urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/XqAx30
Submission: On March 24 via api from JP — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 5 countries across 38 domains to perform 206 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 200657.
TLS certificate: Issued by R11 on March 14th 2025. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 34.149.98.30 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 203.137.133.154 4694 (IDCF IDC ...)
2 168.95.246.4 131660 (CHTCDN Da...)
2 157.240.229.1 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
5 107.178.241.176 396982 (GOOGLE-CL...)
4 31.13.66.35 32934 (FACEBOOK)
2 34.160.26.175 396982 (GOOGLE-CL...)
1 183.79.249.124 24572 (YAHOO-JP-...)
17 64.233.180.156 15169 (GOOGLE)
2 142.251.167.102 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.67.150.31 13335 (CLOUDFLAR...)
1 103.1.220.9 131149 (YUANJHEN-...)
1 192.0.77.48 2635 (AUTOMATTIC)
1 2600:9000:269... 16509 (AMAZON-02)
3 3 2001:4998:60:... 14196 (YAHOO-CHA)
2 2 34.202.71.45 14618 (AMAZON-AES)
2 2 52.223.40.198 16509 (AMAZON-02)
1 2 52.54.69.117 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
3 64.233.180.155 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
7 2620:100:a00b... 19750 (AS-CRITEO)
1 104.18.29.101 13335 (CLOUDFLAR...)
1 64.233.180.132 15169 (GOOGLE)
22 142.251.163.154 15169 (GOOGLE)
3 119.63.193.220 38627 (BAIDUJP B...)
25 2600:9000:269... 16509 (AMAZON-02)
1 2620:100:a00b... 19750 (AS-CRITEO)
7 172.253.122.139 15169 (GOOGLE)
6 54.178.103.138 16509 (AMAZON-02)
1 2 172.253.62.157 15169 (GOOGLE)
1 2600:9000:269... 16509 (AMAZON-02)
3 142.251.16.157 15169 (GOOGLE)
1 119.63.198.189 38627 (BAIDUJP B...)
1 34.111.12.34 396982 (GOOGLE-CL...)
1 34.107.150.21 396982 (GOOGLE-CL...)
12 203.75.214.136 3462 (HINET Dat...)
3 119.63.198.143 38627 (BAIDUJP B...)
1 34.102.218.41 396982 (GOOGLE-CL...)
6 2607:f8b0:400... 15169 (GOOGLE)
4 8 35.190.36.98 15169 (GOOGLE)
4 4 172.105.213.147 63949 (AKAMAI-LI...)
2 103.132.192.30 138552 (RTBHOUSE-...)
2 210.59.219.34 3462 (HINET Dat...)
1 119.63.198.188 38627 (BAIDUJP B...)
3 142.251.167.147 15169 (GOOGLE)
4 2620:100:a00b::5 19750 (AS-CRITEO)
1 172.253.122.132 15169 (GOOGLE)
1 142.251.16.132 15169 (GOOGLE)
206 57
1    35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
3    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    203.137.133.154 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
cpt.geniee.jp
2    168.95.246.4 (Los Angeles, United States)

ASN131660 (CHTCDN Data Communication Business Group, TW)
PTR: 168-95-246-4.hinet-ip.hinet.net
ad-specs.guoshipartners.com
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
3    2607:f8b0:4004:c1d::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    107.178.241.176 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.241.178.107.bc.googleusercontent.com
onead.onevision.com.tw
4    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
2    34.160.26.175 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.26.160.34.bc.googleusercontent.com
re-news.tw
1    183.79.249.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
yads.c.yimg.jp
17    64.233.180.156 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f156.1e100.net
securepubads.g.doubleclick.net
2    142.251.167.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f102.1e100.net
www.google-analytics.com
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c07::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c0b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
3    2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2606:4700::6812:60e1 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    172.67.150.31 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    103.1.220.9 (Taiwan)

ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW)
PTR: ph2.g-dns.com
img.racingcharger.tw
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    2600:9000:269f:ba00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
3    2001:4998:60:807::1 (United States)

