urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/5vN9Vv
Submission: On March 19 via api from JP — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 5 countries across 38 domains to perform 229 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 168549.
TLS certificate: Issued by R11 on March 14th 2025. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 396982 (GOOGLE-CL...)
2 151.101.65.229 54113 (FASTLY)
5 34.149.98.30 396982 (GOOGLE-CL...)
3 172.253.62.97 15169 (GOOGLE)
25 172.253.115.155 15169 (GOOGLE)
3 203.137.133.153 4694 (IDCF IDC ...)
2 168.95.245.1 131660 (CHTCDN Da...)
2 157.240.229.1 32934 (FACEBOOK)
5 172.253.122.102 15169 (GOOGLE)
5 107.178.241.176 396982 (GOOGLE-CL...)
4 157.240.229.35 32934 (FACEBOOK)
2 34.160.26.175 396982 (GOOGLE-CL...)
1 182.22.24.124 23816 (YAHOO Yah...)
2 192.178.155.139 15169 (GOOGLE)
1 172.253.62.154 15169 (GOOGLE)
1 172.253.62.157 15169 (GOOGLE)
10 172.253.115.113 15169 (GOOGLE)
3 3 69.147.65.252 14196 (YAHOO-CHA)
2 2 98.84.75.39 14618 (AMAZON-AES)
2 2 15.197.193.217 16509 (AMAZON-02)
1 2 44.218.64.233 14618 (AMAZON-AES)
1 151.101.193.44 54113 (FASTLY)
1 104.18.96.225 13335 (CLOUDFLAR...)
1 172.67.150.31 13335 (CLOUDFLAR...)
1 103.1.220.9 131149 (YUANJHEN-...)
1 192.0.78.24 2635 (AUTOMATTIC)
1 192.0.77.48 2635 (AUTOMATTIC)
1 18.160.18.111 16509 (AMAZON-02)
4 172.253.115.156 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
8 74.119.117.47 19750 (AS-CRITEO)
1 104.18.28.101 13335 (CLOUDFLAR...)
2 172.253.122.132 15169 (GOOGLE)
3 119.63.193.220 38627 (BAIDUJP B...)
25 142.251.163.155 15169 (GOOGLE)
30 3.161.213.10 16509 (AMAZON-02)
1 74.119.117.17 19750 (AS-CRITEO)
1 119.63.198.189 38627 (BAIDUJP B...)
1 34.111.12.34 396982 (GOOGLE-CL...)
1 34.107.150.21 396982 (GOOGLE-CL...)
13 203.75.214.136 3462 (HINET Dat...)
3 119.63.198.143 38627 (BAIDUJP B...)
5 3.161.213.70 16509 (AMAZON-02)
1 2 64.233.180.156 15169 (GOOGLE)
3 172.253.122.155 15169 (GOOGLE)
1 34.102.218.41 396982 (GOOGLE-CL...)
8 35.76.254.26 16509 (AMAZON-02)
1 119.63.198.188 38627 (BAIDUJP B...)
6 142.251.111.132 15169 (GOOGLE)
3 142.251.167.104 15169 (GOOGLE)
2 103.132.192.30 138552 (RTBHOUSE-...)
4 74.119.117.5 19750 (AS-CRITEO)
2 210.59.219.34 3462 (HINET Dat...)
2 4 35.190.36.98 15169 (GOOGLE)
2 2 172.105.221.240 63949 (AKAMAI-LI...)
1 172.253.115.132 15169 (GOOGLE)
229 54
1    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
3    172.253.62.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f97.1e100.net
www.googletagmanager.com
25    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
securepubads.g.doubleclick.net
3    203.137.133.153 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
cpt.geniee.jp
2    168.95.245.1 (Palo Alto, United States)

ASN131660 (CHTCDN Data Communication Business Group, TW)
PTR: 168-95-245-1.hinet-ip.hinet.net
ad-specs.guoshipartners.com
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
5    172.253.122.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f102.1e100.net
www.google-analytics.com
5    107.178.241.176 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.241.178.107.bc.googleusercontent.com
onead.onevision.com.tw
4    157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com
www.facebook.com
2    34.160.26.175 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.26.160.34.bc.googleusercontent.com
re-news.tw
1    182.22.24.124 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
yads.c.yimg.jp
2    192.178.155.139 (United States)

ASN15169 (GOOGLE, US)
PTR: yuiadrs-in-f139.1e100.net
analytics.google.com
1    172.253.62.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f154.1e100.net
stats.g.doubleclick.net
1    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
td.doubleclick.net
10    172.253.115.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f113.1e100.net
fundingchoicesmessages.google.com
3    69.147.65.252 (United States)

ASN14196 (YAHOO-CHA, US)
PTR: e2-bmr.ycpi.cha.yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    98.84.75.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-84-75-39.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    44.218.64.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-64-233.compute-1.amazonaws.com
ps.eyeota.net
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    104.18.96.225 (None, )

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    172.67.150.31 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    103.1.220.9 (Taiwan)

ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW)
PTR: ph2.g-dns.com
img.racingcharger.tw
1    192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    18.160.18.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-111.iad12.r.cloudfront.net
static.wixstatic.com
4    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
securepubads.g.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
8    74.119.117.47 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    104.18.28.101 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
58a4331b46e91558200667fdd84a4b06.safeframe.googlesyndication.com
ddee3b7ea2335940db03ebdb4b77bd63.safeframe.googlesyndication.com
3    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
25    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
pagead2.googlesyndication.com
30    3.161.213.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-10.yul62.r.cloudfront.net
cdn.holmesmind.com
1    74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
1    34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com
ad.tagtoo.co
1    34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com
uec.tagtoo.co
13    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net
3    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
5    3.161.213.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-70.yul62.r.cloudfront.net
cdn.holmesmind.com
adx.holmesmind.com
2    64.233.180.156 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f156.1e100.net
googleads.g.doubleclick.net
3    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
ep1.adtrafficquality.google
1    34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com
ecs.tagtoo.co
8    35.76.254.26 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
1    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
6    142.251.111.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f132.1e100.net
ep2.adtrafficquality.google
3    142.251.167.104 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f104.1e100.net
www.google.com
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    74.119.117.5 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
2    210.59.219.34 (Taichung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
4    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
2    172.105.221.240 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
1    172.253.115.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f132.1e100.net
83ad614ad8e0fdfa155053fef697a3c6.safeframe.googlesyndication.com
Apex Domain
Subdomains		 Transfer
43 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 158711
adx.holmesmind.com
ad.holmesmind.com — Cisco Umbrella Rank: 109223
93 KB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 251
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
td.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
250 KB
28 googlesyndication.com
58a4331b46e91558200667fdd84a4b06.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 126
83ad614ad8e0fdfa155053fef697a3c6.safeframe.googlesyndication.com
ddee3b7ea2335940db03ebdb4b77bd63.safeframe.googlesyndication.com
1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com Failed
703 KB
15 google.com
analytics.google.com — Cisco Umbrella Rank: 171
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 740
www.google.com — Cisco Umbrella Rank: 3
72 KB
13 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 74181
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net
5 KB
9 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 421
ep2.adtrafficquality.google — Cisco Umbrella Rank: 429
46 KB
8 popin.cc
api.popin.cc — Cisco Umbrella Rank: 17572
tw.popin.cc — Cisco Umbrella Rank: 102215
log.popin.cc — Cisco Umbrella Rank: 82389
r.popin.cc — Cisco Umbrella Rank: 85659
105 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 979
56 KB
6 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 100825
gocm.c.appier.net — Cisco Umbrella Rank: 3655
2 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 168549
storage.reurl.cc — Cisco Umbrella Rank: 226989
7 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 503
bidder.criteo.com — Cisco Umbrella Rank: 1265
745 B
5 onevision.com.tw
onead.onevision.com.tw — Cisco Umbrella Rank: 134377
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
22 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 121
229 B
3 tagtoo.co
ad.tagtoo.co — Cisco Umbrella Rank: 137701
uec.tagtoo.co — Cisco Umbrella Rank: 105193
ecs.tagtoo.co — Cisco Umbrella Rank: 98820
62 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2483
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 25608
3 KB
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1982
ups.analytics.yahoo.com — Cisco Umbrella Rank: 631
936 B
3 geniee.jp
cpt.geniee.jp — Cisco Umbrella Rank: 46152
70 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 60
401 KB
2 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 108452
336 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1206
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 441
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1277
731 B
2 re-news.tw
re-news.tw
31 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 228
80 KB
2 guoshipartners.com
ad-specs.guoshipartners.com — Cisco Umbrella Rank: 153028
23 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356
58 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1380
7 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2655
8 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 6581
1011 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 5486
730 B
1 creditcards.com.tw
creditcards.com.tw
136 KB
1 racingcharger.tw
img.racingcharger.tw
75 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
70 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 851434
15 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 775
200 B
1 yimg.jp
yads.c.yimg.jp — Cisco Umbrella Rank: 37203
58 KB
0 alphaloan.co Failed
blog.alphaloan.co Failed
229 38
Domain Requested by
34 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
29 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
11 t.ssp.hinet.net api.popin.cc
t.ssp.hinet.net
cdn.holmesmind.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
8 ad.holmesmind.com cdn.holmesmind.com
8 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
6 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
securepubads.g.doubleclick.net
5 onead.onevision.com.tw ad-specs.guoshipartners.com
reurl.cc
5 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
www.googletagmanager.com
5 storage.reurl.cc reurl.cc
4 ad2.apx.appier.net 2 redirects reurl.cc
4 bidder.criteo.com static.criteo.net
4 www.facebook.com reurl.cc
3 www.google.com ep2.adtrafficquality.google
3 ep1.adtrafficquality.google pagead2.googlesyndication.com
securepubads.g.doubleclick.net
reurl.cc
3 log.popin.cc reurl.cc
3 api.popin.cc reurl.cc
api.popin.cc
3 cpt.geniee.jp reurl.cc
cpt.geniee.jp
3 www.googletagmanager.com reurl.cc
www.googletagmanager.com
2 e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
2 gocm.c.appier.net 2 redirects reurl.cc
2 prebid.scupio.com cdn.holmesmind.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
2 ps.eyeota.net 1 redirects reurl.cc
2 match.adsrvr.org 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 analytics.google.com www.googletagmanager.com
2 re-news.tw storage.reurl.cc
reurl.cc
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
2 ad-specs.guoshipartners.com reurl.cc
2 cdn.jsdelivr.net reurl.cc
1 ddee3b7ea2335940db03ebdb4b77bd63.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 83ad614ad8e0fdfa155053fef697a3c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 r.popin.cc reurl.cc
1 ecs.tagtoo.co ad.tagtoo.co
1 adx.holmesmind.com pagead2.googlesyndication.com
1 uec.tagtoo.co api.popin.cc
1 ad.tagtoo.co api.popin.cc
1 tw.popin.cc api.popin.cc
1 gum.criteo.com static.criteo.net
1 58a4331b46e91558200667fdd84a4b06.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 static.wixstatic.com reurl.cc
1 s.w.org reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 trc.taboola.com reurl.cc
1 cms.analytics.yahoo.com 1 redirects
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 yads.c.yimg.jp cpt.geniee.jp
1 reurl.cc
0 1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
0 blog.alphaloan.co Failed reurl.cc
229 61

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R11		 2025-03-14 -
2025-06-12		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
storage.reurl.cc
WR3		 2025-03-14 -
2025-06-12		 3 months crt.sh
*.google-analytics.com
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.g.doubleclick.net
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.geniee.jp
GeoTrust TLS RSA CA G1		 2024-07-30 -
2025-08-30		 a year crt.sh
ad-specs.guoshipartners.com
Go Daddy Secure Certificate Authority - G2		 2025-01-08 -
2026-01-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-12-27 -
2025-03-27		 3 months crt.sh
onead.onevision.com.tw
R10		 2025-02-03 -
2025-05-04		 3 months crt.sh
wp.re-news.tw
WR3		 2025-03-04 -
2025-06-02		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2025-02-07 -
2026-03-06		 a year crt.sh
*.google.com
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.doubleclick.net
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-11-23		 a year crt.sh
gbyhn.com.tw
WE1		 2025-03-06 -
2025-06-04		 3 months crt.sh
img.racingcharger.tw
R11		 2025-02-15 -
2025-05-16		 3 months crt.sh
tls.automattic.com
E6		 2025-02-14 -
2025-05-15		 3 months crt.sh
s.w.org
E6		 2025-02-28 -
2025-05-29		 3 months crt.sh
*.wixstatic.com
R11		 2025-01-23 -
2025-04-23		 3 months crt.sh
oa.openxcdn.net
WR3		 2025-03-12 -
2025-06-10		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2025-02-12 -
2025-05-13		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-03 -
2025-05-03		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.popin.cc
Secure Site Pro CA G2		 2024-09-23 -
2025-10-24		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2025-03-06 -
2026-04-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-09 -
2025-05-10		 3 months crt.sh
ad.tagtoo.co
WR3		 2025-02-20 -
2025-05-21		 3 months crt.sh
uec.tagtoo.co
WR3		 2025-02-23 -
2025-05-24		 3 months crt.sh
*.t.ssp.hinet.net
HiPKI OV TLS CA - G1		 2025-02-12 -
2026-02-12		 a year crt.sh
adtrafficquality.google
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
ecs.tagtoo.co
WR3		 2025-01-22 -
2025-04-22		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2024-04-05 -
2025-04-30		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2024-09-27 -
2025-10-28		 a year crt.sh

This page contains 37 frames:

Primary Page: https://reurl.cc/5vN9Vv
Frame ID: 0C6558B9F55C40C045A419CF92E3B589
Requests: 64 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 5172969DF8CA56AB750817550836E64E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-N394QBRGC0&gacid=1729457094.1742410523&gtm=45je53i1h2v897965293za200zb9181474282&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1145675648
Frame ID: 666815E5E03D70DD2E3561B624EF051E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 80B232C22FF06FCDF5AB6186E0B98D7F
Requests: 1 HTTP requests in this frame

Frame: https://58a4331b46e91558200667fdd84a4b06.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Frame ID: 6A60B4A8F267F2552EF7626CC3E6B6C9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulPOah7JCXt8uwmwlVCxVRyPfupDhAtBuucjC0l8uSOsWWJgLuHF-ccopTgjOXzSRvuBO81eVSsdAcGpmHHu1syzAOdXIff5HeI2VoYWJgbrr5FgybKQpxdUqVguSALUFNys3yPgx-7XgVXqjgnEnmZ_StwtWukhOIhqWMUQBWeIqB-UyrgmrN16paSU7S1RcNIRWOjvlYM3EPV_hBBVxjP9QihHg_i5fkYnASumx504EaAmU_7DPDvLs43RM-zjsAr41xdRserxaADrSYUT9BCa_EoKPaIXu68AJt8y20EMHO_-h8d9nRl3PT1EoEpRLMtIGYU48pr71HVVAM_eFJsxzdxawwdi19ON3Swc46XrT3Ff-9QG5jXmp0jPBKuAVI3om6J__vNA2TzM50tCOuUUEEfWrtRbE1N2-xfYvwhvF3jbPadMPvCQ&sai=AMfl-YRSlstGLUZe7ejnzU7CZMtwM-uRUXNJpAN-TCS05qmp2lwRbRWL9pNkkIx9vEaH3Wy2eIrKfth09huAeKJbXVqKmCVXBdxg9jL8ay0sbT55-rdKMQ85T8i7MPDD&sig=Cg0ArKJSzNrhwvdwCZtzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3BBA203478AECDA10A3EEB5791248F98
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdYnTKJUydYKhjqT8Ey8DWqFEcSYXlwoWKq1LqA3WDi9wVfsLV9-4GiSSAeqG22wmBu91qdV5dFVL755weTKJCgtHmXcTWz2tw4tBXoUxfetjyAt_Mdh9q05EhlEvjG8nP_YYoJsTRnTqw9bdqfuh_YnicouZsaITh-s-TytgxrqdXCL16NJpktOj6xasNvqjHYWnursdTWJ50x4yI0akMyw-l8ztJcnvMgHnNg5AM057GJCNoK3Eq9kwozDiYFpB9Ri30zlnYZWJ3rrnMNiIzb_Nk1dgxkEAXqMaVtKjjFfmp1bjuOWuZsXpTsxTS3a0zo7VqkBLt3LWL-CHGQAbUOUEzgbHs5qdvz3GIO9DycXRGgHD4oWVtBZLzIq1qd-Z5iOiLe299IPLPTdNedhmxZnl1PWvhbEqxoRT546fmXJP-Meq4VF_HWQ&sai=AMfl-YRj7I9zJQNeCfXPF-YWOwpFY4b6zUyy883-pA4pR7LgbZeo1eB4E-ts0K_d33lggF855U64CWKBi0nE41FJGFXeGpveyyIvYEdtgEugcWa9YFLRPrC2e6yiRyTb&sig=Cg0ArKJSzAJtLlzvfLwIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 930CC8E72E36B869D8DD7350FE08591F
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBGdQ6eYu2dNoGyeVaqa3SjqHvut9rSsG7Ivb6YxrQt4Sw1q0Jj3IzLjgMLxv1dOwA3PUG8mt99JPE85jUqSyRONEN2x251V8YngH53CPYVUDAHXbWwRaYNNmG4ZAZjoRDB1ZmIaTrPzSS-bSw5H_3knRljFy67iDt1f9qVE7qfZ--m5g_y7HmXvSHE7ofzxEdmEcmHYyreTOIG4bGC2CHmXTtaKp9uVjk_VF31iNMJ7CVAUCEiQ8MWlq3OS2x6t9RuLqJEft1sUHd2CNmM-KJWxZOaB_tgBFWf_X63wKVP561CumPMWacRtzrT_c3Ns_5bnEHSc9x8fUL0hRIAZ6ZtBXQpUg8VSJpWdfS1z6B1lPQp5d4H-KKSRvWWpGMwG84U8jaPBV8LgXFjDdjxfRZnV8IbAKnngJHG7FDTfzf4FiYwVCiS1bJgJ0nFSOTHX0&sai=AMfl-YRtXxgFjl49JdHRc2tJfC9o_7-pSQAPEtBMsDXiJ2zVSNa-O3l3qkXykczwrc2uNK9cz1XHa_1h5hOoML1nbw2u8Vwl_ibjv-0Eznx0svA9wAOfGYoST7qeqjot&sig=Cg0ArKJSzBhl08h6kiLnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5CEFE2F6BCC0E1069627D4BB514738C0
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkELSmDLEnIPk6gWNOr8gtrZL67RInhIN9JS_f6_uxeYnlWfkuvy0JfT6va56XsiXXYyql4lP_PmwZYBgDBsuKyickzNMndwTWZR8895zrKN6fSj5ZJsXbhWhNnDfSYRl3Ju1e0uhWzD1DK2TE58fDtGE5CHuLPviJXhQKzTXioj0iDjVHz827PlmQaCCDHm6OnYmTzIp2bhF9J0Heh58aEm-3knUC8FuF0hLEqPUOYwC93dXoXnmgY5ndDFEyNo9UCp91t3yoeYZF9l1qwmjjxVFnlSBBXTjHbvYVE_H8nlQ3ldI5PvIHPtqyMSWpj2jFqM7FE9EvgFLI3yiwdxVLLp7GCip0X-ACPlHwzLgXJ6MTKHTjNOEGsjDx2iUrXovr9PlDiYYSxpMz3o9ahY0rgAio3M6V44P7tma7x4ZYVTNECsp-VOvUwwJ-82tzDHs&sai=AMfl-YQQj7_9WK6ekOXe4yPh1RIO1V46pNoVb9cwRKcYGwafcI7LKIB93HpApEYdT8H6tBbxnqZiubBONJ9rPvfznKr2bAVyQvkbqbm9QjKb97MLXDYpQFaaciCgtAV-&sig=Cg0ArKJSzDUeTjt5NCn1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E87F1B0477E84C1FA53C5CC0CF470AEB
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc&gdpr=0&gdpr_consent=
Frame ID: E8EF94EE4FFF256980D2DF93F548FDB2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: A2710854A381CEEAB17BD2F14EEC5EDE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: D95D6EE4BB268276213EB8141642D769
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 400A03DFFDAEFD76EDC29DF51E328E24
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 8849FA5D0BE4F00970429433D0FE4AAE
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250318/r20190131/zrt_lookup.html
Frame ID: 5AC802426E7BE2D5C6055804302AA5CC
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
Frame ID: 7BAA91D22CA51F533B3CB5BF9BFEDD96
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 52F181CB53FE9167B678812BC1AD8625
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74C4F8F61373CBC9B447C25AA41A2142
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 63901ECFD38110DF99D6E6ECAC45A3B3
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 16498B8A8AF12439A1940DBD9CC4D421
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 507DA1A21AFD010DCBCA11C0AD86E16F
Requests: 1 HTTP requests in this frame

