB
8 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 11201225352873004463
tpc.googlesyndication.com/daca_images/simgad/ Frame D91A 35 KB
35 KB 44ms
43ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/11201225352873004463

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c919b43512614f4c66d0e584ec6ec5d04a2732a684a25b4238078cc03c119fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:01:26 GMT
x-content-type-options: nosniff
age: 60217
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35690
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 04:08:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 21 Apr 2024 21:01:26 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D91A 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 13:36:01 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D91A 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D91A 159 KB
49 KB 115ms
109ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Apr 2023 13:45:03 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D91A 32 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13160
x-xss-protection: 0
server: cafe
etag: 2897017380701680925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 18:58:23 GMT

GET
DATA 200
OK truncated
/ Frame 2A50 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdfc789a523e9afbe2a42618ba3502f376a9d6e912338c3d90cd4016a6e832a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E58 143 B
166 B 31ms
31ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 1398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:21:45 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D91A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87a5035b2f954c9d4a16889ca941ef3ce9c4d88cc735f80fc176690c769efeec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E58
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:45:03 GMT
expires: Sun, 23 Apr 2023 13:45:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:45:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A50 15 KB
15 KB 139ms
66ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 12:21:04 GMT
x-content-type-options: nosniff
age: 5039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Apr 2024 12:21:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A50 15 KB
16 KB 103ms
32ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 74448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A50 15 KB
15 KB 111ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 214780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BD6 36 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 13:18:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 150ms
86ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03b508a758c90dc42281427d31950b79166f6c5427d83b00a1499a8acbaa8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11333
x-xss-protection: 0

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 5008 36 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 13:18:39 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 23 Apr 2023 13:45:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B2F7 13 KB
5 KB 31ms
31ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cursefire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:36:02 GMT
expires: Mon, 22 Apr 2024 13:36:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1045 783 B
966 B 69ms
69ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb6fa845f7f36f8bea7d5f4b25e3bf82b6fc90b8934d500a66a04f94c3592342