ASN14196 (YAHOO-CHA, US)
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    34.202.71.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-71-45.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    52.54.69.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-69-117.compute-1.amazonaws.com
ps.eyeota.net
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
3    64.233.180.155 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f155.1e100.net
securepubads.g.doubleclick.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
7    2620:100:a00b::30 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    104.18.29.101 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    64.233.180.132 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f132.1e100.net
5fa805c3a361b91ca2fbc7e539aa4ad0.safeframe.googlesyndication.com
22    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
pagead2.googlesyndication.com
3    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
25    2600:9000:269f:c400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
1    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
7    172.253.122.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f139.1e100.net
fundingchoicesmessages.google.com
6    54.178.103.138 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-103-138.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
2    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
googleads.g.doubleclick.net
1    2600:9000:269f:1200:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
adx.holmesmind.com
3    142.251.16.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
ep1.adtrafficquality.google
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
1    34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com
ad.tagtoo.co
1    34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com
uec.tagtoo.co
12    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
3    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
1    34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com
ecs.tagtoo.co
6    2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
8    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
4    172.105.213.147 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1867-147.members.linode.com
gocm.c.appier.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
2    210.59.219.34 (Taichung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
1    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
3    142.251.167.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f147.1e100.net
www.google.com
4    2620:100:a00b::5 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
f1874c75e8614ef276d61a2a1301b50d.safeframe.googlesyndication.com
1    142.251.16.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
c352bfd00f479b20a7eddb69bb12a57f.safeframe.googlesyndication.com
Apex Domain
Subdomains		 Transfer
32 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 144812
ad.holmesmind.com — Cisco Umbrella Rank: 113263
adx.holmesmind.com
91 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 289
stats.g.doubleclick.net — Cisco Umbrella Rank: 284
td.doubleclick.net — Cisco Umbrella Rank: 327
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
245 KB
25 googlesyndication.com
5fa805c3a361b91ca2fbc7e539aa4ad0.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
f1874c75e8614ef276d61a2a1301b50d.safeframe.googlesyndication.com
c352bfd00f479b20a7eddb69bb12a57f.safeframe.googlesyndication.com
301 KB
15 google.com
analytics.google.com — Cisco Umbrella Rank: 253
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 649
www.google.com — Cisco Umbrella Rank: 10
72 KB
12 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 115896
gocm.c.appier.net — Cisco Umbrella Rank: 5598
3 KB
12 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 92735
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net Failed
2631dc94-7650-4c53-899f-3f4144a09e75.t.ssp.hinet.net Failed
5 KB
9 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 512
ep2.adtrafficquality.google — Cisco Umbrella Rank: 514
45 KB
8 popin.cc
api.popin.cc — Cisco Umbrella Rank: 22807
tw.popin.cc — Cisco Umbrella Rank: 125846
log.popin.cc — Cisco Umbrella Rank: 93722
r.popin.cc — Cisco Umbrella Rank: 102226
97 KB
7 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1135
56 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 200657
storage.reurl.cc — Cisco Umbrella Rank: 279374
7 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 610
bidder.criteo.com — Cisco Umbrella Rank: 1746
745 B
5 onevision.com.tw
onead.onevision.com.tw — Cisco Umbrella Rank: 153929
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 116
22 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 129
230 B
3 tagtoo.co
ad.tagtoo.co — Cisco Umbrella Rank: 167837
uec.tagtoo.co — Cisco Umbrella Rank: 130520
ecs.tagtoo.co — Cisco Umbrella Rank: 121351
62 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3260
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 20685
3 KB
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 3132
ups.analytics.yahoo.com — Cisco Umbrella Rank: 830
1 KB
3 geniee.jp
cpt.geniee.jp — Cisco Umbrella Rank: 35259
70 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 107
404 KB
2 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 143006
336 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1557
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 564
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1587
728 B
2 re-news.tw
re-news.tw
31 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 255
80 KB
2 guoshipartners.com
ad-specs.guoshipartners.com — Cisco Umbrella Rank: 181880
24 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 427
59 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1907
7 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3358
8 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 1016
199 B
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 8835
1011 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 7227
730 B
1 racingcharger.tw
img.racingcharger.tw
152 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
67 KB
1 prnasia.com
mma.prnasia.com
12 KB
1 yimg.jp
yads.c.yimg.jp — Cisco Umbrella Rank: 31472
58 KB
0 alphaloan.co Failed
blog.alphaloan.co Failed
0 creditcards.com.tw Failed
creditcards.com.tw Failed
206 38
Domain Requested by
25 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
23 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
22 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
12 t.ssp.hinet.net api.popin.cc
cdn.holmesmind.com
t.ssp.hinet.net
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
8 ad2.apx.appier.net 4 redirects reurl.cc
7 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
6 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
securepubads.g.doubleclick.net
6 ad.holmesmind.com cdn.holmesmind.com
5 onead.onevision.com.tw ad-specs.guoshipartners.com
reurl.cc
5 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
www.googletagmanager.com
5 storage.reurl.cc reurl.cc
4 bidder.criteo.com static.criteo.net
4 gocm.c.appier.net 4 redirects
4 www.facebook.com reurl.cc
3 www.google.com ep2.adtrafficquality.google
3 log.popin.cc reurl.cc
3 ep1.adtrafficquality.google pagead2.googlesyndication.com
securepubads.g.doubleclick.net
reurl.cc
3 api.popin.cc reurl.cc
api.popin.cc
3 cpt.geniee.jp reurl.cc
cpt.geniee.jp
3 www.googletagmanager.com reurl.cc
www.googletagmanager.com
2 prebid.scupio.com cdn.holmesmind.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
2 ps.eyeota.net 1 redirects reurl.cc
2 match.adsrvr.org 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 analytics.google.com www.googletagmanager.com
2 re-news.tw storage.reurl.cc
reurl.cc
2 connect.facebook.net storage.reurl.cc
connect.facebook.net
2 ad-specs.guoshipartners.com reurl.cc
2 cdn.jsdelivr.net reurl.cc
1 c352bfd00f479b20a7eddb69bb12a57f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 f1874c75e8614ef276d61a2a1301b50d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 r.popin.cc reurl.cc
1 ecs.tagtoo.co ad.tagtoo.co
1 uec.tagtoo.co api.popin.cc
1 ad.tagtoo.co api.popin.cc
1 tw.popin.cc api.popin.cc
1 adx.holmesmind.com pagead2.googlesyndication.com
1 gum.criteo.com static.criteo.net
1 5fa805c3a361b91ca2fbc7e539aa4ad0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 trc.taboola.com reurl.cc
1 cms.analytics.yahoo.com 1 redirects
1 static.wixstatic.com reurl.cc
1 s.w.org reurl.cc
1 img.racingcharger.tw reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 yads.c.yimg.jp cpt.geniee.jp
1 reurl.cc
0 2631dc94-7650-4c53-899f-3f4144a09e75.t.ssp.hinet.net Failed reurl.cc
0 32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net Failed reurl.cc
t.ssp.hinet.net
0 blog.alphaloan.co Failed reurl.cc
0 creditcards.com.tw Failed reurl.cc
206 61