Frame: https://83ad614ad8e0fdfa155053fef697a3c6.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Frame ID: 61F06870A6FF49C606708D6CCCB6AD3F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 4092C6DD7F5C21A262175B8397670961
Requests: 1 HTTP requests in this frame

Frame: https://ddee3b7ea2335940db03ebdb4b77bd63.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Frame ID: 76A68DD1655CADC8DEC570D1BF8EDD30
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM60pMSBmyVuCf4Y-qUbGxgfCDGByDHMp3Zpvb6rBaClj-7AXH10tyDdrn-QuPSsLDS_qgHzSJR4aNN4X_wpFRHnk32Mk0egh3TGIZJJ_WJt_EgXylixBhA7CHV0CJY4GOdwm8IG8jLl0mkW3Pe_M8ywec_jhoYCdnEOLnbgIZoOtcch6oGVUTI9cwYHfDRoNqOsSsOMGQUEQicteEbJnUTO1NkSd13JX61hUBEMa_YcpV9Wvx4Q-mndl6LbknIV_L1KX33zkxG_q6CKqphCXUHwnPtDJKdviHXt0l-4tppTv570Ciu6uweuspEhprMXRzm30lA8NxiaExx3iCAnKob_Z_wQ4otBzdBfnP20poTpwWOxk7G8eEF2lJLtaHN7hFGknu04xdQHtwL3550jpPiw6kg7cjLlXURVyNh557zpw2x2SPf_NWh6yzF6aEvAPvNcR-TRcp6w&sai=AMfl-YSRsNnyYbWWsYQEZADjnpRhgIS9N4QQvI6UB6J0J06BMr6V3L4BH34rkvaNusnBY0LsV__S5g76qzm3pQvdquZ6kf1ijpzkaXmJn16QZ3jLZOOExoNal6dUir2q&sig=Cg0ArKJSzEiBwnv8v-4xEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 11327D28D4CB1A292D0EE96286F89EB8
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f
Frame ID: 8C091D3817336D365C1D5AAD5D8F61BB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 7F488544419B158A1270A225295D4010
Requests: 21 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 5396D05B7D21CB836EC9CA0D1B5F6A15
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 696C306FE7513E9A2818F3A609D53F28
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 185B0BEF3725AACA8C307DBB10F0E412
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E640C549F4A9BA341034C98A4873660
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 32225ADEB63C9DFB872AE213944BCE19
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: CCE289932FF3CEC65E6ACB2C59D56425
Requests: 1 HTTP requests in this frame

Frame: https://1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=6
Frame ID: 42E933906F6BD080C8A4FB0FEF938BBC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK1kHitaF3TBFsXjWoscSaa2VoA7Cf4JpjU0o0Z4CDqr6y1DBZsqIDk8FRhMSGPihQf3q9kg6eDGD0hMClzgDRwjaZiK70fJvoyIz4ErNtfKKm68Ir9lbPWLBbp5CVy3hm-XABYVfoBQT8rS5O4Udbkkv-9KrermJBQ3hGIdGZ_Pje-WeZeAtWEa-lWDCEpTNJOfkzpa9dNjOLEKPI4gO0Ja7_h6oNvrW7yehm8vc-AorScV5hsrZKzoEGe1vGbhMtsIbGmk9pz1tVIoEjTNIQ1IWDH2Bsx6isHtUH4nNL2bESshXDBLk5Dwm31g7SpKFtRhP2v10muhEGKj8zm7NfE-Tk-_o2Vi_MG__36LK2ZTSKDTq1lbYQMhiYsP-DuV7szRBSJNwIH8t1d2_WXaObduI2FlAzpN7dfP-IVk1dUsA_kd5lXJ6gQLwct2t2wwU9wJASfwenAw&sai=AMfl-YTiKPYA3IEeG_8FOt90tmblRIraB6mfAWUpsl59futgaRAQcXkSLeq_ayLMEkNx-HsyLezGg07Agn3aLM8rm86c6f7vukVY2kk9xqKSMaF7_xPQMpK1OJx04wD3&sig=Cg0ArKJSzAZUgKALx8NMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6AAA94BC5203CADDB79A13EE3AD92EF0
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f
Frame ID: 6111B2F011AEF3BEDEB211FCEA4DC01E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 0798E10DE018CDC8A1CBC6B742F0611D
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GMX - E-Mail-Adresse kostenlos, FreeMail, De-Mail & Nachrichten | https://netgmxde-31f6a47759b2f659f...

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

229
Requests

92 %
HTTPS

0 %
IPv6

38
Domains

61
Subdomains

54
IPs

5
Countries

3471 kB
Transfer

10710 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA&verify=true HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/vzn?id=y-coB_NA1E2p9MD_KiNNXYkkv9Hpbu4yYZhUpELg--~A
Request Chain 36
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id} HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id} HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=53f64a9594eb3388ba82dd145c91e9f2
Request Chain 37
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=r1jlltl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=r1jlltl&ttd_tpi=1 HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/ttd?id=957157cd-20b8-47a5-8d70-cd72491d999b
Request Chain 38
  • https://ps.eyeota.net/pixel?pid=3m51m51&uid=b6c9cb10-04f3-11f0-a78e-0242ac120002&t=ajs HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=b6c9cb10-04f3-11f0-a78e-0242ac120002&t=ajs
Request Chain 106
  • https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=2220942683&adf=3173046723&pi=t.ma~as.2784%2F13803&w=300&lmt=1742410527&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1742410525741&bpp=360&bdt=449&idt=1208&shv=r20250318&mjsv=m202503130101&ptt=5&saldr=sd&cookie=ID%3Da542e16fdb9bd1ff%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MbRVJSjyADFeWy6RrXiuvU2mGT8sA&gpic=UID%3D00000ffe8ee0d4e0%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MaR_T-6aZt_ats4hqU0d8VLWqswRQ&eo_id_str=ID%3D79d06a81057e2c3d%3AT%3D1742410524%3ART%3D1742410524%3AS%3DAA-AfjZcTjlsMINiPK71vZ2pH5Ir&correlator=4254420288858&frm=23&ife=4&pv=2&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=270&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=3988360024&scr_x=0&scr_y=0&eid=95353930&oid=2&pvsid=1828991862774990&tmod=902816779&uas=0&nvt=1&fc=640&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.7m9u86mx1plt&fsb=1&dtd=1275 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
Request Chain 136
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ssxRvBEPBhmDAxEZIRPbZw
Request Chain 190
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=416v-w79CsSOJIyEIhPbZw
Request Chain 230
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

229 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5vN9Vv
reurl.cc/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9837bd51bb39154d68d6d7e965b87fa14ebe8b495fc086f6f0708182547cf6dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 19 Mar 2025 18:55:21 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://linkly.ws/shreughter
vary
Accept-Encoding Origin
x-request-id
db13b755-7343-46e6-af04-c391c31b34c2
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
age
2982028
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230028-FRA, cache-bur-kbur8200067-BUR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
25648
x-jsd-version
4.3.1
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-request-id
ceb225fb-4725-46b0-a4ac-405c0cf06f3b
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
2173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:19:09 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
904
pixel.js
storage.reurl.cc/javascripts/ 		429 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-request-id
1f98000f-56ce-46d6-ba19-42196e496c8f
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
24978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 11:59:04 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
322
ga2.js
storage.reurl.cc/javascripts/ 		536 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-request-id
16cfea92-7c25-48c2-b312-35447ca6d848
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
22840
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
date
Wed, 19 Mar 2025 12:34:42 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
js
www.googletagmanager.com/gtag/ 		355 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
4492b353e67c3df2a549fcae0b77829ee1719e0b8375e83e048ebfa45f90ce7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Wed, 19 Mar 2025 18:55:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
121216
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		437 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
87866bbe74a8504cfe8c08e4d353c29df95f752c3cded3eb807a4897f0f60418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Wed, 19 Mar 2025 18:55:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
144158
x-xss-protection
0
server
Google Tag Manager
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ff7b605167bad8133d80ef6cff4b7400096018e4a3c444870b356c57da52d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
724 / 20166 / m202503130101 / config-hash: 230325025761569198
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33519
x-xss-protection
0
server
cafe
wrapper.min.js
cpt.geniee.jp/hb/v1/219632/1441/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.153 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
234c0c89b9e2409fbb4ebb449993aa93c347b2cf57925e8cb0ee5c751ea3dc46

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=3600, private
content-encoding
gzip
etag
W/"67dab386-2f10"
cross-origin-resource-policy
cross-origin
expires
Wed, 19 Mar 2025 19:55:23 GMT
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
application/javascript
last-modified
Wed, 19 Mar 2025 12:07:34 GMT
server
nginx
ad-serv.min.js
ad-specs.guoshipartners.com/static/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.245.1 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-1.hinet-ip.hinet.net
Software
HiNetCDN / OneAD
Resource Hash
7040fd7374c1bc5bed13a4e532369c03fb62484514b5956508edfb09ede54fb4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
W/"67d13528-c774"
age
0
x-varnish
12137524 22813992
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Wed, 12 Mar 2025 07:18:00 GMT
cache-control
public, max-age=360
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
*
x-powered-by
OneAD
server
HiNetCDN
onead-lib.min.js
ad-specs.guoshipartners.com/static/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.245.1 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-245-1.hinet-ip.hinet.net
Software
HiNetCDN / OneAD
Resource Hash
1bf41ca1364230ce3a9cbbac1110ff4d7d287a9f978fa74297aa30117c4da9c0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
W/"67b5a55f-6100"
age
0
x-varnish
233706305
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Wed, 19 Feb 2025 09:33:19 GMT
cache-control
public, max-age=360
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
*
x-powered-by
OneAD
server
HiNetCDN
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
age
477278
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230020-FRA, cache-bur-kbur8200067-BUR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
33184
x-jsd-version
2.5.16
renews.js
storage.reurl.cc/javascripts/ 		404 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-request-id
35dbaa6a-682f-4ee8-9a26-48c8102bf7ea
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
20240
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
date
Wed, 19 Mar 2025 13:18:02 GMT
last-modified
Tue, 09 Jul 2024 09:45:35 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
loading.js
storage.reurl.cc/javascripts/ 		134 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-request-id
41c8a73f-79a6-4e9a-812f-04b6936a0dad
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
26708
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
date
Wed, 19 Mar 2025 11:30:14 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
fbevents.js
connect.facebook.net/en_US/ 		242 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
7b02340f2dc45840d3c378e8585638242965427824cfae847cda7f486176c359
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-B05R5CI9' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src 'nonce-B05R5CI9' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=121, rtx=0, c=26, mss=1232, tbw=8362, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
E0cNrWdE0IieAtpfuSU53pAf7HGK8j8wTHAQnjBPCXdA+IifYTvTueSohLGSGipfzsqoFNo0X5zUFJzjMB4MkA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
63126
x-xss-protection
0
origin-agent-cluster
?1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
age
518
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 20:46:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:46:45 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20994
server
Golfe2
oid
onead.onevision.com.tw/v2/et/ 		370 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/et/oid?cb=window.text_etag_callback_1wuoj
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
3ca1c289c3bccb1b83d28b132fbb719c0ed576c09ccddef5bb1febca95e6e53b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-onead-version
f00555d2
etag
b6c9cb08-04f3-11f0-a78e-0242ac120002
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
15089633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
application/javascript
last-modified
Wed, 19 Mar 2025 18:55:23 GMT
cache-control
max-age=600
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
370
x-onead-backend
onead-http-event-9d4b-gohttp
server
gws
x-powered-by
OneAD
page.php
www.facebook.com/plugins/ Frame 5172 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-fBoqeT1t' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-fBoqeT1t' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:24 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7483596214531251786&cpp=hhvmtrunk&cv=1021047823&st=1742410523997"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7483596214531251786&cpp=hhvmtrunk&cv=1021047823&st=1742410523997", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
GOOD; q=0.7, rtt=116, rtx=0, c=26, mss=1232, tbw=8541, tp=17, tpl=0, uplat=186, ullat=0
x-fb-debug
LDOS0hM7WBhG7YBU1MOrOSp5uX3hMpuZEWkMRletBFmIbNEpOV8YqUYc+A0+1xMsOL/c7OUuNUnv+ov8vW5Z4A==
x-xss-protection
0
feeds
re-news.tw/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
766b91aba7ba20c4f09336f9fb8eff2637435fd18ddc36473fe141b98af814d4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
public,max-age=3600
etag
W/"19d3-v916RLYLD1W00unlLccDGMpiceQ"
age
442
via
1.1 google
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6611
date
Wed, 19 Mar 2025 18:48:02 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
vary
Origin
1675200226052423
connect.facebook.net/signals/config/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.189&r=stable&domain=reurl.cc&hme=c1f2cecb0bd2e60711f2156ceae0254b57f69ec526dbc6c13633615b2168eda4&ex_m=71%2C124%2C109%2C113%2C62%2C4%2C102%2C70%2C16%2C98%2C90%2C51%2C55%2C178%2C181%2C193%2C189%2C190%2C192%2C29%2C103%2C53%2C78%2C191%2C173%2C176%2C186%2C187%2C194%2C135%2C41%2C199%2C196%2C197%2C34%2C148%2C15%2C50%2C203%2C202%2C137%2C18%2C40%2C1%2C43%2C66%2C67%2C68%2C72%2C94%2C17%2C14%2C97%2C93%2C92%2C110%2C52%2C112%2C39%2C111%2C30%2C95%2C26%2C174%2C177%2C145%2C87%2C57%2C85%2C33%2C74%2C0%2C96%2C32%2C28%2C83%2C84%2C89%2C47%2C46%2C88%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C58%2C63%2C65%2C76%2C54%2C104%2C27%2C77%2C9%2C8%2C81%2C48%2C21%2C106%2C105%2C107%2C99%2C10%2C20%2C3%2C38%2C75%2C19%2C5%2C91%2C82%2C44%2C35%2C86%2C2%2C36%2C64%2C42%2C108%2C45%2C80%2C69%2C114%2C61%2C60%2C31%2C100%2C59%2C56%2C49%2C79%2C73%2C24%2C101%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
466b4a6c2c47478a104f80a757d2c06af42c6adfec939b18e7990bc1f6fa5460
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-RNIOa1eo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src 'nonce-RNIOa1eo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=116, rtx=0, c=81, mss=1232, tbw=75841, tp=73, tpl=0, uplat=174, ullat=0
pragma
public
x-fb-debug
mgQJI8yvM2PVoHXVH2WvH3hdE0kiXGRp8rkq4faFphlB+6kej4A8zFbYvEwscIHzOrkJG1h1Q9Q7TEQX5/GpPg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/ 		523 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
d3e4dec7f8bb0c04ea7afdd3ddec48498dc1485e0ca8ecc10b9bb610e53f7dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
3959196029401901588
age
26088
x-content-type-options
nosniff
expires
Thu, 19 Mar 2026 11:40:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 11:40:35 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168071
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/gpt
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
b39e05a71f1d102609e37419d18d6ef7afab979a64e6a83f99ca240f29af08c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7481735638272510099
age
14056
x-content-type-options
nosniff
expires
Wed, 26 Mar 2025 15:01:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 15:01:07 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23120
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503180101"
collect
www.google-analytics.com/j/ 		3 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=658957972&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2F5vN9Vv&ul=en-us&de=UTF-8&dt=GMX%20-%20E-Mail-Adresse%20kostenlos%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten%20%7C%20https%3A%2F%2Fnetgmxde-31f6a47759b2f659f...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1703594121&gjid=1350686500&cid=1729457094.1742410523&tid=UA-102456694-1&_gid=172552235.1742410523&_r=1&_slc=1&z=667523582
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/5vN9Vv