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mM1dkNrxpVvoXdoGNXitsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cursefire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-mM1dkNrxpVvoXdoGNXitsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 13:45:04 GMT
expires: Sun, 23 Apr 2023 13:45:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame B2F7 36 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 13:18:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1045 0
0 65ms
64ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=3514326614603255&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B2F7 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Jqj1GA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 13:45:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A50 42 B
64 B 69ms
68ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6z4oPBlpKMce_OHdVPXLyFv4npf3aqpfQq6uzjBdwx7KvXdrcID39-umf-Mtp4dg33jU9uUF4pqMCdK7OOi5PEhigd64Rcbmdxw3JyBwT7AK4hDETpwBl_Bi3Ysj2isF4jM3ftg&sai=AMfl-YTAEnwObAJABNfh_uj7LPIrrd5UCXhrpaAZEoI6r4iBZLtaDSpNKcReT6QpVQxioNUGBdAaU0FN_w2N&sig=Cg0ArKJSzHiv-Mdnc3C6EAE&cid=CAQSGwBygQiDnfGmMxNwSaBO6r63j3XjButn9X6FKhgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682257502871&rpt=964&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 13:45:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 67ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=3514326614603255&bg=!VValVgLNAAYfNdXmPzU7ADkAdvg8WlXVyVZ88eLI_3JRHRjD0nO8XEa2DpixzjOu2NrgT737Y5whp2P3WQAyYRshAOkMoh8n04cCAAAAU1IAAAABaAEHCgBahugxkMF01YeSGLnobLJ8Ez3iUNBAMOLnVrhqS5Tes1wvHyn5IjJAHfgpzRvdSbJKfSE2DfH3myCOdup406dNm-FJ1LDbdxCEXRwV2JJ9_bwtMEjrQVtNTdRTmQK-PsLj1vFKRlXkdF3r0YEWazexjhaLKSVHDreQSJM8D3P2qPNuTdlm8q4sQ3oiO74JBrXnwUs9XZMt6wZuDWO5_r8RxP8-bo_t7QvWGVnm63ARu1szWEldVX8w3IOdQ9DOrAg43Q6icpe1j973hhV2MaFLiBtEul6R8d_h876Guj7fNbw3i8gVzOfDjeUj7CoFEYeV-OAsHc80xaGuBCXTPZWWOum6YNskBE1xM1bblcOBbzB3hyrW13pk80wVyMtFcgFO2q9ET8opLGOIrOlNHegOcnCgpiyopnZeOQS1ZEeMVqAfGFRT3xbeHKCenvT-QIOXkprxOLw3zYCEa3kTt7lIh-jZkzaLZ-pV_b3kC_79hClJSROOgvdwko56Hq49QsE8YaapMTp7nKJVI-yi1iZA0LTOK1ER9tSHhky5BDPgBxMoHqC1EHpd-aEWy02pQneuuh8P0BP-v6nxCPcLVYHJcTjozpGF2KYIl_WZYGL7sZhKy5orrcJR6Olv3hBJdbSU8BOGvP5jduEgueY_5oMR1kwW-fOV6ELNpYCDfafAPD-U0zdZYm4UakU7uayEtLb_zr19NLye6Yihic9_lZ049cjBOejz-jUkiYE-aJZ2u8gsxuqEeQrSmDpwnj63QRhmWeew5adDPhFdzck7RJn1JSLAbzPRSFMpsYMjaLAdNxLbxCWtOyH4cSGmKLIYJ4bzkFHcMA6UXW-FbNHjzHtKvAJdnOCfSEd0KKm3gH2Q0Ip9PVSCUPVjYBeNI0wdEGNkd2HnJxkOpUTwWKR8X6N8pmRtp85G4xdtqEZliTt64aIJqASFrXIwQA2uSFGw0C4EbQQHAVEMkwbjMtWbggHZIOIGzuhEHnd5QjK7jnJQAg5jQNmIFsWSW9I_t_ngtStGUASqBQe7nbxLcJzPdFc6jp15EgStRkDB1V_o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cursefire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D91A 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS_hgAsvalj6afqdTMyR3o-gkCibdbke70m2GvyuXx0KqpTzsYAY8ko6boe58_VTmDrm_H-1vk5BdmkcTa6bNheiqx6f2QerMnq-dRRC2Azfgu4ZIDk-lNXONg2twccr5pOQfe5A&sai=AMfl-YTi-4JaaEdtnPNyWp9oJH4xCMf04D4zoL8ft7OHqR4cHNZXcQMtk64CkqsohpSGsM4vr5QW5X69UbVx&sig=Cg0ArKJSzKzd1NGq4tLKEAE&cid=CAQSGwBygQiDvGopHfIIeZB_CZ5fNq2dp5ZZBfru0BgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=85,768,1001,1081,1173&tos=85,683,233,80,92&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682257503620&rpt=232&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 13:45:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cursefire.com/	1970-01-20 20:53:37	Name: _ga_QC4593XVBQ Value: GS1.1.1682257502.1.0.1682257502.0.0.0
.cursefire.com/	1970-01-20 20:53:37	Name: _ga Value: GA1.1.591632911.1682257503
.cursefire.com/	1970-01-20 20:39:13	Name: __gads Value: ID=678034688d218e92-222164f8aadd00b4:T=1682257502:RT=1682257502:S=ALNI_MYXMeCBG1Dolhvi0bBrtXlfHBK1WA
.cursefire.com/	1970-01-20 20:39:13	Name: __gpi Value: UID=00000bee4f0de924:T=1682257502:RT=1682257502:S=ALNI_MZp69bryKoE3jI7U6hyr9KLVyK0Yg
.doubleclick.net/	1970-01-20 20:39:13	Name: IDE Value: AHWqTUkBvik3z37sQAiJ9J8m8bqY0fbbOWwHhrjcO2cb0Z12uTiFEeNf7FjJUeg7Tiw
.doubleclick.net/	1970-01-20 11:17:41	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