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R11		 2025-03-14 -
2025-06-12		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
storage.reurl.cc
WR3		 2025-03-14 -
2025-06-12		 3 months crt.sh
*.google-analytics.com
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.g.doubleclick.net
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.geniee.jp
GeoTrust TLS RSA CA G1		 2024-07-30 -
2025-08-30		 a year crt.sh
ad-specs.guoshipartners.com
Go Daddy Secure Certificate Authority - G2		 2025-01-08 -
2026-01-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2025-01-02 -
2025-04-02		 3 months crt.sh
onead.onevision.com.tw
R10		 2025-02-03 -
2025-05-04		 3 months crt.sh
wp.re-news.tw
WR3		 2025-03-04 -
2025-06-02		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2025-02-07 -
2026-03-06		 a year crt.sh
*.google.com
WE2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.doubleclick.net
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-11-23		 a year crt.sh
gbyhn.com.tw
WE1		 2025-03-06 -
2025-06-04		 3 months crt.sh
img.racingcharger.tw
R11		 2025-02-15 -
2025-05-16		 3 months crt.sh
s.w.org
E6		 2025-02-28 -
2025-05-29		 3 months crt.sh
*.wixstatic.com
R11		 2025-01-23 -
2025-04-23		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
oa.openxcdn.net
WR3		 2025-03-12 -
2025-06-10		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2025-02-12 -
2025-05-13		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-03 -
2025-05-03		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.popin.cc
Secure Site Pro CA G2		 2024-09-23 -
2025-10-24		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2025-03-06 -
2026-04-07		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-09 -
2025-05-10		 3 months crt.sh
adtrafficquality.google
WR2		 2025-03-10 -
2025-06-02		 3 months crt.sh
ad.tagtoo.co
WR3		 2025-02-20 -
2025-05-21		 3 months crt.sh
uec.tagtoo.co
WR3		 2025-02-23 -
2025-05-24		 3 months crt.sh
*.t.ssp.hinet.net
HiPKI OV TLS CA - G1		 2025-02-12 -
2026-02-12		 a year crt.sh
ecs.tagtoo.co
WR3		 2025-03-22 -
2025-06-20		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2024-04-05 -
2025-04-30		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2024-09-27 -
2025-10-28		 a year crt.sh

This page contains 32 frames:

Primary Page: https://reurl.cc/XqAx30
Frame ID: 65BF2E2175C0FB7508B690CDFBDFC8FF
Requests: 64 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Freurl.cc%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 80906487DD26A921EC18BFF2A1FD42C6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-N394QBRGC0&gacid=1468600448.1742856748&gtm=45je53l1v897965293za200zb9181474282&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102015666~102482433~102788824~102803279~102813109~102887800&z=2122411848
Frame ID: ECF6DEDE75DF70B53F65E38C1C5CC23B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 7FA3AD615780D06527267EF67614FF67
Requests: 1 HTTP requests in this frame