Response headers

report-to
{"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:175:0
content-length
3
server
Golfe2
collect
www.google-analytics.com/ 		35 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=658957972&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2F5vN9Vv&ul=en-us&de=UTF-8&dt=GMX%20-%20E-Mail-Adresse%20kostenlos%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten%20%7C%20https%3A%2F%2Fnetgmxde-31f6a47759b2f659f...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=NzIuMTQuMTQ4LjE0&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1729457094.1742410523&tid=UA-102456694-1&_gid=172552235.1742410523&z=166455196
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

age
25797
report-to
{"group":"ascnsrsgac:163:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 11:45:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:163:0
content-length
35
server
Golfe2
yads-async.js
yads.c.yimg.jp/js/ 		210 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.24.124 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
/
Resource Hash
e7e4fb9b3b1239835abc60fd16d2e64da36bfa919b8e81f11eea442c2bbf05f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
etag
"fad34f610280b86070657d734b70d7bc"
age
532
x-content-type-options
nosniff
date
Wed, 19 Mar 2025 18:46:32 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 07:38:44 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=600, stale-while-revalidate=1200
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
1a6bcb38-eec8-415d-baf2-4033d972e76a
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
58654
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
gnshbrequest-v4.23.3.js
cpt.geniee.jp/hb/v1/lib/ 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.23.3.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.153 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
bc73ed340ef20534b613afea9bd95f199a55b77beab7c472e92ad92b4e39a1aa

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=86400, private
content-encoding
gzip
etag
W/"67d140eb-2d3d7"
cross-origin-resource-policy
cross-origin
expires
Thu, 20 Mar 2025 18:55:23 GMT
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
application/javascript
last-modified
Wed, 12 Mar 2025 08:08:11 GMT
server
nginx
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZDFZCDVDK1&gtm=45je53i0v9181474282za200&_p=1742410522603&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1729457094.1742410523&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1742410523&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2F5vN9Vv&dt=GMX%20-%20E-Mail-Adresse%20kostenlos%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten%20%7C%20https%3A%2F%2Fnetgmxde-31f6a47759b2f659f...&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2356
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to
{"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:87:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/ 		437 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0&l=dataLayer&cx=c&gtm=45je53i0v9181474282za200&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
693cdefb5d2fa7ad54cd055a95a6f42e77daca881193649ad5b6b571650ff668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Wed, 19 Mar 2025 18:55:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
144180
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je53i1h2v897965293za200zb9181474282&_p=1742410522603&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1729457094.1742410523&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1742410523&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2F5vN9Vv&dt=GMX%20-%20E-Mail-Adresse%20kostenlos%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten%20%7C%20https%3A%2F%2Fnetgmxde-31f6a47759b2f659f...&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2441
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.178.155.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yuiadrs-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
report-to
{"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:137:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
543 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1729457094.1742410523&gtm=45je53i1h2v897965293za200zb9181474282&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:112:0
report-to
{"group":"ascnsrsggc:112:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:112:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:112:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 6668 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-N394QBRGC0&gacid=1729457094.1742410523&gtm=45je53i1h2v897965293za200zb9181474282&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&z=1145675648
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:24 GMT
expires
Wed, 19 Mar 2025 18:55:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1742410523814&sw=1600&sh=1200&v=2.9.189&r=stable&ec=0&o=4252&fbp=fb.1.1742410523809.19297462486614809&cs_est=true&pm=1&hrl=c33f48&ler=empty&cdl=API_unavailable&it=1742410523195&coo=false&cs_cc=1&exp=k0&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=110, rtx=0, c=24, mss=1232, tbw=8133, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 19 Mar 2025 18:55:23 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1742410523814&sw=1600&sh=1200&v=2.9.189&r=stable&ec=0&o=4252&fbp=fb.1.1742410523809.19297462486614809&cs_est=true&pm=1&hrl=c33f48&ler=empty&cdl=API_unavailable&it=1742410523195&coo=false&cs_cc=1&exp=k0&rqm=FGET
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-8jyV9Px0' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7483596217334027303&cpp=C3&cv=1021047823&st=1742410524030"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
VFlQtfCRE10bYN37fxudCwpRKvjm2b/GnKUbWzpT808h+5ZCHs5i6VjnuAs/Ds/xycpV+IhVY6wM0ckn2zqvjw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7483596217334027303&cpp=C3&cv=1021047823&st=1742410524030", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-8jyV9Px0' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=121, rtx=0, c=27, mss=1232, tbw=8905, tp=20, tpl=0, uplat=146, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
128002626
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/128002626?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
2323bf26d51f9af31c30e9e8ec203e1c86f104e6be68bfb9e76932240a942fcd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VU6mzxekjmp2KM9u79uHHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjctDikmLw1pBiOHnrNtNFIG69eY51OhAbrT3P6gLEhgqXWJ2B-P66S6zPgfhD_WXWH0BcJHGFtQWIhXg45ix7s49N4MS2CW8YlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwNjA0t9AwM4wsMAEpbMTA"
content-security-policy
script-src 'report-sample' 'nonce-VU6mzxekjmp2KM9u79uHHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
policy-check
cpt.geniee.jp/hb/v1/ 		12 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/policy-check?loc=https%3A%2F%2Freurl.cc%2F5vN9Vv&list_id=mid-219632&gam_id=gam-424536528%2Cgam-0
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.153 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
*
cache-control
max-age=10800, private
content-length
12
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
application/json
server
nginx
cross-origin-resource-policy
cross-origin
adsrv
onead.onevision.com.tw/v2/ 		177 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/adsrv?version=20240208&uid=1000480&category=-1&cookie=true&ip=&guid=b6c9cb10-04f3-11f0-a78e-0242ac120002&channel=0&volume=0.5&r=&adid=&response_freq_multiple=native-drive.0&web_location=https%3A%2F%2Freurl.cc%2F5vN9Vv&title=GMX%20-%20E-Mail-Adresse%20kostenlos%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten%20%7C%20https%3A%2F%2Fnetgmxde-31f6a47759b2f659f...&fp=04c6d3e15a52f9e0d5fe2d47f4a29cde&_t=1742410523995&cb=ONEAD_text_response_1wuoj&pb=0&spid=&bgid=0
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
8785419fa296c2970b4f0e1dedd2650e845e57af399fb719717b9cab95443ecb

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-onead-version
f00555d2
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
795744731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-onead-guid
b6c9cb10-04f3-11f0-a78e-0242ac120002
access-control-allow-credentials
true
x-onead-message
browser_incompatible
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
177
x-onead-backend
onead-http-query-w07k-gohttp
server
gws
x-powered-by
OneAD
vzn
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA&verify=true
  • https://onead.onevision.com.tw/v2/pixel/vzn?id=y-coB_NA1E2p9MD_KiNNXYkkv9Hpbu4yYZhUpELg--~A
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/vzn?id=y-coB_NA1E2p9MD_KiNNXYkkv9Hpbu4yYZhUpELg--~A
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-onead-version
f00555d2
x-vendor
vzn
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
618482279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-vendor-client-id
y-coB_NA1E2p9MD_KiNNXYkkv9Hpbu4yYZhUpELg--~A
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-86wx-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

strict-transport-security
max-age=31536000
location
https://onead.onevision.com.tw/v2/pixel/vzn?id=y-coB_NA1E2p9MD_KiNNXYkkv9Hpbu4yYZhUpELg--~A
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
text/html
server
ATS
ltm
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id}
  • https://bcp.crwdcntrl.net/map/ct=y/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id}
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=53f64a9594eb3388ba82dd145c91e9f2
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/ltm?id=53f64a9594eb3388ba82dd145c91e9f2
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-onead-version
f00555d2
x-vendor
ltm
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
5290674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-vendor-client-id
53f64a9594eb3388ba82dd145c91e9f2
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-9d4b-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

expires
0
cache-control
no-cache
location
https://onead.onevision.com.tw/v2/pixel/ltm?id=53f64a9594eb3388ba82dd145c91e9f2
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Wed, 19 Mar 2025 18:55:25 GMT
pragma
no-cache
ttd
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=r1jlltl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=r1jlltl&ttd_tpi=1
  • https://onead.onevision.com.tw/v2/pixel/ttd?id=957157cd-20b8-47a5-8d70-cd72491d999b
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/ttd?id=957157cd-20b8-47a5-8d70-cd72491d999b
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-onead-version
f00555d2
x-vendor
ttd
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
25442605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-vendor-client-id
957157cd-20b8-47a5-8d70-cd72491d999b
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-9d4b-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

location
https://onead.onevision.com.tw/v2/pixel/ttd?id=957157cd-20b8-47a5-8d70-cd72491d999b
content-length
197
date
Wed, 19 Mar 2025 18:55:24 GMT
server
Kestrel
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=3m51m51&uid=b6c9cb10-04f3-11f0-a78e-0242ac120002&t=ajs
  • https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=b6c9cb10-04f3-11f0-a78e-0242ac120002&t=ajs
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=b6c9cb10-04f3-11f0-a78e-0242ac120002&t=ajs
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
HTTP/1.1
Server
44.218.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-64-233.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

Content-Length
1228
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Wed, 19 Mar 2025 18:55:25 GMT
Content-Type
application/javascript

Redirect headers

Location
/pixel/bounce/?pid=3m51m51&uid=b6c9cb10-04f3-11f0-a78e-0242ac120002&t=ajs
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Wed, 19 Mar 2025 18:55:25 GMT
cm
trc.taboola.com/sg/onedata/1/ 		0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/onedata/1/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-fastly-to-nlb-rtt
154868
x-timer
S1742410525.708704,VS0,VE156
x-vcl-time-ms
156
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
0
date
Wed, 19 Mar 2025 18:55:24 GMT
x-service-version
v1
server
nginx
x-cache-hits
0
x-served-by
cache-bur-kbur8200108-BUR
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
public,max-age=3600
etag
W/"5fad-191b5b37a20"
age
1234
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24493
date
Wed, 19 Mar 2025 18:34:50 GMT
last-modified
Tue, 03 Sep 2024 02:25:24 GMT
x-powered-by
Express
content-type
image/png
Shield_AI_Lockup___Jet_Black_Logo.jpg
mma.prnasia.com/media2/2632721/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2632721/Shield_AI_Lockup___Jet_Black_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.18.96.225 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2299c048d3c0e81cfccad6b24d0a05ec8e6f16fe10fc1c1eed56ba5d1414ea3f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
9277
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 19 Mar 2025 14:06:07 GMT
server-timing
intid;desc=549bd486ffc63753
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
image/jpeg
last-modified
Wed, 19 Mar 2025 14:06:06 GMT
vary
*, Accept-Encoding
access-control-allow-headers
Content-Type
cache-control
public, max-age=1
cf-ray
922f2f14dda67be0-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
15167
x-powered-by
ASP.NET
server
cloudflare
1742374481-3d19ad150481be3ceca110b983ca7518-840x525.jpg
img.gbyhn.com.tw/2025/03/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2025/03/1742374481-3d19ad150481be3ceca110b983ca7518-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ebba1833b570f5832aa77e77ceab9902919bf55faa8aa433a5a85894cbd5a4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
public, max-age=604800
cf-cache-status
HIT
age
34652
cf-ray
922f2f19af1f7c24-LAX
expires
Wed, 26 Mar 2025 09:17:53 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
71182
date
Wed, 19 Mar 2025 18:55:25 GMT
x-turbo-charged-by
LiteSpeed
content-type
image/jpeg
last-modified
Wed, 19 Mar 2025 08:54:41 GMT
server
cloudflare
priority
u=1,i
2025031907151634.jpg
img.racingcharger.tw/wp-content/uploads/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2025031907151634.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.1.220.9 , Taiwan, ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW),
Reverse DNS
ph2.g-dns.com
Software
Apache /
Resource Hash
6936fb93559b850cbabc65fef3dd59c157dde3cf0bb248570aefaa91f590fed7

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

accept-ranges
bytes
content-length
76816
date
Wed, 19 Mar 2025 18:55:25 GMT
last-modified
Wed, 19 Mar 2025 07:15:22 GMT
content-type
image/jpeg
server
Apache
%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2019/12/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2019/12/%E6%97%85%E9%81%8A%E6%8A%98%E6%89%A3-KLOOK-kkday-%E6%8E%A8%E8%96%A6%E5%84%AA%E6%83%A0%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
60358587de5fb1bd7a36b3ac882aca4e84279ce113f7764a31f097cda568bdbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
etag
"5ef05c2d-21e6d"
access-control-allow-methods
GET, HEAD
expires
Thu, 19 Mar 2026 05:30:13 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138861
date
Wed, 19 Mar 2025 18:55:25 GMT
x-ac
5.bur _atomic_bur HIT
content-type
image/jpeg
last-modified
Mon, 22 Jun 2020 07:22:21 GMT
server
nginx
1f449.png
s.w.org/images/core/emoji/15.0.3/72x72/ 		423 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/72x72/1f449.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=315360000
x-nc
HIT bur 1
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
423
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
image/png
last-modified
Tue, 30 Jan 2024 01:21:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
file.png
static.wixstatic.com/media/9a254c_bd6ab9dc57c349009b5f1eedc6fb236d~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		1010 KB
1011 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9a254c_bd6ab9dc57c349009b5f1eedc6fb236d~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-111.iad12.r.cloudfront.net
Software
openresty/1.27.1.1 /
Resource Hash
76e0fe9b59aa81409567a77b7f5cfaebcbe6d1a5586d4979c5a83a327f68d517

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-cf-id
FoV-KQTghhbPSDaBg_8M-TJwUCgQodLsIRabbX0XyRzzvw1u2twnzw==
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
age
3257905
via
1.1 google, 1.1 a85e1510327226089dfd77f1b1c39ad8.cloudfront.net (CloudFront)
x-wixmp-trace
projects/wix-media-infrastructure/traces/2spVhEK7hN7G4oknE9KNdNWC2Cu
access-control-allow-origin
*
x-seen-by
image-manipulator-79c6fd85fd-jw8kv
content-length
1033732
alt-svc
h3=":443"; ma=86400
date
Mon, 10 Feb 2025 01:57:00 GMT
content-type
image/png
x-cache
Hit from cloudfront
server
openresty/1.27.1.1
x-amz-cf-pop
IAD12-P4
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		0
0
AGSKWxVIFgYrXQ-7QfqXNODwSUyyU4J_hzJaDbbZZkySQogNO0ED-vcsIBd34Y8m5bn6JLl2Aii2xfzWlemk7v0qNgX0P1Y41w8C2xLnu2wkQ0ISQL-kylVL0GzOLPiWhbPrjdq7mfpiaw==
fundingchoicesmessages.google.com/f/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVIFgYrXQ-7QfqXNODwSUyyU4J_hzJaDbbZZkySQogNO0ED-vcsIBd34Y8m5bn6JLl2Aii2xfzWlemk7v0qNgX0P1Y41w8C2xLnu2wkQ0ISQL-kylVL0GzOLPiWhbPrjdq7mfpiaw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyNDEwNTI0LDc4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLG51bGwsW1s4LCJNaUQwVml1NEtiNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTIsOTUzNDAyNTRdXSJdLFsyOSwiZmFsc2UiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
9ac0cea8037049f4d75d7fefae50ec786f3ab5952ff6c80bc1e07985b31aea35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l-jtJrze5f6VCLBpp4xdOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:24 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmJw05BiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjmLHuzj03gwIJfS5mVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTA2MDS30DAzjCwwAGI0sIg"
content-security-policy
script-src 'report-sample' 'nonce-l-jtJrze5f6VCLBpp4xdOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 80B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
1769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28720
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:25:56 GMT
expires
Wed, 19 Mar 2025 19:15:56 GMT
last-modified
Mon, 17 Mar 2025 19:42:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
107756
x-goog-stored-content-encoding
gzip
expires
Wed, 18 Mar 2026 12:59:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Tue, 18 Mar 2025 12:59:29 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AKDAyIvuhycBiZV9JeORnaJQHZmOjiL0vuW97VD_EUR507Gfo-1WAjwPJLIgsSbqvowsnZT2CV3ySGx02hF6
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