cfcore-assets.forgecdn.net
cursefire.com
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
media.forgecdn.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
static-cdn.jtvnw.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.32.99.91
2001:4860:4802:32::36
2600:9000:223d:1a00:19:f28c:cd92:c761
2600:9000:2491:1800:8:7bb3:3800:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
033b217917edb16541fb8f416d989255ecb80d247f852a4e36c77484daf59c7c
089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb
0d65a65c8f8ad87301099e787319f05c4d401c945d0cad33c0bb019396159a8d
1700ed72a35b3892b94b2730ad7ff8e66ec13d9216796481e724a1dbfb5942f7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d5300e159e21ed205a87de4dca5dad59a57a1e586973d1c2a99d11de448c3a0
25dce8d38ee2cbe95bc0d2875e02e467c649a975e4f85972e1fcc99d3a325839
2762a65e0329caba7531eb12a65de6d413e0a3e03e87374ef461e2622bc5ce59
2b5cffa6718bbcf133aa66e2cbbea88ef24b6fea5ca4ae6064418d2e74f2edf4
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3277411945108743bff2a8d13d1709b3df34cad86c20b2f6b44904d0dfb65a25
392c6ed9bb119e47e1eeb6b22b059ecfc535a6df50d20b94e00df199280ba51f
3be218f161a122c56a3d5af8d3e1c8e492d1ddddb89dbf37aec90cf507fecba0
3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f
410b90f78406172eadb70e51f63bf41c8dd299495aba60255f6e577179793239
4130cabaa7993c5de9c8840ab01155e0d9b62f2b3d36aa8464f66b3ea1ea9bde
4a7a35a1dca1f6a57694532e4463082ab48ab67b4fe652080d876eb8c787ece5
4fd700c4bea6fb369e5fd92af73acfcf5b94ee5e247c63bdba7f305e1a097d50
5127538d55c57fe9ef672474d04a64b3efa06ba5dc56077add394627f020b3eb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5d1bdc6e323c09af76f50461ce28fc50c6df293ffe6430a03887aa935af57170
600c0650ff64ccc4d105bfca5eaec58c7392874335902f3695bfe1db24adc7ea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d95465a6321d5b953fa0a815179823e788e82ac9c6e68c487662c636792eea
69beb5f7797f1d1696949095b756287a450b98b8259a6f12969935135aedda2b
6b250056e3fccc2a48adab188e50386f0bf47c7ff55e85b31c2cce117b733066
6cb924dcc1254c1614f7d283b5a22809579cc3f40db0cfa835ebae2af10849b6
6df21f6294a75539a2c775a601a988f18a9eeca619b011a7fccb82723a010317
7c919b43512614f4c66d0e584ec6ec5d04a2732a684a25b4238078cc03c119fe
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
87a5035b2f954c9d4a16889ca941ef3ce9c4d88cc735f80fc176690c769efeec
941a49d62d7367dce1ebf2a39c8dbd31a650e1c03218dd67cc814a2aa0ae961c
9a5a0ec62bfb14f016f608e66615dcb1f9cf8ebc834d3a019e4355102c5e8f76
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a501ceccb8673f211db8cabb2654606a18d010b29fb1553073ac82255fe5305f
a95174e75e80768a13aa94295b0767e7b4f605dc4af57b5a40ad150b8703c454
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
c521befbf60e04839c45d0c85c5d6ce4253d2fce50918b255257f268f1727339
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbee825cb095d6aea7572370d7363b2d4bdea83769463519cce7613214de5468
d03b508a758c90dc42281427d31950b79166f6c5427d83b00a1499a8acbaa8c0
d52163d7ccfc89c6de8f5105f254d99c534cbc4ccf98545f6356f093dc1ffa9a
dc39c5d67b9634ac5032bb5e5ecf9234127c033c3800f323df7ab9c278fd9e7f
e1d359051f5e2df2fdb49fc263e41fd2610a67e4121980b7538088bc766b5d71
e3a6f8e1e555cc3ec16c675469570519f9cb5363f895575d930c54b61986ae32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39fa46e261a4bc2f729c7aa89fe552b8c8bbc75add9f330aa4a80cdec04104
f1c66a0c75591bef403ac0093395787b96e7833a1290393c34ac370c28c55e23
f2c9bad74f6e53a3f9e61059166dfe66355d0e4a486c30146e4552ece044f7d6
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb6fa845f7f36f8bea7d5f4b25e3bf82b6fc90b8934d500a66a04f94c3592342
fdfc789a523e9afbe2a42618ba3502f376a9d6e912338c3d90cd4016a6e832a0

cursefire.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

100 %HTTPS

95 %IPv6

13 Domains

18 Subdomains

19 IPs

2 Countries

1627 kBTransfer

2768 kBSize

6 Cookies

32 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cursefire.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

95 %
IPv6

13
Domains

18
Subdomains

19
IPs

2
Countries

1627 kB
Transfer

2768 kB
Size

6
Cookies

74 HTTP transactions
2 data transactions