Frame: https://5fa805c3a361b91ca2fbc7e539aa4ad0.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Frame ID: 6CE9FDD302C11F44410684EB31E1E2A3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyVmFnRaRum4Rs2W9RleVQS4O1pv7Z43AsPDAfdb6ACtDT7lq7h5rrWulTGwJp2iinsH5iMquivk1mDezfuL5VhrIJla_TzOFbvQRPwUUbI1mPnYgIDDuPIqKx-n6GWG3sOWKZR_Gm0fJjak_QoXiNZ8sCUSPdGYKDGbnXrvG1NaQkwNB31NAUyP2K5s1yEf9fIT94UhU3T2ZAsWUlgK7zw9AN0P3pE8BcxW9bFd1yqCm61dklpzfGnIU8HzyRLJpDLvkVdgRbSlqOQrGhTWVkhY9NcL1JzElz__vpzPkU8H7kLp4DmIRqpx5eALC9P3J4QmXr3lcDRP5KPPxzTb5W_aeqy2gAbNuQjapoOZVhd-rR9d1-iTa4pR0k6yS8uROxmS4-7B2yZsmWU8QJVE_52-8Ybx8LGBgw5R_9nQXhvDxCugYRbUXR4w&sai=AMfl-YQLjU5rXfw1co0-jYbBKLxCH0K9R8aA7TC5kTmzjAbvoR0YDmOVhzf8vdMAh9bm2yuGDQu8yD0qZ0A_ImMeNJ09ZXUPdoOCoXJnIi7cd9d77YXmSMZXKX8D6ysa&sig=Cg0ArKJSzJ-GZnxf2LewEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C28D211F23E9DF5231595F68D08813AA
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzyFoZVSekmMe8I0VuKcjFtTkOiztRnZ1a0MNAF0ofESJJ0hZgqP3iK-g4BcsYs_p10PCuOL05uAzw7GU3WYtebOdJf7a_2zIgvNV8NKACYTORfdf5u5ek5ImVp32-o1zcYht3tbhyDZM86ThNyCIjiwKoAj-dOZsrsac73Rjygju3x0o6MDBhH8GgJladaz9iuZ5FBeggeO0FkhJE6J0MhDcVsVqBZY9rujtkp9jo50b3_1OX8rvaxWOB3FiC2bDlLjQpHWnd5oY66MtQBBBL_qvNMEwlhGCRTqub_yn1XQbUlEyL1_R8X0NNq-8_x4IrISvtIEThhHzPieTsRTJPsOQgKNVPeI1d3nrnMWC1kKxPhpiOLBtjuIxK4A01rvPE4ZV26oaN9uHRVZ5h6FRtxQ-vF5AjbUufwxG1SPDrAASwLDnWQJkJ4A&sai=AMfl-YT9Iq4v6MYOBXNTc0E2l7mPCi-bdNuW94mWmbfmdfPYeWQWdaGQnjbW8qJwtMrYRxNIiNVYfuCTMXbEQ8Y6D1RgPiBAN2msRgvAM7siZe7u3DeLgIZ3xuAS-dfj&sig=Cg0ArKJSzGoTfTd3QxZsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0EF3B3545A4B28A6920AB4C673CF86EC
Requests: 24 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj_pJuUdUNo-5A9Rb1e1KOPfyr42a8e6webjpqPozSq2jk8rYOSCb3lwrmCLMjUKtPy3YQgXKNDAJyJQ4KCYVHvkr4v19V0quDRK3dkw7RgoL0DVHIuYvEbxTmdLafYTRtIlhvkaksztG3wjG_LlwAYa-34yxaqGJEmbUV0mgii3GvdNgWQMM50Pjih-Vae68-BnF5Hj1LBVfKEb3fG_JAlBAM1vsOB88fN8YeCbqVKs_wgxG1aMSnMVRDVm6t52CIpfC5IFMseXrXlEPq0fvyy_trFYYGVtgYNENhxelKFVpyRTsYvr_rao0PD0I3xfEWPlCkCPZvvzjsL7F1OkqD2KoUY75-_1Xg2gSYpcW4k-B1PBJAXiL0EdH8-gi66B0wJSHM8OGVeMAfzER97fgwZ0lN_pl6YZypiabuuzzE9wEjnONv5UVgHntTzN9yeng&sai=AMfl-YRzJKVeuiLa-0xXLncWOEH-kDqbvXGa-vnzqb5t4XuAGcgwfgEX3CW-5Cmg7SeIY8nNKQxLFgAN0mJsIYM2miq0aYrno5YX8W8-_9ZzFppCdiIvwMXu1YljefVN&sig=Cg0ArKJSzIG5gSI5zzpsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 598A24E9B7F65DBA1429683653F1F468
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX6XBCXSbjcf1h7BQOyXsek3BJJQVZmivAHtQao-miKgK1vyEH2NifnZOOS-S0OLK_zTjNVGpdwW7yGZgGf71z2MvHKQJhFpx9f-ZKelrPLStGgCYhkw4wpKj3N4XU0w8pdPL23jJqFYQs7vwkjhAEvu4mx9TZJl_LUsDOo8Qx38DeOndt90twM8-4UmmAuYo1uG7hkpGdaDi00uHKYt1-OdEgVJA_HL9IOJKCBeZrimMOFdW7zh2vPMU--QWzxhZkbxVTvm9RlEIZWKfwxrVGhGsCSQ_K0E9Qj0Hc2_FhVA6sShbx66000IMB0CYz2mus0JwPR-yWNka3gUiBVKgMaLvsN23kLRVhgn2R7Wd5sSWgR01tuK6_qJE_C13K71Ia0xQue_QFCPIORtUE5XnEm6YtJkwBkFr3671qZW859axvXrUHXGgjJ7sZcFCL4kI&sai=AMfl-YQPuthStPcYKaIY6uG8P3i5rPwOsXqPllgIXE3HJj3q_w9-BCill7xu5IIRHk0suwvZIZu33HMSiYy4_umD0AayjQEKnr8p4sRTicgTYvOkdwkpuwIVKV292Pad&sig=Cg0ArKJSzBn72BfgbW5zEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C4F0D14D4F71CCA2B146B9D4BC538E7D
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc&gdpr=0&gdpr_consent=
Frame ID: 78CD4AB45109F1911450B5266C581750
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 7D9CAA9C4F480686F5D5BD8E17E4AEA3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 45FD3470C53A218413A67CEF93D0BBA0
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3476A54DF79C34ADC0C54AADF7A40330
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 2BAD2D559F8EDCB558EF19EF6C181768
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250319/r20190131/zrt_lookup.html
Frame ID: 40D1D29740A4C1861D88754BA986379C
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
Frame ID: 8573F4F6A7B43AAAC0C73351BC6E65D1
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: EB12830F8309F35794577BDA09438F0E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 120A4AE237CB016F217E050DD8123E00
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6DAE35C8BBD9089DFF8D21C1507FDF78
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3F689EDDF53E604975A3FB3BFF81E1CF
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 6831AA742A903AFDB1453829682DA581
Requests: 1 HTTP requests in this frame