etag
861bdaf24bda5c0db45c6ebe1c94a9eb
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2729
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 05 Feb 2025 14:45:21 GMT
server
Google Frontend
x-cloud-trace-context
e438839e01cc1528746b94c783644bd4
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b6c5af2d5c532a14b5aa51656c9d5e8be329b1424ec1df2947ad2de309622448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-a641"
cross-origin-resource-policy
cross-origin
expires
Thu, 20 Mar 2025 18:55:25 GMT
access-control-allow-origin
*
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"678fc4ec-4599"
age
377866
cf-ray
922f2f1569bedba6-LAX
expires
Sat, 22 Mar 2025 18:55:25 GMT
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
application/javascript
last-modified
Tue, 21 Jan 2025 16:01:48 GMT
vary
Accept-Encoding
server
cloudflare
ads
securepubads.g.doubleclick.net/gampad/ 		182 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1663570124539930&correlator=3832255646321589&eid=31090594%2C31090851%2C83321072%2C95340252%2C95340254&output=ldjh&gdfp_req=1&vrg=202503130101&ptt=17&impl=fifs&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13848%2C18535%2C13856%2C13860%2C14209%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=300x250%2C1x1%7C320x480%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100%2C300x250&ifi=1&didk=3663017418~954026992~3220679602~2335188262~1073006158~4279657583&dids=div-gpt-ad-1692339097859-0~div-gpt-ad-1706005027566-0~div-gpt-ad-1682415009667-0~div-gpt-ad-1682415043506-0~div-gpt-ad-1683598631228-0~div-gpt-ad-1683598657711-0&adfs=1641170635~~3999208325~~4276429512~3230137061&sfv=1-0-41&sc=1&cookie_enabled=1&abxe=1&dt=1742410524803&lmt=1742410524&adxs=1005%2C-9%2C245%2C-9%2C245%2C625&adys=108%2C-9%2C108%2C-9%2C455%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&vis=1&psz=380x250%7C0x-1%7C380x250%7C0x-1%7C1140x50%7C380x250&msz=350x250%7C0x-1%7C350x250%7C0x-1%7C1110x50%7C350x250&fws=0%2C2%2C0%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742410521944&idt=1887&adks=1451399479%2C4066066610%2C827794272%2C3475397127%2C3271617715%2C3242553145&frm=20&eoidce=1&td=1&egid=33717&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
a7b4ae8f7d89b6cbc700caa60316f712fdb05c5275803439f6d57d644a7c775a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
dcb
google-lineitem-id
6424070779,6405456366,6690069789,-2,6499557592,6499556608
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138456634296,138452341869,138468304473,-2,138462658624,138462658495
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
content-length
14600
x-xss-protection
0
server
cafe
container.html
58a4331b46e91558200667fdd84a4b06.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame 6A60 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://58a4331b46e91558200667fdd84a4b06.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:25 GMT
expires
Wed, 19 Mar 2025 18:55:25 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXK7gfX45uFGTdCAbqZDNTGQ6eEuasXKp_hJwJDpmcyiDusYdE1-twfuQn7xMrMITAIEUbeXg9X4WwlHXoLarqGmovc_oQidhYo4PTCz9ljpyb9-XBecGeMyrvmTqOrDYx8thgIcg==
fundingchoicesmessages.google.com/f/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXK7gfX45uFGTdCAbqZDNTGQ6eEuasXKp_hJwJDpmcyiDusYdE1-twfuQn7xMrMITAIEUbeXg9X4WwlHXoLarqGmovc_oQidhYo4PTCz9ljpyb9-XBecGeMyrvmTqOrDYx8thgIcg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyNDEwNTI1LDMwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLG51bGwsW1s4LCJNaUQwVml1NEtiNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTIsOTUzNDAyNTRdXSJdLFsyOSwiZmFsc2UiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
ac73f9b1ae3c797b243d513e2f932200fdbef979b80b92bd679ac55c0116c182
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ozfjRKEgOSdsWdwuP3mwuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmJw0JBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFuDnmLnuzj01gw5GnQUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkamBsaGFnoGhvEFBgDplCvF"
content-security-policy
script-src 'report-sample' 'nonce-ozfjRKEgOSdsWdwuP3mwuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
view
securepubads.g.doubleclick.net/pcs/ Frame 3BBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulPOah7JCXt8uwmwlVCxVRyPfupDhAtBuucjC0l8uSOsWWJgLuHF-ccopTgjOXzSRvuBO81eVSsdAcGpmHHu1syzAOdXIff5HeI2VoYWJgbrr5FgybKQpxdUqVguSALUFNys3yPgx-7XgVXqjgnEnmZ_StwtWukhOIhqWMUQBWeIqB-UyrgmrN16paSU7S1RcNIRWOjvlYM3EPV_hBBVxjP9QihHg_i5fkYnASumx504EaAmU_7DPDvLs43RM-zjsAr41xdRserxaADrSYUT9BCa_EoKPaIXu68AJt8y20EMHO_-h8d9nRl3PT1EoEpRLMtIGYU48pr71HVVAM_eFJsxzdxawwdi19ON3Swc46XrT3Ff-9QG5jXmp0jPBKuAVI3om6J__vNA2TzM50tCOuUUEEfWrtRbE1N2-xfYvwhvF3jbPadMPvCQ&sai=AMfl-YRSlstGLUZe7ejnzU7CZMtwM-uRUXNJpAN-TCS05qmp2lwRbRWL9pNkkIx9vEaH3Wy2eIrKfth09huAeKJbXVqKmCVXBdxg9jL8ay0sbT55-rdKMQ85T8i7MPDD&sig=Cg0ArKJSzNrhwvdwCZtzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cf_reurl_tw_gam.js
api.popin.cc/searchbox/ Frame 3BBA 		129 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
cd0db2d68f6fb00e1197e823f47e1f53aa2aa2ae85228a5e5d04a4a863629cc1

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

Content-Encoding
gzip
ETag
W/"84c303c8957ac66aa38f2a88e2291b99"
x-amz-version-id
u2A0lYWFB7No0ZP_ZBKUcX5kfrhgSMHf
Expires
Wed, 19 Mar 2025 19:55:25 GMT
Date
Wed, 19 Mar 2025 18:55:25 GMT
Last-Modified
Wed, 19 Mar 2025 07:07:58 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Cache-Status
HIT from 10.252.55.25
x-amz-replication-status
PENDING
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3BBA 		219 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
f186eb26bb013dc13d3039942d33fe61d6dfb30685aa204bf847190d379b941c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
2474135099193125559
age
115
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 19:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68853
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 930C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdYnTKJUydYKhjqT8Ey8DWqFEcSYXlwoWKq1LqA3WDi9wVfsLV9-4GiSSAeqG22wmBu91qdV5dFVL755weTKJCgtHmXcTWz2tw4tBXoUxfetjyAt_Mdh9q05EhlEvjG8nP_YYoJsTRnTqw9bdqfuh_YnicouZsaITh-s-TytgxrqdXCL16NJpktOj6xasNvqjHYWnursdTWJ50x4yI0akMyw-l8ztJcnvMgHnNg5AM057GJCNoK3Eq9kwozDiYFpB9Ri30zlnYZWJ3rrnMNiIzb_Nk1dgxkEAXqMaVtKjjFfmp1bjuOWuZsXpTsxTS3a0zo7VqkBLt3LWL-CHGQAbUOUEzgbHs5qdvz3GIO9DycXRGgHD4oWVtBZLzIq1qd-Z5iOiLe299IPLPTdNedhmxZnl1PWvhbEqxoRT546fmXJP-Meq4VF_HWQ&sai=AMfl-YRj7I9zJQNeCfXPF-YWOwpFY4b6zUyy883-pA4pR7LgbZeo1eB4E-ts0K_d33lggF855U64CWKBi0nE41FJGFXeGpveyyIvYEdtgEugcWa9YFLRPrC2e6yiRyTb&sig=Cg0ArKJSzAJtLlzvfLwIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 930C 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
d145a82952ff5c4f3ef9aeda196d415b83289f3eeba9aa66293d34e053769913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
14905807339382166195
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
15140
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 930C 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
f186eb26bb013dc13d3039942d33fe61d6dfb30685aa204bf847190d379b941c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
2474135099193125559
age
115
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 19:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68853
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 5CEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBGdQ6eYu2dNoGyeVaqa3SjqHvut9rSsG7Ivb6YxrQt4Sw1q0Jj3IzLjgMLxv1dOwA3PUG8mt99JPE85jUqSyRONEN2x251V8YngH53CPYVUDAHXbWwRaYNNmG4ZAZjoRDB1ZmIaTrPzSS-bSw5H_3knRljFy67iDt1f9qVE7qfZ--m5g_y7HmXvSHE7ofzxEdmEcmHYyreTOIG4bGC2CHmXTtaKp9uVjk_VF31iNMJ7CVAUCEiQ8MWlq3OS2x6t9RuLqJEft1sUHd2CNmM-KJWxZOaB_tgBFWf_X63wKVP561CumPMWacRtzrT_c3Ns_5bnEHSc9x8fUL0hRIAZ6ZtBXQpUg8VSJpWdfS1z6B1lPQp5d4H-KKSRvWWpGMwG84U8jaPBV8LgXFjDdjxfRZnV8IbAKnngJHG7FDTfzf4FiYwVCiS1bJgJ0nFSOTHX0&sai=AMfl-YRtXxgFjl49JdHRc2tJfC9o_7-pSQAPEtBMsDXiJ2zVSNa-O3l3qkXykczwrc2uNK9cz1XHa_1h5hOoML1nbw2u8Vwl_ibjv-0Eznx0svA9wAOfGYoST7qeqjot&sig=Cg0ArKJSzBhl08h6kiLnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
init.js
cdn.holmesmind.com/js/ Frame 5CEF 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag
"2b18447e41c64d14195cefd72eb57400"
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
9645
x-amz-cf-id
jLcH00N1VMG3z8e0lh_RCgMVbECW6XrJqqC-0F3FrWF-BWnRuAnqDA==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Fri, 14 Mar 2025 09:01:33 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5CEF 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
f186eb26bb013dc13d3039942d33fe61d6dfb30685aa204bf847190d379b941c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
2474135099193125559
age
115
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 19:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68853
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame E87F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkELSmDLEnIPk6gWNOr8gtrZL67RInhIN9JS_f6_uxeYnlWfkuvy0JfT6va56XsiXXYyql4lP_PmwZYBgDBsuKyickzNMndwTWZR8895zrKN6fSj5ZJsXbhWhNnDfSYRl3Ju1e0uhWzD1DK2TE58fDtGE5CHuLPviJXhQKzTXioj0iDjVHz827PlmQaCCDHm6OnYmTzIp2bhF9J0Heh58aEm-3knUC8FuF0hLEqPUOYwC93dXoXnmgY5ndDFEyNo9UCp91t3yoeYZF9l1qwmjjxVFnlSBBXTjHbvYVE_H8nlQ3ldI5PvIHPtqyMSWpj2jFqM7FE9EvgFLI3yiwdxVLLp7GCip0X-ACPlHwzLgXJ6MTKHTjNOEGsjDx2iUrXovr9PlDiYYSxpMz3o9ahY0rgAio3M6V44P7tma7x4ZYVTNECsp-VOvUwwJ-82tzDHs&sai=AMfl-YQQj7_9WK6ekOXe4yPh1RIO1V46pNoVb9cwRKcYGwafcI7LKIB93HpApEYdT8H6tBbxnqZiubBONJ9rPvfznKr2bAVyQvkbqbm9QjKb97MLXDYpQFaaciCgtAV-&sig=Cg0ArKJSzDUeTjt5NCn1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
init.js
cdn.holmesmind.com/js/ Frame E87F 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag
"2b18447e41c64d14195cefd72eb57400"
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
9645
x-amz-cf-id
jLcH00N1VMG3z8e0lh_RCgMVbECW6XrJqqC-0F3FrWF-BWnRuAnqDA==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Fri, 14 Mar 2025 09:01:33 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E87F 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
f186eb26bb013dc13d3039942d33fe61d6dfb30685aa204bf847190d379b941c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
2474135099193125559
age
115
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 19:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68853
x-xss-protection
0
server
cafe
syncframe
gum.criteo.com/ Frame E8EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:25 GMT
server
Kestrel
server-processing-duration-in-ticks
352227
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 930C 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
66e66f3dbcaa05a6af194b46959dab852ed44ca9116a879b97b591e5142f3fd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
7771782788710957134
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:55:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
60926
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E87F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 930C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 930C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d735a5629e28e253f5615376a9534ae518e418b2d25bf0d922da0a955fc01ee0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame E87F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cb4c09dd1e1383eefb9483ebbd238f3d88abfbb60d674a691b035ad71792984

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E87F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad-topbanner-_468x060-
fundingchoicesmessages.google.com/f/AGSKWxUdV_QA0bl9OT5jw-_9QdfL166aslAA-qMmBg1Mdvt867gxbj_cHaXh_hhUq4wo0FoUqvYGINGTDYyMx0suEiRicBQxlq2nCm4BnIdcxBc_ba5mLBV5VKZ6tnQZi3FhmC5PqtJTODY-2D_lkFsASEmQt5A7l... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUdV_QA0bl9OT5jw-_9QdfL166aslAA-qMmBg1Mdvt867gxbj_cHaXh_hhUq4wo0FoUqvYGINGTDYyMx0suEiRicBQxlq2nCm4BnIdcxBc_ba5mLBV5VKZ6tnQZi3FhmC5PqtJTODY-2D_lkFsASEmQt5A7ly7_j8A23YLUmTBYKfhd4qP8LIJ8h99O/_/adnetmedia.-ads3.htm.org/exit.js/ad-topbanner-_468x060-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
b475235938637f55f3df2cf10303d7ded6c8ba32b025deb8391592000b8273dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aVFF0xomPnvxo__bxT7OUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjctDikmII0JBiOHnrNtNFIG69eY51OhAbrT3P6gLEhgqXWJ2B-P66S6zPgfhD_WXWH0BcJHGFtQWIhbg55i17s49NYMOVi55KGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpgbGhhZ6BobxBQYAGoYw2Q"
content-security-policy
script-src 'report-sample' 'nonce-aVFF0xomPnvxo__bxT7OUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		187 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
430304d026bd836836cca01df2d1faa2df25821443891e01cc5ec333af15841d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
11442392472538589842
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:55:26 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
60927
x-xss-protection
0
server
cafe
AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OqF90A76JdwbBjfAzL31Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:26 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw15Bi-FB_mfUHEAvxcMxb9mYfm0DHin0tjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDI1MDY0ELPwDy-wAAAWFokTw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OqF90A76JdwbBjfAzL31Ew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/ Frame 930C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 3BBA 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c90ae00adb34f62f22f83c08900e32f50aa9d2bd4d5b3b7199806e2de61359d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 5CEF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05060aa028bfb96a8de1e1daec5dc9ca14b9089ea90db20258299c6e2a6fce70

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
show_ads_impl.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503130101/ Frame 930C 		501 KB
501 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503130101/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
c6595dbcb319ef0ee29979294612e33f3e6d2176973b3bba332229020fde1c4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

etag
16193821704917067573
age
21808
x-content-type-options
nosniff
expires
Wed, 02 Apr 2025 12:51:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 12:51:58 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
513306
x-xss-protection
0
server
cafe
AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j7vWhVhPw5xT7qy6G4k3Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:26 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1ZBi-FB_mfUHEAvxcMxb9mYfm8CETZ3djEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDI1MDY0ELPwDy-wAAATLEkKQ"
content-security-policy
script-src 'report-sample' 'nonce-j7vWhVhPw5xT7qy6G4k3Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
td_js_sdk_171.js
api.popin.cc/ Frame 3BBA 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
3402df1af7b8665c51ac7e2d4fed5dc6cac147d61966672d9cf32a34acafedfe

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

Transfer-Encoding
chunked
X-Cache-Status
HIT from 10.252.55.25
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Content-Encoding
gzip
ETag
W/"d7d7ebc58d77dc27a2c068acdf41021d"
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Expires
Wed, 19 Mar 2025 19:55:26 GMT
Date
Wed, 19 Mar 2025 18:55:26 GMT
Last-Modified
Tue, 28 May 2024 09:22:02 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
nginx
x-amz-server-side-encryption
AES256
recommend
tw.popin.cc/popin_discovery/ Frame 3BBA 		688 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&&device=pc&media=reurl.cc&extra=windows&agency=popinag&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=88ca073e4ed6e03375e1742446526361&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODguMC40MzI0IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIEhlYWRsZXNzQ2hyb21lLzg4LjAuNDMyNC4xOTAgU2FmYXJpLzUzNy4zNiIsInVzZXJfdGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjLzV2TjlWdiIsInVzZXJfdGRfcGF0aCI6Ii81dk45VnYiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiIiwidXNlcl90ZF91cmwiOiJodHRwczovL3JldXJsLmNjLzV2TjlWdiIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJyZXVybC5jYyIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE3NDI0MTA1MjYzNjIsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&uis=%7B%22ss_fl_pp%22%3Anull%2C%22ss_yh_tag%22%3Anull%2C%22ss_pub_pp%22%3Anull%2C%22ss_im_pp%22%3Anull%2C%22ss_im_id%22%3Anull%2C%22ss_gn_pp%22%3Anull%7D&callback=_p6_9e78a80c361b
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
68f2e7022b9daa023a47f6d005a14811262f5b13b6f5aff10c2f1673f7dc028a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-length
688
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript;charset=UTF-8
server
nginx/1.13.5
cross-origin-resource-policy
cross-origin
track.js
ad.tagtoo.co/media/ad/ Frame 3BBA 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.tagtoo.co/media/ad/track.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.12.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3708bbe4489aefbf64066af6a499c7476cec23bfc6cf53e9d7f2bc88ff185687

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=HtPvWQ==, md5=K5U0R1vjCohHUf/iKAMCDw==
etag
"2b9534475be30a884751ffe22803020f"
age
2881
x-goog-stored-content-encoding
gzip
expires
Thu, 03 Apr 2025 18:07:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1802
date
Wed, 19 Mar 2025 18:07:25 GMT
last-modified
Mon, 10 Mar 2025 04:47:20 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AKDAyIuy7I0BYqepRBDQtrVlv_jhK2-ER9eB8nylOii5sB4dcgxLZXEjlGXsCWzCoAZcofrX3y4tGYY
cache-control
public, max-age=1296000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1741582040399052
content-length
1802
server
UploadServer
tuec.js
uec.tagtoo.co/ Frame 3BBA 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uec.tagtoo.co/tuec.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.150.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
etag
"2fa133db50cd81d87b8ffb8729a6ab35"
age
2816
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3770
date
Wed, 19 Mar 2025 18:08:30 GMT
last-modified
Tue, 12 Dec 2023 09:08:46 GMT
vary
Accept-Encoding
content-type
application/javascript
x-guploader-uploadid
AKDAyIvKtmTcFajpB8RUdHjzuGUuXYybMi2eBHJ2t5cdvWeMHKdjSSIfgQ1xwi9Uii4L2D8UgciOx8I
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1702372126688115
content-length
3770
server
UploadServer
utag.js
t.ssp.hinet.net/ Frame 3BBA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=0
cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Wed, 19 Mar 2025 19:05:27 GMT
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
popin_discovery5-min.js
api.popin.cc/ Frame 3BBA 		235 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
490591c52cd60da5e7055c5b77b7ec0b0e96c6035b62f9f2774992c6e2286969