Frame: https://f1874c75e8614ef276d61a2a1301b50d.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Frame ID: 0784F6A8650A5DD4247D8D60370021E8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 9D76C060636C654B2F30761CE42618FD
Requests: 1 HTTP requests in this frame

Frame: https://c352bfd00f479b20a7eddb69bb12a57f.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Frame ID: B681E3D939E755CEC3154C5C0015255B
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: D0559FB2741E09BC32B6C6CA2B8B6D8D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81FE2B385E8AD147BAE5A8029E3DB606
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssh1g5vY1CSwmPkrlYaa_gwAPDsQrZfsRQhILy7VvDIJG3qkb0Bfpeb_-J1xY3T3wqA_iiVGQuXmQxQ1vivmgjlkHZh_4xysXlDuaEzL_eJAwhgam2dLEueGZJPmQhPPi9tzz8on6F9KdPALAsW5UiFhFkS-OYpWaoq44U0ABs83aoFbFzunoppKROL1xhzmDSEPGl0kTn7UI1RMz3v73ZiP8sln_u8hdPGda9ipcpdlnXHlnB3AwIUj61UPivur31ApR6b_cWizmbLaUA1B42KmfdYmAnAUQxOmH3gYohrPTcdr9IEfDqW9HS0sMu6VQqR0kVgAzoNVEadWCSw1tXTrRb2tmyh-NV48S2f1ZsMYIFFFTDZLMs-iaKIJFVUBLYig_3TYcZM30wi466CFANgMMyG0lu4bsu-LqTy5EuwZC7YRxFYgxEwpKMdFYIPcKtIiPGl-mp6g&sai=AMfl-YSkXg1P51xKYGP8uin4s97za_39PMwENQ9jRAevNtKGIuA2eKQYpr5peV6NAGwxMFu3NB_cBjz_UsohakwPvWy1KuuB1sS_a7Ic2lCMyG33PiHnqDG0FJ-X0g7C&sig=Cg0ArKJSzOk8h_irCjb4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 075A56CA3913303B2B8CF3265B816828
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce
Frame ID: 5EB66394AC834E73DDBB06F182F31490
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 399FC48FCB09B6365A14AAC8E3406879
Requests: 23 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 6133CC6C9BDC7888EE34B84298A91111
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD110B7B3A1848666C051D87D7193C95
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8BE390FC2197E43249676AD544F29903
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dynamics 365 Customer Voice

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

206
Requests

91 %
HTTPS

30 %
IPv6

38
Domains

61
Subdomains

57
IPs

5
Countries

2994 kB
Transfer

9272 kB
Size

47
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA&verify=true HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/vzn?id=y-1y.aVMhE2p9CKAPl_MOdCk4HP9nSRCpvYniecQ--~A
Request Chain 44
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id} HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id} HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=bda557552ccc98991161318a602412a
Request Chain 45
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=r1jlltl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=r1jlltl&ttd_tpi=1 HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/ttd?id=5c44cf5a-c4c0-409e-bef2-a927afbea5d0
Request Chain 46
  • https://ps.eyeota.net/pixel?pid=3m51m51&uid=a9753e42-0902-11f0-a254-0242ac120002&t=ajs HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=a9753e42-0902-11f0-a254-0242ac120002&t=ajs
Request Chain 102
  • https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=2220942683&adf=3173046724&pi=t.ma~as.2784%2F13803&w=300&lmt=1742856751&url=https%3A%2F%2Freurl.cc%2FXqAx30&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1742856750523&bpp=333&bdt=477&idt=609&shv=r20250319&mjsv=m202503200101&ptt=5&saldr=sd&cookie=ID%3D822c81110b26fdfe%3AT%3D1742856749%3ART%3D1742856749%3AS%3DALNI_MZ81k4P6W8IJ9NlFHIJG0_naa0TLA&gpic=UID%3D00001000ed6f9cef%3AT%3D1742856749%3ART%3D1742856749%3AS%3DALNI_MadaIT3g3bKj-Nlg8DU9xcMkLXSJw&eo_id_str=ID%3D88283767ebc8a1e4%3AT%3D1742856749%3ART%3D1742856749%3AS%3DAA-AfjYiOiQ2g76rmOCrcMx7cTHX&correlator=5038302364088&frm=23&ife=4&pv=2&nhd=1&u_tz=-600&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1030&ady=108&biw=1600&bih=1200&isw=300&ish=250&ifk=2061651353&scr_x=0&scr_y=0&eid=95355501%2C95356498%2C95356506%2C31088249%2C95355301&oid=2&pvsid=2228132933401317&tmod=845799784&uas=0&nvt=1&fc=640&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.zgo2u3caugct&fsb=1&dtd=655 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
Request Chain 122
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YMk0KCABBU24ojQ6MOLhZw
Request Chain 127
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=FwYcCicjBcifo4k0MeLhZw
Request Chain 188
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=KvMIRlI4CWKpTWakMeLhZw
Request Chain 189
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=GI_WJotqD8GSPF7rMeLhZw

206 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XqAx30
reurl.cc/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
91cb9c957e2a074b32b3b9edf1d0c7272281c6be2e4ff03574c5b2cd41800959

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Mar 2025 22:52:27 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://ecv.microsoft.com/dDTk9Vwh4y
vary
Accept-Encoding Origin
x-request-id
55282b91-4a2a-4aa9-bbd5-1ad43f83c423
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
age
1962874
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Akp%2BXk2n9ibjB5IuMjlVi97DHpd8oJW7at18WptsDk3WCtX9OMbrHclpT1GPrVAu2ybp2UHHj25HzRg3lTYHJibpSopFc2eZXrbwXtBL98WGW4EKsXe08XwBkuD%2FIijM5DZQIj1%2FYTMkmyYNW5g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 24 Mar 2025 22:52:27 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-eddf8230028-FRA, cache-lga21986-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
9259bd316d58cbab-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
25648
server
cloudflare
x-jsd-version
4.3.1
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-request-id
9ca9dce0-ee0b-493c-841f-37a941eff253
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
21478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 16:54:29 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
904
pixel.js
storage.reurl.cc/javascripts/ 		429 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-request-id
20a439ea-8290-446d-baf1-a2036b561b2d
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
age
3715
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
date
Mon, 24 Mar 2025 21:50:32 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
ga2.js
storage.reurl.cc/javascripts/ 		536 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-request-id
3cd12768-90ce-4d85-a765-f4a6cf3ead6e
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
11412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 19:42:15 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
348
js
www.googletagmanager.com/gtag/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63ca82ea17a3e4c4c6acf635f8e8f76298def9f63711f1ca4cb1a98c15ecabdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Mon, 24 Mar 2025 22:52:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
123328
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		438 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
715b95ed3f6c3d42f33b9cb1616430ae403a6d65d3f3034b0c4415bac2d820b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Mon, 24 Mar 2025 22:52:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
144661
x-xss-protection
0
server
Google Tag Manager
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7eb8a27626378cb6e9717bb2cc1212209cd9e152c362990ec00655672e556e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
484 / 20171 / m202503180101 / config-hash: 13793887222185163369
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33574
x-xss-protection
0
server
cafe
wrapper.min.js
cpt.geniee.jp/hb/v1/219632/1441/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.154 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
0614ad45d47a5da6d9880c2e175c88526cd223c16d2121e48bab3a9e1121f55d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=3600, private
content-encoding
gzip
etag
W/"67e15db0-2f10"
cross-origin-resource-policy
cross-origin
expires
Mon, 24 Mar 2025 23:52:28 GMT
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript
last-modified
Mon, 24 Mar 2025 13:27:12 GMT
server
nginx
ad-serv.min.js
ad-specs.guoshipartners.com/static/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.246.4 Los Angeles, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-246-4.hinet-ip.hinet.net
Software
HiNetCDN / OneAD
Resource Hash
8aad7f034c2e39ee145189b327d6b1df64240486e08c7eba41d399e7e72797a6