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

Transfer-Encoding
chunked
X-Cache-Status
HIT from 10.252.55.25
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Content-Encoding
gzip
ETag
W/"0592717d783f969588268cdc2474be05"
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Expires
Wed, 19 Mar 2025 19:55:26 GMT
Date
Wed, 19 Mar 2025 18:55:26 GMT
Last-Modified
Tue, 28 May 2024 09:28:37 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
nginx
x-amz-server-side-encryption
AES256
discoverylogs
log.popin.cc/log/popin_media/ Frame 3BBA 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBIZWFkbGVzc0Nocm9tZS84OC4wLjQzMjQuMTkwIFNhZmFyaS81MzcuMzYiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLCJsb2MiOiJodHRwczovL3JldXJsLmNjLzV2TjlWdiIsInRkX29zIjoiV2luZG93cyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBIZWFkbGVzc0Nocm9tZS84OC4wLjQzMjQuMTkwIFNhZmFyaS81MzcuMzYiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg4LjAuNDMyNCJ9&t=1742410526364
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

etag
"5c120819-42"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
image/jpeg
last-modified
Thu, 13 Dec 2018 07:19:53 GMT
server
nginx/1.13.5
discoverylogs
log.popin.cc/log/popin_media/ Frame 3BBA 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLCJ1aWQiOiI4OGNhMDczZTRlZDZlMDMzNzVlMTc0MjQ0NjUyNjM2MSIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODguMC40MzI0IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIEhlYWRsZXNzQ2hyb21lLzg4LjAuNDMyNC4xOTAgU2FmYXJpLzUzNy4zNiJ9&t=1742410526367
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

etag
"5c120819-42"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
image/jpeg
last-modified
Thu, 13 Dec 2018 07:19:53 GMT
server
nginx/1.13.5
AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-61MyZbIqYZQkO43AIHAlhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:26 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1pBi-FB_mfUHEAvxcMxb9mYfm8CLiy_uMiq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwNjQws9A_P4AgMAptYlXw"
content-security-policy
script-src 'report-sample' 'nonce-61MyZbIqYZQkO43AIHAlhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUT9vzI3tLcnLUkza8Bco7TPR-isJpud0ZfPL2zLte0PvupwSFJTOJaKCSrRPVgMudlupUvQIZTIoqu_v1ClMlwm2Bxh35sZ9Q9xdy96TqXB2XWoTnUWt0Asx14U3RrJV9adHL0hw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t51V3ysU5-fN45SDFODC_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:26 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw15Bi-FB_mfUHEAvxcMxb9mYfm8CHzW8fMyq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjUwNjQws9A_P4AgMAnx8lSA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t51V3ysU5-fN45SDFODC_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXyYBkpd6lQBpcVClFopsaVfteInMMJpAzuXKE7eyQfhs9Px0IhWGrf8CvQJriUn2gsaF9zTm-Oj3O-sH_-frigRoQQ3_xYb8sz2kXyYFzxIl48i9QUHqjtPP9L0-BFjUt-0UtybQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXyYBkpd6lQBpcVClFopsaVfteInMMJpAzuXKE7eyQfhs9Px0IhWGrf8CvQJriUn2gsaF9zTm-Oj3O-sH_-frigRoQQ3_xYb8sz2kXyYFzxIl48i9QUHqjtPP9L0-BFjUt-0UtybQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyNDEwNTI2LDM5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLG51bGwsW1s4LCJNaUQwVml1NEtiNCJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTIsOTUzNDAyNTRdXSJdLFsyOSwiZmFsc2UiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
224b3000b773403d7b2ba4b118ad6ea822b97385129ead6c1c33f80fb0d050e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PMkNMFp8dvqaM_DZWDye6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:26 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmJw1JBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjmLXuzj03gxd-PjxmVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTA2MDS30DAzjCwwAN6Ys1w"
content-security-policy
script-src 'report-sample' 'nonce-PMkNMFp8dvqaM_DZWDye6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
capmapping.htm
cdn.holmesmind.com/js/ Frame A271 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-70.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
9
content-length
12184
content-type
text/html
date
Wed, 19 Mar 2025 18:55:27 GMT
etag
"313c12f57383ae26248323c3b33af799"
last-modified
Mon, 17 Mar 2025 05:33:47 GMT
server
AmazonS3
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
x-amz-cf-id
CFN6ag9XrwZR2GSQRFV4PaC8lF58bIqANcHkb_7IZfOCDh3vW5SiJA==
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame D95D 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag
"1ff97ce94c5a1127f915e6bf2a02c6a9"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10957
x-amz-cf-id
t5KqO9iUweyiWKe0ilm7mOK7fMN5onRitPH1WQZR2tVYUgIiVmijew==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 06:05:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
capmapping.htm
cdn.holmesmind.com/js/ Frame 400A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-70.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
9
content-length
12184
content-type
text/html
date
Wed, 19 Mar 2025 18:55:27 GMT
etag
"313c12f57383ae26248323c3b33af799"
last-modified
Mon, 17 Mar 2025 05:33:47 GMT
server
AmazonS3
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
x-amz-cf-id
CFN6ag9XrwZR2GSQRFV4PaC8lF58bIqANcHkb_7IZfOCDh3vW5SiJA==
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 8849 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag
"1ff97ce94c5a1127f915e6bf2a02c6a9"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10957
x-amz-cf-id
t5KqO9iUweyiWKe0ilm7mOK7fMN5onRitPH1WQZR2tVYUgIiVmijew==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 06:05:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
AGSKWxWRb5ur6AozLXZkMOe0DFavjS3TJxbAmuEEZwRtA2zHoX_qSRh5AtbbSrXx2GXwIOmgYb41VEg1PYSR2_1FjwQtWYazvxfgGtNHFPzscd9rIibkY4-een_wvbPpeQYpWXcRVLRgzg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWRb5ur6AozLXZkMOe0DFavjS3TJxbAmuEEZwRtA2zHoX_qSRh5AtbbSrXx2GXwIOmgYb41VEg1PYSR2_1FjwQtWYazvxfgGtNHFPzscd9rIibkY4-een_wvbPpeQYpWXcRVLRgzg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.MiD0Viu4Kb4.es5.O/d=1/rs=AJlcJMz-ABR8rxGlMT57LjrYPZ1gnsIWGA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vHwL4whs8KudrbWe3odHmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0ZBi-FB_mfUHEAtxc8xf9mYfm8CExsN8Si5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjUwNjQQs_APL7AAAAgryOz"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vHwL4whs8KudrbWe3odHmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
view
securepubads.g.doubleclick.net/pcs/ Frame 930C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgkfMDSZeRR1ctcuEzfDqyKQUzZOuE6BVeydkw_q_q2sDW_mDy83sqd_Kq_sT0s7FzPByiemodHJJ1zPrxrrgx4pf93QVYdAdpCyfOzFt_vDqt7IuDHyy0bKRls77k8E7OXsjN5H0O_G1kMTM6cWl-S_rNe8tfOx79R1GJvBvipZNlKH6KPc_Pq4iWMlv6WFlUt5d8YL7FE_uwtrX0JkJspsu5AfrM-gUx5HTcwrgigtLaFTwynhvRk31QG_c64FETnh-rLEzvLAEAV99F4ruc29gNfmMsTrr7qSajGyV_KRgXpnHc0I26ZcD0YwsYRm5mydTjG-KawXpgr1scqW-Sv5dAipZHEN25wRIo-9gdd9AKMtrQpIpfL0r9Uwmxac-zxJpgScMnXyXfQ-cnuMy4VpflsA6smFk-nuLKIXbUe_nRX2c8UtfvG06D&sai=AMfl-YQ6gSh-AoqkM3a7gCW7m60oYX9Vm1vx0R5A3epN24SVGV-g1JCVXFqg1xWMATE2g4kvX0yaVyrNvQIX9uFIxTbtVbNY26vmZLWvWD8fTQH-uSjvd_u7QgFSvcft&sig=Cg0ArKJSzCrmkbyFfL73EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:27 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:27 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20250318/r20190131/ Frame 5AC8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20250318/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503130101/show_ads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

age
73107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4233
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Mar 2025 22:37:00 GMT
etag
18385622960067315400
expires
Tue, 01 Apr 2025 22:37:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
adx.holmesmind.com/adx-file/20220715/ Frame 7BAA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=2220942683&adf=3173046723&pi=t.ma~as.2784%2F13803&w=300&lmt=17424105...
  • https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503130101/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-70.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/5vN9Vv
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

content-type
application/xml
date
Wed, 19 Mar 2025 18:55:27 GMT
server
AmazonS3
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
x-amz-cf-id
VoTQRGt5llQAjvq2oULxjXXycjYS5bOE5zuwS5gJMn9GpaODJc2Ggw==
x-amz-cf-pop
YUL62-P1
x-cache
Error from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:27 GMT
location
https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 930C 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250318&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503130101/show_ads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
f4bdd021a080b11191c5bdbfffcedfe2f1f19d9756fc801514bccebde681c947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12963
date
Wed, 19 Mar 2025 18:55:27 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
0.js
ecs.tagtoo.co/js/ Frame 3BBA 		201 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/0.js
Requested by
Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ed1353670cbe52a301571e6717fab543726f43f7bed2edd0ffca2e74f6a1d8bf

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=2mAcSQ==, md5=ijKbxOP20q6Aq4WlmoGeCA==
etag
"8a329bc4e3f6d2ae80ab85a59a819e08"
age
2717
x-goog-stored-content-encoding
gzip
expires
Wed, 19 Mar 2025 19:40:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
56322
date
Wed, 19 Mar 2025 18:10:10 GMT
last-modified
Fri, 14 Feb 2025 14:16:26 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AKDAyItROrmLpPpSgXxzquRuu_3PNQbiwX3JU-bBG8ayH4i5t8ZNS1-stMBUeeSrZzlzT-qFzJ04FMo
cache-control
public, max-age=5400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1739542586669957
content-length
56322
server
UploadServer
Preset.js
ad.holmesmind.com/adserver/ Frame D95D 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2203d66d3084c84012051182e2516115c3433b67e867eb117ca73de68c0e1808

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
js-md5.js
cdn.holmesmind.com/js/ Frame D95D 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
30621
x-amz-cf-id
m-ljqskWt8UAkbf8pf6MXdCTCPzRwL6Pv5vNYbgm0zcXTXWY8Gskbg==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
Preset.js
ad.holmesmind.com/adserver/ Frame 8849 		2 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
55dfda677ad1e3d2d68091c5c25b5e6577adb4356e8a26da05bacd6a355521de

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
js-md5.js
cdn.holmesmind.com/js/ Frame 8849 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
30621
x-amz-cf-id
m-ljqskWt8UAkbf8pf6MXdCTCPzRwL6Pv5vNYbgm0zcXTXWY8Gskbg==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
discoverylogs
log.popin.cc/log/popin_media/ Frame 3BBA 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoyLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLCJ1aWQiOiI4OGNhMDczZTRlZDZlMDMzNzVlMTc0MjQ0NjUyNjM2MSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImQ2NzhkYTU0LTc5MTAtNGYwMy05NDRkLWI3NDc0YzQ1YzYyMSIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgSGVhZGxlc3NDaHJvbWUvODguMC40MzI0LjE5MCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiLzV2TjlWdiIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy81dk45VnYiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODguMC40MzI0IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImQ2NzhkYTU0LTc5MTAtNGYwMy05NDRkLWI3NDc0YzQ1YzYyMSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1742410527279
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

etag
"5c120819-42"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
image/jpeg
last-modified
Thu, 13 Dec 2018 07:19:53 GMT
server
nginx/1.13.5
log.gif
r.popin.cc/ Frame 3BBA 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=88ca073e4ed6e03375e1742446526361&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&t=1742410527282
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

etag
"5d7754b9-23"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
image/gif
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 930C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503130101/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
/
t.ssp.hinet.net/ Frame 3BBA 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
cb11c9beca86ca9cfcc1ba8e239181b547109a68c08b79070ce7466dfc1111f6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Origin
server
nginx
/
www.facebook.com/tr/ Frame 3BBA 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?eid=1742410527393&id=404012299753340&ev=PageView&dl=https%3A%2F%2Freurl.cc%2F5vN9Vv&rl=https%3A%2F%2Freurl.cc%2F5vN9Vv&if=true&ts=1742410527393&sw=1600&sh=1200&v=2.9.44&r=stable&fbp=fb.1.1742410523809.19297462486614809&it=1742410527382&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=120, rtx=0, c=29, mss=1232, tbw=12441, tp=25, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
emome2
t.ssp.hinet.net/ Frame 3BBA 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=e52e4d33-15f7-474a-978f-6062210b71f0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
nginx
ads.js
ad.holmesmind.com/adserver/ Frame 8849 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2F5vN9Vv&n=281&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b5b523808b0a082ba75c7ca972da431258210f7c40a2845a4444d55ab121a70a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 8849 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
etag
"519bf06eca29382b4ee4cc4f1dace214"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2905
x-amz-cf-id
nSrawv0toiIKyV9W0j25toa3BfNqCVWAPywFSsMx6dhmjjNZBT0yRg==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
publishertag.js
static.criteo.net/js/ld/ Frame 8849 		130 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
6690e3c30b0eededab18045eb475d854615ca6c2205a1ee112762ea1d1625484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-2072d"
cross-origin-resource-policy
cross-origin
expires
Thu, 20 Mar 2025 18:55:27 GMT
access-control-allow-origin
*
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
criteoV2.js
cdn.holmesmind.com/js/ Frame 8849 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
etag
"13519f9e63c9828d93a698c47992e115"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3197
x-amz-cf-id
Hl9LhXOPn0DB4ZZtA-WuzlY4xGSNxAR4gmr3Rp-9viIp1PHGKbjAhQ==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 8849 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3470
x-amz-cf-id
y2CxjirauoKEUMjYpH519xWVAo7FbBglKrVEdyUeD-FhHfVQZQ5f1w==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appierV2.js
cdn.holmesmind.com/js/ Frame 8849 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
age
56
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3446
x-amz-cf-id
QTA9cw8PI2zDA6e45phm0X9SsCkpPkcVAIELE_ARCDjTR8vWt-PKZQ==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 8849 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5467
x-amz-cf-id
Eh4xTVdyldkzwa-1tq43KhkTJgbZIYL4-_FlXtJg4P1nQZFxYfjK1Q==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 52F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
675
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:44:13 GMT
expires
Wed, 19 Mar 2025 19:34:13 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 74C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f104.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vZxfjMYbcaeKAWuf5joEYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vZxfjMYbcaeKAWuf5joEYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:28 GMT
expires
Wed, 19 Mar 2025 18:55:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
ads.js
ad.holmesmind.com/adserver/ Frame D95D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2F5vN9Vv&n=763&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e294243852120622870f87f7d2f9e7fa42423e9cee42a34334bbbaa838aebe

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 3BBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui4aLPRM1qM7qFIZkcB80BDEKciuHJlLGaa6nwVDy_ypr1AATcqJzxGqanTFyahr4swrfMDbQIi3s381Uc5AQ093Hz5-4xMgtBvbkV72Za6hlQhzC0Z0zRxVREggdY1XFFmDLd10mTySoPulM7Ks00ZhwQhPu64YocJ7vPODkqoDvwiUTxPd0lnvWs2FZmQ3U9GDLd3q-QK2n68vI-vXq1X7yrxuOtmXPZldwrUudq_3vC8lI1hF2Wf8-Vy2vIPzl2JP9bHZo1RTLVGr2MwMBJh71XfTZwndRQAT6QzMEiAH51ovJSc1eRPRR_hGskzMzv1jM2BZJeHqzIY0AHDblqJPkiBMuy-AQpYad-47fb_XjznX4ajd_i0g2ZHpmhk_Oq3AiFBAR6V_oKJwwiQ1YWZp0y67uX3DJsqN5CYkMo7kK1Ma7nlEQ2w7HH&sai=AMfl-YSNP1ah4T-aKUC_5FG3rLZFWoPpQr1-SFUFBaGQGY9R0i5sqpLyiSBI2qhm7Mh0LVu6FhYVCiA6YuTv_6kMiQVHhh2-_wN6J42s1tPKwkLXUpf97HobIIm3B6Pq&sig=Cg0ArKJSzOeONp01KM-GEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:28 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 930C 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDnorOpogOeF4l5KnFIqXtP9n162XrGTcqlUbvE5YtytI1i9112uPYnOaudhJbXYmSmw77j1HRxy-TxtVYkcUk291jybU3oIYbFcJh6611odY1NPai9AD7o1qwGOxdElHTj5AaPYLb4rLC1OPvz8J8MvjK23_AdoIKOdT7_DC9gD4&sig=Cg0ArKJSzBg0rhhHG5wgEAE&id=lidar2&mcvt=1000&p=108,270,358,570&tm=1961.6999998092651&tu=962.1999998092651&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250317&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3834332500&rst=1742410525292&rpt=1669&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 19 Mar 2025 18:55:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8849 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-max-age
3600
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:28 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
utag.js
t.ssp.hinet.net/ Frame 8849 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Wed, 19 Mar 2025 19:05:27 GMT
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
/
t.ssp.hinet.net/ Frame 8849 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
c3c49c02fd303d749ebe60458745ba5b38eb9e3e2550936f9a7fb497b04bf63c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Origin
server
nginx
cdb
bidder.criteo.com/ Frame 8849 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=1204355598
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://reurl.cc/5vN9Vv

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:27 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame 8849 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6869510313397036
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/5vN9Vv

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Wed, 19 Mar 2025 18:55:28 GMT
Server
Kestrel
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 8849
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=ssxRvBEPBhmDAxEZIRPbZw
2 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=ssxRvBEPBhmDAxEZIRPbZw
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
via
1.1 google
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Wed, 19 Mar 2025 18:55:29 GMT
content-type
application/json; charset=utf-8

Redirect headers

Cache-Control
no-store
Location
https://ad2.apx.appier.net/v1/prebid/bid?acid=ssxRvBEPBhmDAxEZIRPbZw
Accept-Ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
null
Content-Length
0
P3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Wed, 19 Mar 2025 18:55:29 GMT
Server
nginx
utag.js
t.ssp.hinet.net/ Frame D95D 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Wed, 19 Mar 2025 19:05:27 GMT
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
drawV2.js
cdn.holmesmind.com/js/ Frame 8849 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2F5vN9Vv&n=281&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
etag
"dcf480340ca4b65dc9aa76bd9e677036"
age
43
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
13033
x-amz-cf-id
N9vv35ZKHFG4ZSUxOjPJF2DUivWn5ZjxgzeGQQtRmosU0WQinjrTbg==
date
Wed, 19 Mar 2025 18:54:49 GMT
content-type
application/javascript
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
drawV2.js
cdn.holmesmind.com/js/ Frame D95D 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2F5vN9Vv&n=763&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
etag
"dcf480340ca4b65dc9aa76bd9e677036"
age
43
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
13033
x-amz-cf-id
N9vv35ZKHFG4ZSUxOjPJF2DUivWn5ZjxgzeGQQtRmosU0WQinjrTbg==
date
Wed, 19 Mar 2025 18:54:49 GMT
content-type
application/javascript
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZDFZCDVDK1&gtm=45je53i0v9181474282za200&_p=1742410522603&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1729457094.1742410523&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1742410523&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2F5vN9Vv&dt=GMX%20-%20E-Mail-Adresse%20kostenlos%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten%20%7C%20https%3A%2F%2Fnetgmxde-31f6a47759b2f659f...&en=scroll&epn.percent_scrolled=90&_et=8&tfd=7368
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to
{"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:87:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
text/plain
server
Golfe2
cm
t.ssp.hinet.net/ Frame 8849 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&mp=e52e4d33-15f7-474a-978f-6062210b71f0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
image/png
vary
Origin
server
nginx
pixel
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net/ Frame 8849 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net/pixel?bd=e52e4d33-15f7-474a-978f-6062210b71f0&t=50ef57&referrer=
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

Strict-Transport-Security
max-age=0
Content-Length
0
Date
Wed, 19 Mar 2025 18:55:29 GMT
Content-Type
image/png
Server
nginx
Connection
keep-alive
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je53i1h2v897965293za200zb9181474282&_p=1742410522603&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102587591~102717422~102788824~102813109~102814060~102825837~102879719&cid=1729457094.1742410523&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1742410523&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2F5vN9Vv&dt=GMX%20-%20E-Mail-Adresse%20kostenlos%2C%20FreeMail%2C%20De-Mail%20%26%20Nachrichten%20%7C%20https%3A%2F%2Fnetgmxde-31f6a47759b2f659f...&en=scroll&epn.percent_scrolled=90&_et=12&tfd=7454
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.178.155.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yuiadrs-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
report-to
{"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:137:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
text/plain
server
Golfe2
pixel
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net/ Frame D95D 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net/pixel?bd=e52e4d33-15f7-474a-978f-6062210b71f0&t=50ef57&referrer=
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

Strict-Transport-Security
max-age=0
Content-Length
0
Date
Wed, 19 Mar 2025 18:55:30 GMT
Content-Type
image/png
Server
nginx
Connection
keep-alive
cm
t.ssp.hinet.net/ Frame D95D 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&mp=e52e4d33-15f7-474a-978f-6062210b71f0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
image/png
vary
Origin
server
nginx
events
bidder.criteo.com/csm/ Frame 8849 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/5vN9Vv

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:28 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixel.gif
static.criteo.net/images/ Frame 8849 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Sat, 14 Mar 2026 18:55:28 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
pixel.gif
static.criteo.net/images/ Frame 8849 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Sat, 14 Mar 2026 18:55:28 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 3BBA 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8xtp1vCskLTJp1lJXiNZD3HjCgO_cFxQhWHZnGNF6NgtqDd8LY59FCFXAzexotrQfkQlDzpB9Gf3XlIu7v0-jjaSgREvlLMwcGzV4otU8DnE5tFFbPa_D9LvokUvEjX69FHikQW4PwSRKwKbvzHTT9aJ5BjGBvVoruXq9DO9hQeY&sig=Cg0ArKJSzJzRKnYugxN2EAE&id=lidar2&mcvt=1000&p=108,1030,358,1330&tm=2891.5&tu=1891.3000001907349&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250317&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3834332600&rst=1742410525279&rpt=2675&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 19 Mar 2025 18:55:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6390 		106 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ff7b605167bad8133d80ef6cff4b7400096018e4a3c444870b356c57da52d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
724 / 20166 / m202503130101 / config-hash: 230325025761569198
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33519
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1649 		106 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ff7b605167bad8133d80ef6cff4b7400096018e4a3c444870b356c57da52d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
724 / 20166 / m202503130101 / config-hash: 230325025761569198
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33519
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/ Frame 6390 		523 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
d3e4dec7f8bb0c04ea7afdd3ddec48498dc1485e0ca8ecc10b9bb610e53f7dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
3959196029401901588
age
26088
x-content-type-options
nosniff
expires
Thu, 19 Mar 2026 11:40:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 11:40:35 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168071
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/ Frame 1649 		523 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
d3e4dec7f8bb0c04ea7afdd3ddec48498dc1485e0ca8ecc10b9bb610e53f7dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
3959196029401901588
age
26088
x-content-type-options
nosniff
expires
Thu, 19 Mar 2026 11:40:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 11:40:35 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168071
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/ Frame 6390 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/gpt
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
b39e05a71f1d102609e37419d18d6ef7afab979a64e6a83f99ca240f29af08c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7481735638272510099
age
14056
x-content-type-options
nosniff
expires
Wed, 26 Mar 2025 15:01:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 15:01:07 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23120
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503180101"
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/ Frame 1649 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/gpt
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
b39e05a71f1d102609e37419d18d6ef7afab979a64e6a83f99ca240f29af08c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7481735638272510099
age
14056
x-content-type-options
nosniff
expires
Wed, 26 Mar 2025 15:01:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 15:01:07 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23120
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503180101"
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 507D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
1769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28720
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:25:56 GMT
expires
Wed, 19 Mar 2025 19:15:56 GMT
last-modified
Mon, 17 Mar 2025 19:42:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 6390 		18 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202503130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
159b5ec184dcf784a05ef189e5205f7f10d5d545d13e77f01d1b9667829fb047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13935
date
Wed, 19 Mar 2025 18:55:29 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ Frame 6390 		36 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3288306976920338&correlator=3943773869917599&eid=83321267&output=ldjh&gdfp_req=1&vrg=202503130101&ptt=17&impl=fif&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&didk=607409652&dids=gpt-passback&adfs=3758817455&sfv=1-0-41&sc=1&cookie=ID%3Da542e16fdb9bd1ff%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MbRVJSjyADFeWy6RrXiuvU2mGT8sA&gpic=UID%3D00000ffe8ee0d4e0%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MaR_T-6aZt_ats4hqU0d8VLWqswRQ&abxe=1&dt=1742410529188&lmt=1742410529&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=geui3glyfs90&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&ref=https%3A%2F%2Freurl.cc%2F5vN9Vv&top=https%3A%2F%2Freurl.cc%2F5vN9Vv&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742410529049&idt=86&adks=3360245792&frm=23&eo_id_str=ID%3D79d06a81057e2c3d%3AT%3D1742410524%3ART%3D1742410524%3AS%3DAA-AfjZcTjlsMINiPK71vZ2pH5Ir&td=1&egid=43103&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
fd92cd7fd05550f69aeeee229756dc216f6df894a406f3a94072da9ab0fb0269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
dcb
google-lineitem-id
6499556608
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:29 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138462658495
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
content-length
7993
x-xss-protection
0
server
cafe
container.html
83ad614ad8e0fdfa155053fef697a3c6.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame 61F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://83ad614ad8e0fdfa155053fef697a3c6.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:29 GMT
expires
Wed, 19 Mar 2025 18:55:29 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 4092 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
1769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28720
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:25:56 GMT
expires
Wed, 19 Mar 2025 19:15:56 GMT
last-modified
Mon, 17 Mar 2025 19:42:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 1649 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202503130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
a8fb98f7d7ca3ebc36eaf5f80fdf6d0d5ba764b25e635a812a4dc0179dc64c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12948
date
Wed, 19 Mar 2025 18:55:29 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ Frame 1649 		519 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2362265481115546&correlator=255192555121080&eid=83321072&output=ldjh&gdfp_req=1&vrg=202503130101&ptt=17&impl=fif&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x100&ifi=1&didk=607409652&dids=gpt-passback&adfs=3758817452&sfv=1-0-41&sc=1&cookie=ID%3Da542e16fdb9bd1ff%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MbRVJSjyADFeWy6RrXiuvU2mGT8sA&gpic=UID%3D00000ffe8ee0d4e0%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MaR_T-6aZt_ats4hqU0d8VLWqswRQ&abxe=1&dt=1742410529214&lmt=1742410529&adxs=640&adys=455&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=dmv17srzawu7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&ref=https%3A%2F%2Freurl.cc%2F5vN9Vv&top=https%3A%2F%2Freurl.cc%2F5vN9Vv&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742410529062&idt=103&adks=1212019568&frm=23&eo_id_str=ID%3D79d06a81057e2c3d%3AT%3D1742410524%3ART%3D1742410524%3AS%3DAA-AfjZcTjlsMINiPK71vZ2pH5Ir&td=1&egid=43103&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
c91024f8d777e9aaa6664e29ff60c9b82af7dcef80a88e1af241fa246489dad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
dcb
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:29 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
content-length
269
x-xss-protection
0
server
cafe
container.html
ddee3b7ea2335940db03ebdb4b77bd63.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame 76A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ddee3b7ea2335940db03ebdb4b77bd63.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:29 GMT
expires
Wed, 19 Mar 2025 18:55:29 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ Frame 930C 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM60pMSBmyVuCf4Y-qUbGxgfCDGByDHMp3Zpvb6rBaClj-7AXH10tyDdrn-QuPSsLDS_qgHzSJR4aNN4X_wpFRHnk32Mk0egh3TGIZJJ_WJt_EgXylixBhA7CHV0CJY4GOdwm8IG8jLl0mkW3Pe_M8ywec_jhoYCdnEOLnbgIZoOtcch6oGVUTI9cwYHfDRoNqOsSsOMGQUEQicteEbJnUTO1NkSd13JX61hUBEMa_YcpV9Wvx4Q-mndl6LbknIV_L1KX33zkxG_q6CKqphCXUHwnPtDJKdviHXt0l-4tppTv570Ciu6uweuspEhprMXRzm30lA8NxiaExx3iCAnKob_Z_wQ4otBzdBfnP20poTpwWOxk7G8eEF2lJLtaHN7hFGknu04xdQHtwL3550jpPiw6kg7cjLlXURVyNh557zpw2x2SPf_NWh6yzF6aEvAPvNcR-TRcp6w&sai=AMfl-YSRsNnyYbWWsYQEZADjnpRhgIS9N4QQvI6UB6J0J06BMr6V3L4BH34rkvaNusnBY0LsV__S5g76qzm3pQvdquZ6kf1ijpzkaXmJn16QZ3jLZOOExoNal6dUir2q&sig=Cg0ArKJSzEiBwnv8v-4xEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
init.js
cdn.holmesmind.com/js/ Frame 1132 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag
"2b18447e41c64d14195cefd72eb57400"
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
9645
x-amz-cf-id
jLcH00N1VMG3z8e0lh_RCgMVbECW6XrJqqC-0F3FrWF-BWnRuAnqDA==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Fri, 14 Mar 2025 09:01:33 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1132 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
f186eb26bb013dc13d3039942d33fe61d6dfb30685aa204bf847190d379b941c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
2474135099193125559
age
115
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 19:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68853
x-xss-protection
0
server
cafe
capmapping.htm
cdn.holmesmind.com/js/ Frame 8C09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-70.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
11
content-length
12184
content-type
text/html
date
Wed, 19 Mar 2025 18:55:27 GMT
etag
"313c12f57383ae26248323c3b33af799"
last-modified
Mon, 17 Mar 2025 05:33:47 GMT
server
AmazonS3
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
x-amz-cf-id
iqNTMgAJ4gy087Ilz_JfS8RHAz1znzQEkYKM0TUO-jezU8gPdUf8-w==
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 7F48 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag
"1ff97ce94c5a1127f915e6bf2a02c6a9"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10957
x-amz-cf-id
t5KqO9iUweyiWKe0ilm7mOK7fMN5onRitPH1WQZR2tVYUgIiVmijew==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 06:05:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
Preset.js
ad.holmesmind.com/adserver/ Frame 7F48 		2 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
55dfda677ad1e3d2d68091c5c25b5e6577adb4356e8a26da05bacd6a355521de

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
js-md5.js
cdn.holmesmind.com/js/ Frame 7F48 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
30621
x-amz-cf-id
m-ljqskWt8UAkbf8pf6MXdCTCPzRwL6Pv5vNYbgm0zcXTXWY8Gskbg==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
truncated
/ Frame 1132 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f19f3da8d15704800135aae782b703ae40b674c5159a6984a7514f29af17d0c9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 6390 		18 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 5396 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
675
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:44:13 GMT
expires
Wed, 19 Mar 2025 19:34:13 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 696C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f104.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vZxfjMYbcaeKAWuf5joEYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vZxfjMYbcaeKAWuf5joEYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:28 GMT
expires
Wed, 19 Mar 2025 18:55:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 1649 		18 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 185B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
675
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:44:13 GMT
expires
Wed, 19 Mar 2025 19:34:13 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1E64 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.104 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f104.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vZxfjMYbcaeKAWuf5joEYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vZxfjMYbcaeKAWuf5joEYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:55:28 GMT
expires
Wed, 19 Mar 2025 18:55:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
ads.js
ad.holmesmind.com/adserver/ Frame 7F48 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2F5vN9Vv&n=584&o=1&fc=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&d=1&b=2&ts=1&ii=2&FPCK=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d1a2c73d9251907ae8a117f386c6bd3eb47f175ba2c4e1df4a1d61da0128f338

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 7F48 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
etag
"519bf06eca29382b4ee4cc4f1dace214"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2905
x-amz-cf-id
nSrawv0toiIKyV9W0j25toa3BfNqCVWAPywFSsMx6dhmjjNZBT0yRg==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
publishertag.js
static.criteo.net/js/ld/ Frame 7F48 		130 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
6690e3c30b0eededab18045eb475d854615ca6c2205a1ee112762ea1d1625484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-2072d"
cross-origin-resource-policy
cross-origin
expires
Thu, 20 Mar 2025 18:55:27 GMT
access-control-allow-origin
*
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
criteoV2.js
cdn.holmesmind.com/js/ Frame 7F48 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
etag
"13519f9e63c9828d93a698c47992e115"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3197
x-amz-cf-id
Hl9LhXOPn0DB4ZZtA-WuzlY4xGSNxAR4gmr3Rp-9viIp1PHGKbjAhQ==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 7F48 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3470
x-amz-cf-id
y2CxjirauoKEUMjYpH519xWVAo7FbBglKrVEdyUeD-FhHfVQZQ5f1w==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appierV2.js
cdn.holmesmind.com/js/ Frame 7F48 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
age
56
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3446
x-amz-cf-id
QTA9cw8PI2zDA6e45phm0X9SsCkpPkcVAIELE_ARCDjTR8vWt-PKZQ==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 7F48 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5467
x-amz-cf-id
Eh4xTVdyldkzwa-1tq43KhkTJgbZIYL4-_FlXtJg4P1nQZFxYfjK1Q==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7F48 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-max-age
3600
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:29 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 7F48 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6662045203613618
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/5vN9Vv

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Wed, 19 Mar 2025 18:55:29 GMT
Server
Kestrel
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 7F48
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=416v-w79CsSOJIyEIhPbZw
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=416v-w79CsSOJIyEIhPbZw
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
via
1.1 google
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Wed, 19 Mar 2025 18:55:30 GMT
content-type
application/json; charset=utf-8

Redirect headers

Cache-Control
no-store
Location
https://ad2.apx.appier.net/v1/prebid/bid?acid=416v-w79CsSOJIyEIhPbZw
Accept-Ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
null
Content-Length
0
P3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Wed, 19 Mar 2025 18:55:30 GMT
Server
nginx
cdb
bidder.criteo.com/ Frame 7F48 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=81868475874
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://reurl.cc/5vN9Vv

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:28 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
utag.js
t.ssp.hinet.net/ Frame 7F48 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Wed, 19 Mar 2025 19:05:27 GMT
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
drawV2.js
cdn.holmesmind.com/js/ Frame 7F48 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2F5vN9Vv&n=584&o=1&fc=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&d=1&b=2&ts=1&ii=2&FPCK=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
etag
"dcf480340ca4b65dc9aa76bd9e677036"
age
43
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
13033
x-amz-cf-id
N9vv35ZKHFG4ZSUxOjPJF2DUivWn5ZjxgzeGQQtRmosU0WQinjrTbg==
date
Wed, 19 Mar 2025 18:54:49 GMT
content-type
application/javascript
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
events
bidder.criteo.com/csm/ Frame 7F48 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/5vN9Vv