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
W/"67dbbf75-c7b9"
age
0
x-varnish
79110905
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Thu, 20 Mar 2025 07:10:45 GMT
cache-control
public, max-age=360
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
*
x-powered-by
OneAD
server
HiNetCDN
onead-lib.min.js
ad-specs.guoshipartners.com/static/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.95.246.4 Los Angeles, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS
168-95-246-4.hinet-ip.hinet.net
Software
HiNetCDN / OneAD
Resource Hash
1bf41ca1364230ce3a9cbbac1110ff4d7d287a9f978fa74297aa30117c4da9c0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
W/"67b5a55f-6100"
age
0
x-varnish
107515587
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified
Wed, 19 Feb 2025 09:33:19 GMT
cache-control
public, max-age=360
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
*
x-powered-by
OneAD
server
HiNetCDN
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
age
380835
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5IRSuNFVlN7fJd40IxuYHT5YRP1XAIrEH3BmsF6ooLST%2F7B1VqVNkSMOlOXQ92T2yD3kcZ2PFJJLrkPSPA%2FTgnPA1PbDC%2F710ADib0SI%2FKP5eI4SxgX5PoA2ooMMjv5KUpGfoQXA1nn4B4TPBI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 24 Mar 2025 22:52:27 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230020-FRA, cache-lga21954-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
9259bd317d5ccbab-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
33184
server
cloudflare
x-jsd-version
2.5.16
renews.js
storage.reurl.cc/javascripts/ 		404 B
401 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-request-id
23da054e-1ed0-4699-83a8-54eb16cdee0a
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
16276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 18:21:11 GMT
last-modified
Tue, 09 Jul 2024 09:45:35 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
282
loading.js
storage.reurl.cc/javascripts/ 		134 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-request-id
8f8fa477-030b-4698-8e04-948522f646f7
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
age
17210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 18:05:37 GMT
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public,max-age=28800
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
134
fbevents.js
connect.facebook.net/en_US/ 		252 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
52ca9d6996ed5bdc1cfafda56a1305e9b2228f958230ed4c815804df73772289
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-boGsE4kN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src 'nonce-boGsE4kN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=119, rtx=0, c=24, mss=1232, tbw=8349, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
01radWPnRAguuM012+ddDuWyUwUC+kl0fqIglwl3lj1MrJrXxF0KtXqLgk4st3+BxNcywfETZQjL4JjzlnuTcQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
64608
x-xss-protection
0
origin-agent-cluster
?1
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
age
3608
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 23:52:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 21:52:20 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20994
server
Golfe2
1675200226052423
connect.facebook.net/signals/config/ 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.190&r=stable&domain=reurl.cc&hme=c1f2cecb0bd2e60711f2156ceae0254b57f69ec526dbc6c13633615b2168eda4&ex_m=71%2C124%2C109%2C113%2C62%2C4%2C102%2C70%2C16%2C98%2C90%2C51%2C55%2C178%2C181%2C193%2C189%2C190%2C192%2C29%2C103%2C53%2C78%2C191%2C173%2C176%2C186%2C187%2C194%2C135%2C41%2C199%2C196%2C197%2C34%2C148%2C15%2C50%2C203%2C202%2C137%2C18%2C40%2C1%2C43%2C66%2C67%2C68%2C72%2C94%2C17%2C14%2C97%2C93%2C92%2C110%2C52%2C112%2C39%2C111%2C30%2C95%2C26%2C174%2C177%2C145%2C87%2C57%2C85%2C33%2C74%2C0%2C96%2C32%2C28%2C83%2C84%2C89%2C47%2C46%2C88%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C58%2C63%2C65%2C76%2C54%2C104%2C27%2C77%2C9%2C8%2C81%2C48%2C21%2C106%2C105%2C107%2C99%2C10%2C20%2C3%2C38%2C75%2C19%2C5%2C91%2C82%2C44%2C35%2C86%2C244%2C171%2C122%2C160%2C153%2C2%2C36%2C64%2C42%2C108%2C45%2C80%2C69%2C114%2C61%2C60%2C31%2C100%2C59%2C56%2C49%2C79%2C73%2C24%2C101%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
0c310205ab2dbf30ae9b8a24ee1359f493e1bf5c982c124e42af22b759ac07ce
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src 'nonce-2xOB56Cl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src 'nonce-2xOB56Cl' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=119, rtx=0, c=82, mss=1232, tbw=77057, tp=74, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
D6N2/RlGr4nBWwkJg8HPalsIvUf8EiXxGzXNykHKFOeAAgxa6tuQkgvWhqwY5o3mOrVNEYQ8A0atTAsnBDpv4g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer
0
document-policy
force-load-at-top
content-length
16786
x-xss-protection
0
origin-agent-cluster
?1
oid
onead.onevision.com.tw/v2/et/ 		374 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/et/oid?cb=window.text_etag_callback_2rcgv
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
effb1e81657d32209892d95ae4da584ac7fc28b8a2d8832e4126717f9c4bdbfc