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:29 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixel.gif
static.criteo.net/images/ Frame 7F48 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Sat, 14 Mar 2026 18:55:28 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
pixel.gif
static.criteo.net/images/ Frame 7F48 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Sat, 14 Mar 2026 18:55:28 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Wed, 19 Mar 2025 18:55:28 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 1132 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAqx9_mwdiE1Mc2fHGGEynQRbaKzWSDQL9byIhT1GVlNqv6xiJjxeXfTqJKu2HDdi4CyM7ULM6_wEfBSltA8KKlVzw8uHcxwOpP_sn_d7EgZqTXTX3UlwtXM6zVqU5ErMjrpT67ASb-fKBHAgSjIXd0yEljQj9d2h15zeKfypIqeIAeMjrqYJJSO4n2BqpEv8SAMXjNT0goo541fAniqzhFyynd615tHG_9o5-Wf3khNfBxlciTpoKZ34hDIvey5olWQBIjBXWdFmurfCBqKKVao2FjZrfi2f9Yz-IiiWGYd3nHaNNPYKwO2uZnP5irAxoyy5FGlrRd-5ugufhz8_JPCKWkqPhpKRpKOwW_C6rSKwHJwD1fpV6gO_0b7TQFjPQ-pHlOA5-yFqbQkii1VE03RRIrHhlA4uyWWRT1LIKxT66hKQBbLJugUwe9eAcTDrqosDSTjTluIzf&sai=AMfl-YQsgbSPmY98hhgfnFO9IRk_LnJtHXYu9J6atPMTgpE-6x4jq6WzKPGYJjKW49P_Ju0D8Yiw5E56PTcrJNDekx-fYXeatbOBAp0l-Cm68df5yHKaJmzNO7zyYnw2&sig=Cg0ArKJSzArBQ9-SbxbEEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cm
t.ssp.hinet.net/ Frame 7F48 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&mp=e52e4d33-15f7-474a-978f-6062210b71f0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Wed, 19 Mar 2025 18:55:30 GMT
content-type
image/png
vary
Origin
server
nginx
pixel
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net/ Frame 7F48 		0
0
sodar
ep1.adtrafficquality.google/pagead/ Frame 6390 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3222 		106 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
ff7b605167bad8133d80ef6cff4b7400096018e4a3c444870b356c57da52d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
724 / 20166 / m202503130101 / config-hash: 230325025761569198
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 18:55:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33519
x-xss-protection
0
server
cafe
sodar
ep1.adtrafficquality.google/pagead/ Frame 1649 		0
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/ Frame 3222 		523 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
d3e4dec7f8bb0c04ea7afdd3ddec48498dc1485e0ca8ecc10b9bb610e53f7dcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
3959196029401901588
age
26088
x-content-type-options
nosniff
expires
Thu, 19 Mar 2026 11:40:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 11:40:35 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168071
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/ Frame 3222 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503180101/gpt
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
b39e05a71f1d102609e37419d18d6ef7afab979a64e6a83f99ca240f29af08c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

content-encoding
br
etag
7481735638272510099
age
14056
x-content-type-options
nosniff
expires
Wed, 26 Mar 2025 15:01:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 15:01:07 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23120
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503180101"
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame CCE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
1769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28720
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Mar 2025 18:25:56 GMT
expires
Wed, 19 Mar 2025 19:15:56 GMT
last-modified
Mon, 17 Mar 2025 19:42:52 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 3222 		0
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3222 		0
0
container.html
1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame 42E9 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1132 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNS6sNJMp9dkgkOoVTEqt23bVnC5L7WF3tN1sdZFWzKjARuRIveRyPeG-vp5jlh1OKhSW7VgzSHtGSllBaZmi6T2mmknp2JMiaZuHEPO2yG_BS_uEwwVzEJS6aIaHYajQew2tE20cFufk0ZexamqregY7LwvoINLJsfYmOPgKPrOE&sig=Cg0ArKJSzCq7UdKAW0SXEAE&id=lidar2&mcvt=1001&p=108,650,358,950&tm=1608.8999996185303&tu=607.8999996185303&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20250317&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3834332900&rst=1742410529455&rpt=660&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 19 Mar 2025 18:55:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ Frame 3222 		36 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1269274862509015&correlator=1693334941353770&eid=31090851%2C83321073&output=ldjh&gdfp_req=1&vrg=202503130101&ptt=17&impl=fif&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&didk=607409652&dids=gpt-passback&adfs=2597023774&sfv=1-0-41&eri=65&sc=1&cookie=ID%3Da542e16fdb9bd1ff%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MbRVJSjyADFeWy6RrXiuvU2mGT8sA&gpic=UID%3D00000ffe8ee0d4e0%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MaR_T-6aZt_ats4hqU0d8VLWqswRQ&abxe=1&dt=1742410531758&lmt=1742410531&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=lwpi6f8y6tp2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=6&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&ref=https%3A%2F%2Freurl.cc%2F5vN9Vv&top=https%3A%2F%2Freurl.cc%2F5vN9Vv&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&topics=3&tps=3&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742410530510&idt=73&adks=3360245792&frm=23&eo_id_str=ID%3D79d06a81057e2c3d%3AT%3D1742410524%3ART%3D1742410524%3AS%3DAA-AfjZcTjlsMINiPK71vZ2pH5Ir&td=1&egid=43103&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
0059fd5cb6f0ff89818c99678ffd9172748307401f05c9287ac9575c07bc865f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
dcb
google-lineitem-id
6499556608
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 19 Mar 2025 18:55:31 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138462658495
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
content-length
7986
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 6AAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK1kHitaF3TBFsXjWoscSaa2VoA7Cf4JpjU0o0Z4CDqr6y1DBZsqIDk8FRhMSGPihQf3q9kg6eDGD0hMClzgDRwjaZiK70fJvoyIz4ErNtfKKm68Ir9lbPWLBbp5CVy3hm-XABYVfoBQT8rS5O4Udbkkv-9KrermJBQ3hGIdGZ_Pje-WeZeAtWEa-lWDCEpTNJOfkzpa9dNjOLEKPI4gO0Ja7_h6oNvrW7yehm8vc-AorScV5hsrZKzoEGe1vGbhMtsIbGmk9pz1tVIoEjTNIQ1IWDH2Bsx6isHtUH4nNL2bESshXDBLk5Dwm31g7SpKFtRhP2v10muhEGKj8zm7NfE-Tk-_o2Vi_MG__36LK2ZTSKDTq1lbYQMhiYsP-DuV7szRBSJNwIH8t1d2_WXaObduI2FlAzpN7dfP-IVk1dUsA_kd5lXJ6gQLwct2t2wwU9wJASfwenAw&sai=AMfl-YTiKPYA3IEeG_8FOt90tmblRIraB6mfAWUpsl59futgaRAQcXkSLeq_ayLMEkNx-HsyLezGg07Agn3aLM8rm86c6f7vukVY2kk9xqKSMaF7_xPQMpK1OJx04wD3&sig=Cg0ArKJSzAZUgKALx8NMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/5vN9Vv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Wed, 19 Mar 2025 18:55:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
init.js
cdn.holmesmind.com/js/ Frame 6AAA 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag
"2b18447e41c64d14195cefd72eb57400"
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
9645
x-amz-cf-id
jLcH00N1VMG3z8e0lh_RCgMVbECW6XrJqqC-0F3FrWF-BWnRuAnqDA==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Fri, 14 Mar 2025 09:01:33 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6AAA 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503130101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
f186eb26bb013dc13d3039942d33fe61d6dfb30685aa204bf847190d379b941c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

content-encoding
br
etag
2474135099193125559
age
115
x-content-type-options
nosniff
expires
Wed, 19 Mar 2025 19:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 19 Mar 2025 18:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68853
x-xss-protection
0
server
cafe
capmapping.htm
cdn.holmesmind.com/js/ Frame 6111 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-70.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/5vN9Vv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
11
content-length
12184
content-type
text/html
date
Wed, 19 Mar 2025 18:55:27 GMT
etag
"313c12f57383ae26248323c3b33af799"
last-modified
Mon, 17 Mar 2025 05:33:47 GMT
server
AmazonS3
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
x-amz-cf-id
iqNTMgAJ4gy087Ilz_JfS8RHAz1znzQEkYKM0TUO-jezU8gPdUf8-w==
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 0798 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag
"1ff97ce94c5a1127f915e6bf2a02c6a9"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10957
x-amz-cf-id
t5KqO9iUweyiWKe0ilm7mOK7fMN5onRitPH1WQZR2tVYUgIiVmijew==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 06:05:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AAA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Wed, 19 Mar 2025 18:55:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 6AAA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d28587061f066f7669507486f4bee29066d8856bffa79e8427bf048cb2b7548

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
Preset.js
ad.holmesmind.com/adserver/ Frame 0798 		2 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
55dfda677ad1e3d2d68091c5c25b5e6577adb4356e8a26da05bacd6a355521de

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
js-md5.js
cdn.holmesmind.com/js/ Frame 0798 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
age
44
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
30621
x-amz-cf-id
m-ljqskWt8UAkbf8pf6MXdCTCPzRwL6Pv5vNYbgm0zcXTXWY8Gskbg==
date
Wed, 19 Mar 2025 18:54:48 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ads.js
ad.holmesmind.com/adserver/ Frame 0798 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2F5vN9Vv&n=752&o=1&fc=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&d=1&b=2&ts=1&ii=2&FPCK=8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp&fp_uuid=8274-c72df47f12bbadf35e3de89a4a8e293f&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.76.254.26 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-76-254-26.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Wed, 19 Mar 2025 18:55:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 0798 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
etag
"519bf06eca29382b4ee4cc4f1dace214"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2905
x-amz-cf-id
nSrawv0toiIKyV9W0j25toa3BfNqCVWAPywFSsMx6dhmjjNZBT0yRg==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
publishertag.js
static.criteo.net/js/ld/ Frame 0798 		130 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.47 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
6690e3c30b0eededab18045eb475d854615ca6c2205a1ee112762ea1d1625484

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-2072d"
cross-origin-resource-policy
cross-origin
expires
Thu, 20 Mar 2025 18:55:27 GMT
access-control-allow-origin
*
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
criteoV2.js
cdn.holmesmind.com/js/ Frame 0798 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
etag
"13519f9e63c9828d93a698c47992e115"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3197
x-amz-cf-id
Hl9LhXOPn0DB4ZZtA-WuzlY4xGSNxAR4gmr3Rp-9viIp1PHGKbjAhQ==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 0798 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3470
x-amz-cf-id
y2CxjirauoKEUMjYpH519xWVAo7FbBglKrVEdyUeD-FhHfVQZQ5f1w==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appierV2.js
cdn.holmesmind.com/js/ Frame 0798 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
age
56
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3446
x-amz-cf-id
QTA9cw8PI2zDA6e45phm0X9SsCkpPkcVAIELE_ARCDjTR8vWt-PKZQ==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 0798 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-10.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
age
59
via
1.1 52163f11ff65fb823b681e4c11a62116.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5467
x-amz-cf-id
Eh4xTVdyldkzwa-1tq43KhkTJgbZIYL4-_FlXtJg4P1nQZFxYfjK1Q==
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 0798 		0
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 0798 		0
0
apnet
gocm.c.appier.net/ Frame 0798
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
0
0
cdb
bidder.criteo.com/ Frame 0798 		0
0
utag.js
t.ssp.hinet.net/ Frame 0798 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/5vN9Vv

Response headers

cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Wed, 19 Mar 2025 19:05:27 GMT
date
Wed, 19 Mar 2025 18:55:27 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
drawV2.js
cdn.holmesmind.com/js/ Frame 0798 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blog.alphaloan.co
URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250318&jk=1828991862774990&bg=!BAelB0jNAAaCZO-FomQ7ADQBe5WfOBkHvzEeEo95gCGbVBWdeAHan6efSvfJCAzwcPz9LM_cfCCgFXWkvx7KAPX4GhkBAgAAAFpSAAAAB2gBB34ANZAGk9Mggy9Ou_ejpm6nZ7jga04GgpW9uMG3bmPeQ56RwT46rAY61YUofW47UhCZjyI8Jmh6mQKgZQxepKQmcn6zh0fDwVYKGvKhNB1O3esVotcPekLEiuEJWo1dOkdSlYzz7lf3FoUeYeZOEC071XtyGFvwC78wTxrc54QRyeSjXuiY1XuURvC7PUawuN0AfMrO_5cwNjOeL61tO4l9QztSm5f0kaOSKU-K8dbjcytrqq1tUMA4ltcs2A54ENbPIQDnvGEFkduDj7UCpSb7BX5IzoNI37SpktR-LR_VNjvaglOke-GoH8aZs75gnftM0E2vYCJz1CjN6wTh33CWyL0eV1gV15rjczgxxfJMvEU-MX3eub7sV_8YiwMhXg_8ShiTs9XFXKtxxoP9Yx6ryPbocvzIwp6kPZ-o7_JTNq3miZqctqL5p9nH72bE-VoJLTQlqNjuJub5hwi1BgXmv3IduHolLjLK38beCdVGjbeAnOvbKXWyaps1LNJEEvhpL_I6X57ZmuSTXv95eJ-lwFcXH1nS6T2B-Yu0XwIvn5vAudWK8brxEUW_nY1IWDCoHFPdvz7zRTtRJ_Ueg7byKzWhg6pYc90wQ8eNYa8-BlBopU2gDhhU1FJikT91PHTHbNE87f_SgDR3KY4FZTvXbIqlk4f1IoMWbj0cCJgQqA4vD1bRY5u_Vbyo-PUtgM2X1J8b1i2mtdGL_SzpjedMea-4WZuCP3_-ii_sbli7CCrFQbaipwn7JZRqPGGM-2-UKgI-Mg5cGzx9xKJCnBaEp02zp7fyT9YqCdIMYPE9M-fsr9Tb7CN97-2cPs4ikPMesCb83QhrVOtnfY-hNwkRpotn73xLrdQq3R4UR0lx2W0rYQnBaQ_ai2SYgjfx3XNfN6xX3BW0cdLIt1zzggUI5JN5wk3jnI8ugpdfCi0ciITFBduwAmup6Pq_5CxWjb4htZcfEnpLVOMH
Domain
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net
URL
https://e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net/pixel?bd=e52e4d33-15f7-474a-978f-6062210b71f0&t=50ef57&referrer=
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202503130101&jk=3288306976920338&bg=!ZmWlZSrNAAaCZO-FomQ7ADQBe5WfOHOVQXG-Kk8Bxtnz7mC_JHGwbNWonDaX72lREqRZxuAwEPEr6WXz89f0rjXmqNcUAgAAATxSAAAAGGgBB34AN_OkMdWifNN-AV-HFx_Baj7CJI99yCM93IiQ_QSZbzfeRpYC0KoBadjJ_aRowEppk0vFUw6I3C2ZBXGyX7M4SWTerTJ1PPqNBwwP5Wa4H41TLZ8aNeQRo8e9FUcrvv4JOl1OwRfaqzv0AllZG5zXpeORGZxnze_wE7ZfYwoHuU0GaNyf_EenxFyDWm6-woiErKG4Y2PJZHAQdZRqL3as9s997_WFIHe-mE06BvrpBuXFBZ94uO778W0ZZ8-zdmg4CtrTTJwGKgHZI8nXTs4Hn1-xJH45T4st8sD9_wcHkizYP_Onj07a33jIZdeDJ4VfC9Q6Z_fi785680dRFr9bsUR2OeC6p2iTyukX9_xm4rS3noKghs60Pyq_XEmub0X1qXJbr7kMvg2KzUmHRRXSLRH7GFkfv-3xOoW9Glj9lHoKukZvy5DaHMWAR2TtwskSU6PczWODJi5xGjNT47_NWuX6H5kX8LpHexInyKKLq7adTed6e6oA1B6hiaKdOzugSGF-a8zvI2yiu6hJkZzabcQ9zszRseChex7XW1dzCxNOgLdKp2BKm2wzxGTktpiX0fjamSuSqT1zuGozW7kyxmSf-50UBSQNmPv6g0C9gBbVogQP5u7yYdBaOIqVz2jJkzdTcZh7_g4Brwq1ouPVZprvB9Fjw8Mu-GXJOA1ydyc3Tn3oL0CwZNBFYruU0yA6GkOReK6iV2SQ7BZv_yoRIpcrTb83rWk86wSCEAvWtE7SRTJmiN1DzFr8XBk8ifwFNvrrWSPF_jhjSJyIznPvTmp2V18hEC3-uyw1owld1VsBe_gAx0t0E3Z3GkaNME46Jz-jv69RCJO3I-T9mSD11ohqEcsCoL3l5FHb5ahh8kDdeVTU0J7xHgUiY4IyCKXJkr0uA7AKoYpYjHLMunwe3nWJGl9hgODAYceKY4YqSZvb6ltNK_OGpbqMIpWzFI5EQdR7aYBXUi5yaLAWK4Om9VldmkXyGaviuj3SftKn9f_PeLU2aNLH50myCQM4486j2l6vFrouL-X89-fjirzUDvbY6Esg_KS5BUK_TGw_yE2zLUumgrWaoykF_frIFgTZDTjFEKmz5JbdseQf3NjKaDImmpLlxEtEkx3-iNb16yp0JIBkCofbh_u4l3MAISlgh--6v_vJJn_W6tdVSexGLDbvwclFl5TydHzQi4lLoJoOf0ALtvm4fZoQ7-aS_6197tX_nWF7jydmHYpNCL1E5V4kQe0EpE1rPHFy9uGQHCZPHP5fTslQoJabWglHrwFSuJ2fdg5zB69GuTmncZl5YioLmM90RkSKEj30-EomMVkZ5tpgS7jBR2xan2n3LGD7ezOegfbqFYf4L1RY4bxw9mUGZZiT7EGEKxZ1oh28344JqaHQ4YDWktXYwgQBfaKxh8U3bUJyDIZnewCxWJpf9FnBKjH5ulF2KcGRmYyXpADa4rEv4vSJCF9HqeOGn2Um0dnmgoq7mV_YitENoZL9KnH0H87Ve5bQ7mr1lG1UzyWLYhhFWGogsL9IsAVT7fLDqtuaI04y-NEP7e1Xgx93wYPTWGdmgovtJeJxMvl6EhBFVDJ8Gydd5OjoBo6aOqH33ILmGqFk7S4cZ_gqYlr3-28F61J_YUvljE8-nKOPY4FDa0jt7ygq-iT7ulpdoTnlkDdCJwcGz1xn8EYGUQclUG9IU2-bCqGorPpB9qJ8D4HMfuPhUCB9uAbmfaAXCAsmRizY7rezEV-V2SET56J9__DJjZc6aglX7c-5kxX-bviwGUbr43n_Gj2rQLZi000wmFhoITmdKj2Ef8KaXSut_aAk9dYPvh7vP4KW_Gth84qRX1FcZrlZ62rmOBnZ0Y4urfeO52GpbxIAUpQZfnwzgHUiCFbfUyATV4vrnibvacav1l0Z9tDNZhBfkAQK67G73pKr2kpBNUwyVvIx
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202503130101&jk=2362265481115546&bg=!7u2l7aLNAAaCZO-FomQ7ADQBe5WfODo_mvXJXf4btlVgxixxESLvKEtJCUS_d_s2FENy5CKDIm40I4Q5BnwR3JjWTWbpAgAAAF9SAAAABmgBB34ANb52dlnv6xEgztANZLwlJd_9KScljyKewjET1_Xhlz1XXBqxudIRER867Yhu9WJ7iVl7cM4_mQLC59KypWpCGCCFUQNbMHyfNHnmAiHjrJvNxNQJwnNfLOnhwcfaj-sjibRXjx8vxspA_owqwKo5a4CXKGOKZsG9Zl5SyMNS0oO0wrRXxQ8UFgofPBlEnyA1pIMTOj5qKt_rNLCogo4eLzq_-UdN-GifRiEqh0tJoreW2bMaMiRR3RkxXBaCwYdQpKSGMyf5JM5nngk8ueLETo7wtBCTy5iB5_4guuW4JbbolxX18JbGmwJ4qXUV0AU_bPpoT6M8WrUe5df2ws5QOZfClglreXFBPyjojBfMh-2l3jPlFfACYK5FOZBU-d8OwexSnGeNj5ZTFdStFZnxse6B-QR-Po9saloYwHGCoBaKMrdaC_171gBObufeEAkDbwgrAFTB5YxgUOCwpgEIko8jiAUP7J3u745M7k07bU-zoN8dD6ughg3pVe5__l_qz-rCp9ad277ebYwDxwDKgLr3y4V2C-kCjrfon0WWTPz-kfNkfwzUimZSCSJOGwEPAIz2IQw1zPVLOv1FYHYX_8eyjjuvin7ZMZ7AOD_8nnjAmmfwL_y7U5-Q6h31dXomqB3dNrKckuB8p8m5jnlEvhq5KR23O6R9OaE-Seih7ylwd9O2BE5-kgFtBjGqh03gX_yvrc0cxBG9t67mh18psFiV_SDyIBFJ15chn4QOwn3uw5gvxj9QPiTEsT_8DxmVo520SSS5QENRVKYdwmOFaZUF6kpm56isSApmT7Y72Aj7Unoc0cFfoV4FJSrm1viC3g-QJe72AchO4uaGDKNiP37SK6vdquv6UtaHJQbzOid3VepjUINCrUmPo8Bz-LLGuGkmu27W55_Of-cyKL4IAI_2C_PsNxbL9tFlpPVUJ767K5eZBJw2zOp3LJ7D3D-lmNxFgwbqImzd37AwrR5Pr9eHqSlM_AM0Vnw9Ry4kuj-ATyLxg6_R-_KZ0Q
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202503130101&st=env
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1269274862509015&correlator=2113944478472579&eid=31090851%2C83321073&output=ldjh&gdfp_req=1&vrg=202503130101&ptt=17&impl=fif&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&didk=607409652&dids=gpt-passback&adfs=2597023774&sfv=1-0-41&sc=1&cookie=ID%3Da542e16fdb9bd1ff%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MbRVJSjyADFeWy6RrXiuvU2mGT8sA&gpic=UID%3D00000ffe8ee0d4e0%3AT%3D1742410524%3ART%3D1742410524%3AS%3DALNI_MaR_T-6aZt_ats4hqU0d8VLWqswRQ&abxe=1&dt=1742410530691&lmt=1742410530&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=lwpi6f8y6tp2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=6&url=https%3A%2F%2Freurl.cc%2F5vN9Vv&ref=https%3A%2F%2Freurl.cc%2F5vN9Vv&top=https%3A%2F%2Freurl.cc%2F5vN9Vv&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742410530510&idt=73&adks=3360245792&frm=23&eo_id_str=ID%3D79d06a81057e2c3d%3AT%3D1742410524%3ART%3D1742410524%3AS%3DAA-AfjZcTjlsMINiPK71vZ2pH5Ir&td=1&egid=43103&tdf=2
Domain
1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com
URL
https://1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=6
Domain
prebid-asia.creativecdn.com
URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Domain
prebid.scupio.com
URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7540746714754718
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=16255672001
Domain
cdn.holmesmind.com
URL
https://cdn.holmesmind.com/js/drawV2.js

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| gtag object| dataLayer object| gnshbrequest object| googletag function| custom_call_ND object| ONEAD_TEXT object| ONEAD_text_pubs function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga function| ONEAD_text_response object| ONEAD_TEXT_INFO function| ONEAD_text_response_1wuoj function| text_etag_callback_1wuoj function| custom_call_MIR object| _ONEAD object| ONEAD_pubs function| Vue object| renews function| getRenewsFeeds object| app object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData boolean| gn_wrapper_executed object| gn_wrapper_queue object| gnpb string| gn_pvid string| gn_native_template object| __gn_config boolean| gnslibincluded boolean| __gnpb_analytics number| __gn_prebid_sampling_rate number| gn_aladdin_vendor_id number| gn_beacon_rate object| google_tag_manager function| onYouTubeIframeAPIReady object| google_reactive_ads_global_state object| YJ_YADS function| getGnshbrequestSlots object| gecptparams object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTk3NmUzMjkyZTQyZjBlNWxvYWRlcl9qcw== string| YTk3NmUzMjkyZTQyZjBlNWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id object| _33across object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| YAHOO function| YadsTimelineManager function| yadsTimelinePoolAds object| YJ_UADF function| gAdController function| yadsDispatchDeliverProduct function| yadsRenderAd_v2 object| yadsInnerFuncs function| yadsRequestAsync boolean| 8b9a2e43-99a1-48b4-a252-b9c4fd705065 number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| adsbygoogle string| google_user_agent_client_hint boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients

46 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _gid
Value: GA1.2.172552235.1742410523
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.1729457094.1742410523
.reurl.cc/ Name: _ga_ZDFZCDVDK1
Value: GS1.1.1742410523.1.0.1742410523.0.0.0
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1742410523.1.0.1742410523.60.0.0
.reurl.cc/ Name: _fbp
Value: fb.1.1742410523809.19297462486614809
onead.onevision.com.tw/ Name: onevision_guid
Value: b6c9cb10-04f3-11f0-a78e-0242ac120002
onead.onevision.com.tw/ Name: oid
Value: b6c9cb08-04f3-11f0-a78e-0242ac120002
reurl.cc/ Name: oid
Value: %257B%2522oid%2522%253A%2522b6c9cb10-04f3-11f0-a78e-0242ac120002%2522%252C%2522ts%2522%253A-62135596800%252C%2522v%2522%253A%252220201117%2522%257D
.adsrvr.org/ Name: TDID
Value: 957157cd-20b8-47a5-8d70-cd72491d999b
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiAwtjpysjzPRAFOAE.
.prnasia.com/ Name: __cf_bm
Value: 2VvudOd_sekGCzrCEiroV2Yav7qw7q5af5jZTZmrfQE-1742410524-1.0.1.1-UMX1hKR2t._OpShhesIXc.fFhz3jB1Pm6xY644YrnKv.NodGRUlccj9xe2hGGO8OSS.ag6vVVzCkFwM7osfsxcy6COBvhZY163uTRsuZRJI
.eyeota.net/ Name: mako_uid
Value: 195afc2a988-11130000010a4be0
.eyeota.net/ Name: SERVERID
Value: 19424~DM
.doubleclick.net/ Name: IDE
Value: AHWqTUmjlamAkFg0KH3miBsXoKwLWFnNDq4efLIdPV0OvsYxnxffmkM6QFY9k1POqd4
.reurl.cc/ Name: __gads
Value: ID=a542e16fdb9bd1ff:T=1742410524:RT=1742410524:S=ALNI_MbRVJSjyADFeWy6RrXiuvU2mGT8sA
.reurl.cc/ Name: __gpi
Value: UID=00000ffe8ee0d4e0:T=1742410524:RT=1742410524:S=ALNI_MaR_T-6aZt_ats4hqU0d8VLWqswRQ
.reurl.cc/ Name: __eoi
Value: ID=79d06a81057e2c3d:T=1742410524:RT=1742410524:S=AA-AfjZcTjlsMINiPK71vZ2pH5Ir
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 53f64a9594eb3388ba82dd145c91e9f2
.yahoo.com/ Name: A3
Value: d=AQABBB0T22cCENigrJDTjZ2-JdZpdYW7DOYFEgEBAQFk3GfkZ1if8HgB_eMAAA&S=AQAAApGSlHtg2yKPPQhaoLMzM8w
.analytics.yahoo.com/ Name: IDSYNC
Value: 19d3~2o56
.criteo.com/ Name: uid
Value: 0ee3428e-1210-4b36-9efa-09a8c8286a57
.reurl.cc/ Name: _ss_pp_id
Value: 88ca073e4ed6e03375e1742446526361
.reurl.cc/ Name: _td
Value: d678da54-7910-4f03-944d-b7474c45c621
.reurl.cc/ Name: FCNEC
Value: %5B%5B%22AKsRol-oqRbnrUeOiPp0h_UuTlcltnSdDc-ONBly0yeYCWxNTmh2ZpDxh09vBn1pU3EqiWkXdK-yvi-Q2aMLobVzrYtKE7nPOtGVuhjAEfYbBRl5PiQVhewo3tyF1R-XBXDv2EebDMYhEQ_F_Z4gYWITWGXjhy6cnA%3D%3D%22%5D%5D
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.popin.cc/ Name: uid
Value: 88ca073e4ed6e03375e1742446526361
.reurl.cc/ Name: _tg_csi
Value: 1
.hinet.net/ Name: uuid
Value: e52e4d33-15f7-474a-978f-6062210b71f0
.reurl.cc/ Name: __htid
Value: e52e4d33-15f7-474a-978f-6062210b71f0
.reurl.cc/ Name: _ht_em
Value: 1
.reurl.cc/ Name: CFFPCKUUID
Value: 1274-3NJWWOzZz3TxpTNAxEh6CznbnARmaEsv
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 8274-cCV4gsmjwMjKBcLfyYxG5Xo7Kmejyfvp
.reurl.cc/ Name: FPUUID
Value: 8274-c72df47f12bbadf35e3de89a4a8e293f
.reurl.cc/ Name: _ht_hi
Value: 1
.holmesmind.com/ Name: Vision
Value: 20250320-23:59,20250320-05,20250320-05,20250320-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 771504-2mBqLNWD3gnxHmIPDgwEVblGG12PtyFv
.holmesmind.com/ Name: fcm
Value: 1
.reurl.cc/ Name: _ht_50ef57
Value: 1
.lndata.com/ Name: admckid
Value: 2503200255281924629
track.91app.io/ Name: deviceid
Value: 517af869-fc05-428e-aa93-a34bd38808e6
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==

2 Console Messages

Source Level URL
Text
rendering warning URL: https://reurl.cc/5vN9Vv(Line 66)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A010CA0074190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com
58a4331b46e91558200667fdd84a4b06.safeframe.googlesyndication.com
83ad614ad8e0fdfa155053fef697a3c6.safeframe.googlesyndication.com
ad-specs.guoshipartners.com
ad.holmesmind.com
ad.tagtoo.co
ad2.apx.appier.net
adx.holmesmind.com
analytics.google.com
api.popin.cc
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
cdn-ima.33across.com
cdn.holmesmind.com
cdn.jsdelivr.net
cms.analytics.yahoo.com
connect.facebook.net
cpt.geniee.jp
creditcards.com.tw
ddee3b7ea2335940db03ebdb4b77bd63.safeframe.googlesyndication.com
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net
ecs.tagtoo.co
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
log.popin.cc
match.adsrvr.org
mma.prnasia.com
oa.openxcdn.net
onead.onevision.com.tw
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
ps.eyeota.net
r.popin.cc
re-news.tw
reurl.cc
s.w.org
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
stats.g.doubleclick.net
storage.reurl.cc
t.ssp.hinet.net
td.doubleclick.net
trc.taboola.com
tw.popin.cc
uec.tagtoo.co
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
yads.c.yimg.jp
1876a242924ae8845e439776c2c633db.safeframe.googlesyndication.com
bidder.criteo.com
blog.alphaloan.co
cdn.holmesmind.com
e52e4d33-15f7-474a-978f-6062210b71f0.t.ssp.hinet.net
ep1.adtrafficquality.google
gocm.c.appier.net
prebid-asia.creativecdn.com
prebid.scupio.com
securepubads.g.doubleclick.net
103.1.220.9
103.132.192.30
104.18.28.101
104.18.96.225
107.178.241.176
119.63.193.220
119.63.198.143
119.63.198.188
119.63.198.189
142.251.111.132
142.251.163.155
142.251.167.104
15.197.193.217
151.101.193.44
151.101.65.229
157.240.229.1
157.240.229.35
168.95.245.1
172.105.221.240
172.253.115.113
172.253.115.132
172.253.115.155
172.253.115.156
172.253.122.102
172.253.122.132
172.253.122.155
172.253.62.154
172.253.62.157
172.253.62.97
172.67.150.31
18.160.18.111
182.22.24.124
192.0.77.48
192.0.78.24
192.178.155.139
203.137.133.153
203.75.214.136
210.59.219.34
3.161.213.10
3.161.213.70
34.102.146.192
34.102.218.41
34.107.150.21
34.111.12.34
34.149.98.30
34.160.26.175
34.96.70.87
35.185.130.121
35.190.36.98
35.76.254.26
44.218.64.233
64.233.180.156
69.147.65.252
74.119.117.17
74.119.117.47
74.119.117.5
98.84.75.39
0059fd5cb6f0ff89818c99678ffd9172748307401f05c9287ac9575c07bc865f
05060aa028bfb96a8de1e1daec5dc9ca14b9089ea90db20258299c6e2a6fce70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c90ae00adb34f62f22f83c08900e32f50aa9d2bd4d5b3b7199806e2de61359d
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
159b5ec184dcf784a05ef189e5205f7f10d5d545d13e77f01d1b9667829fb047
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18ebba1833b570f5832aa77e77ceab9902919bf55faa8aa433a5a85894cbd5a4
1bf41ca1364230ce3a9cbbac1110ff4d7d287a9f978fa74297aa30117c4da9c0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2203d66d3084c84012051182e2516115c3433b67e867eb117ca73de68c0e1808
224b3000b773403d7b2ba4b118ad6ea822b97385129ead6c1c33f80fb0d050e3
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a
2299c048d3c0e81cfccad6b24d0a05ec8e6f16fe10fc1c1eed56ba5d1414ea3f
2323bf26d51f9af31c30e9e8ec203e1c86f104e6be68bfb9e76932240a942fcd
234c0c89b9e2409fbb4ebb449993aa93c347b2cf57925e8cb0ee5c751ea3dc46
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
3402df1af7b8665c51ac7e2d4fed5dc6cac147d61966672d9cf32a34acafedfe
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3708bbe4489aefbf64066af6a499c7476cec23bfc6cf53e9d7f2bc88ff185687
3ca1c289c3bccb1b83d28b132fbb719c0ed576c09ccddef5bb1febca95e6e53b
430304d026bd836836cca01df2d1faa2df25821443891e01cc5ec333af15841d
4492b353e67c3df2a549fcae0b77829ee1719e0b8375e83e048ebfa45f90ce7c
466b4a6c2c47478a104f80a757d2c06af42c6adfec939b18e7990bc1f6fa5460
490591c52cd60da5e7055c5b77b7ec0b0e96c6035b62f9f2774992c6e2286969
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55dfda677ad1e3d2d68091c5c25b5e6577adb4356e8a26da05bacd6a355521de
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd
60358587de5fb1bd7a36b3ac882aca4e84279ce113f7764a31f097cda568bdbc
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6690e3c30b0eededab18045eb475d854615ca6c2205a1ee112762ea1d1625484
66e66f3dbcaa05a6af194b46959dab852ed44ca9116a879b97b591e5142f3fd4
68f2e7022b9daa023a47f6d005a14811262f5b13b6f5aff10c2f1673f7dc028a
6936fb93559b850cbabc65fef3dd59c157dde3cf0bb248570aefaa91f590fed7
693cdefb5d2fa7ad54cd055a95a6f42e77daca881193649ad5b6b571650ff668
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
6d28587061f066f7669507486f4bee29066d8856bffa79e8427bf048cb2b7548
7040fd7374c1bc5bed13a4e532369c03fb62484514b5956508edfb09ede54fb4
72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
766b91aba7ba20c4f09336f9fb8eff2637435fd18ddc36473fe141b98af814d4
76e0fe9b59aa81409567a77b7f5cfaebcbe6d1a5586d4979c5a83a327f68d517
7b02340f2dc45840d3c378e8585638242965427824cfae847cda7f486176c359
7cb4c09dd1e1383eefb9483ebbd238f3d88abfbb60d674a691b035ad71792984
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8785419fa296c2970b4f0e1dedd2650e845e57af399fb719717b9cab95443ecb
87866bbe74a8504cfe8c08e4d353c29df95f752c3cded3eb807a4897f0f60418
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
9837bd51bb39154d68d6d7e965b87fa14ebe8b495fc086f6f0708182547cf6dc
9ac0cea8037049f4d75d7fefae50ec786f3ab5952ff6c80bc1e07985b31aea35
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
a7b4ae8f7d89b6cbc700caa60316f712fdb05c5275803439f6d57d644a7c775a
a8fb98f7d7ca3ebc36eaf5f80fdf6d0d5ba764b25e635a812a4dc0179dc64c6c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac73f9b1ae3c797b243d513e2f932200fdbef979b80b92bd679ac55c0116c182
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39e05a71f1d102609e37419d18d6ef7afab979a64e6a83f99ca240f29af08c6
b475235938637f55f3df2cf10303d7ded6c8ba32b025deb8391592000b8273dd
b5b523808b0a082ba75c7ca972da431258210f7c40a2845a4444d55ab121a70a
b6c5af2d5c532a14b5aa51656c9d5e8be329b1424ec1df2947ad2de309622448
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bc73ed340ef20534b613afea9bd95f199a55b77beab7c472e92ad92b4e39a1aa
c3c49c02fd303d749ebe60458745ba5b38eb9e3e2550936f9a7fb497b04bf63c
c6595dbcb319ef0ee29979294612e33f3e6d2176973b3bba332229020fde1c4d
c91024f8d777e9aaa6664e29ff60c9b82af7dcef80a88e1af241fa246489dad0
cb11c9beca86ca9cfcc1ba8e239181b547109a68c08b79070ce7466dfc1111f6
cd0db2d68f6fb00e1197e823f47e1f53aa2aa2ae85228a5e5d04a4a863629cc1
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d145a82952ff5c4f3ef9aeda196d415b83289f3eeba9aa66293d34e053769913
d1a2c73d9251907ae8a117f386c6bd3eb47f175ba2c4e1df4a1d61da0128f338
d3e294243852120622870f87f7d2f9e7fa42423e9cee42a34334bbbaa838aebe
d3e4dec7f8bb0c04ea7afdd3ddec48498dc1485e0ca8ecc10b9bb610e53f7dcb
d735a5629e28e253f5615376a9534ae518e418b2d25bf0d922da0a955fc01ee0
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e4fb9b3b1239835abc60fd16d2e64da36bfa919b8e81f11eea442c2bbf05f2
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ed1353670cbe52a301571e6717fab543726f43f7bed2edd0ffca2e74f6a1d8bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f186eb26bb013dc13d3039942d33fe61d6dfb30685aa204bf847190d379b941c
f19f3da8d15704800135aae782b703ae40b674c5159a6984a7514f29af17d0c9
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f4bdd021a080b11191c5bdbfffcedfe2f1f19d9756fc801514bccebde681c947
fd92cd7fd05550f69aeeee229756dc216f6df894a406f3a94072da9ab0fb0269
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ff7b605167bad8133d80ef6cff4b7400096018e4a3c444870b356c57da52d599