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-onead-version
61c8a0f6
etag
a9753e3b-0902-11f0-a254-0242ac120002
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
566269183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript
last-modified
Mon, 24 Mar 2025 22:52:28 GMT
cache-control
max-age=600
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
374
x-onead-backend
onead-http-event-csbv-gohttp
server
gws
x-powered-by
OneAD
page.php
www.facebook.com/plugins/ Frame 8090 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Freurl.cc%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-HpNTmOg8' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-HpNTmOg8' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:28 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7485512735163799821&cpp=C3&cv=1021201983&st=1742856748560"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7485512735163799821&cpp=C3&cv=1021201983&st=1742856748560", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8354, tp=13, tpl=0, uplat=69, ullat=0
x-fb-debug
02KAqqqAeFRS1T29E5shoAVg60vgAtBHVtx8LXXkU3cPsvbOlKEhClYMeUEx7TdJjRMB8Hb5bOklfoQ9oGOrZg==
x-xss-protection
0
feeds
re-news.tw/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c280d38004a82811e8659f68bbd6dc8dde7f7c6a95d3172d7ddec4acf8c96d6f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
public,max-age=3600
etag
W/"19c2-9Jo9tz+a9s2SjM8/XubeyhnT+f4"
age
2924
via
1.1 google
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6594
date
Mon, 24 Mar 2025 22:03:44 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
vary
Origin
yads-async.js
yads.c.yimg.jp/js/ 		210 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.249.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
/
Resource Hash
e7e4fb9b3b1239835abc60fd16d2e64da36bfa919b8e81f11eea442c2bbf05f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
etag
"fad34f610280b86070657d734b70d7bc"
age
226
x-content-type-options
nosniff
date
Mon, 24 Mar 2025 22:48:43 GMT
content-type
text/javascript
last-modified
Tue, 18 Mar 2025 07:38:42 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=600, stale-while-revalidate=1200
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
ats-carp-promotion
1
x-amz-request-id
23709fbf-9d03-49e4-9a4c-87df37d9b3b9
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
58654
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
gnshbrequest-v4.23.3.js
cpt.geniee.jp/hb/v1/lib/ 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.23.3.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/219632/1441/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.154 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
bc73ed340ef20534b613afea9bd95f199a55b77beab7c472e92ad92b4e39a1aa

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=86400, private
content-encoding
gzip
etag
W/"67d140eb-2d3d7"
cross-origin-resource-policy
cross-origin
expires
Tue, 25 Mar 2025 22:52:28 GMT
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript
last-modified
Wed, 12 Mar 2025 08:08:11 GMT
server
nginx
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/ 		524 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
24c55f7fd45388e8a6c4fb7fc8bdae53992181227bb8f77f1d4dc04be9f15556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
8549058430066818552
age
44113
x-content-type-options
nosniff
expires
Tue, 24 Mar 2026 10:37:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 10:37:15 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168179
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/j/ 		3 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=261007899&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FXqAx30&ul=en-us&de=UTF-8&dt=Dynamics%20365%20Customer%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1079448621&gjid=237386628&cid=1468600448.1742856748&tid=UA-102456694-1&_gid=1434124153.1742856748&_r=1&_slc=1&z=1244265041
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/XqAx30

Response headers

report-to
{"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:28 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:175:0
content-length
3
server
Golfe2
collect
www.google-analytics.com/ 		35 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=261007899&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FXqAx30&ul=en-us&de=UTF-8&dt=Dynamics%20365%20Customer%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTYyLjI0NS4yMDYuMjQ1&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1468600448.1742856748&tid=UA-102456694-1&_gid=1434124153.1742856748&z=788888126
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

age
39071
report-to
{"group":"ascnsrsgac:163:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 12:01:17 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:163:0
content-length
35
server
Golfe2
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1742856748444&sw=1600&sh=1200&v=2.9.190&r=stable&ec=0&o=4252&fbp=fb.1.1742856748440.731211981565462824&cs_est=true&pm=1&hrl=d962bb&ler=empty&cdl=API_unavailable&it=1742856748272&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8402, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1742856748444&sw=1600&sh=1200&v=2.9.190&r=stable&ec=0&o=4252&fbp=fb.1.1742856748440.731211981565462824&cs_est=true&pm=1&hrl=d962bb&ler=empty&cdl=API_unavailable&it=1742856748272&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-wRgONnDy' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7485512735583045477&cpp=C3&cv=1021201983&st=1742856748636"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7485512735583045477&cpp=C3&cv=1021201983&st=1742856748636", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-wRgONnDy' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
iL1/VD19a50weGKxJO+h/XD2+ohasyGEGi6+F6xYOnlUip4G3gQe1sHd1W5X55q6a9Yj0WK3Ixi1SvxjGtDcUQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
GOOD; q=0.7, rtt=117, rtx=0, c=24, mss=1232, tbw=8722, tp=16, tpl=0, uplat=29, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/gpt
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
724bf9b6cead6b42a8435c2dd63959f95a2868fc29d0c19f44b7f26c83a18cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6636832657936373745
age
30091
x-content-type-options
nosniff
expires
Mon, 31 Mar 2025 14:30:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 14:30:57 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23172
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503200101"
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZDFZCDVDK1&gtm=45je53o0h2v9181474282za200&_p=1742856747805&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109&cid=1468600448.1742856748&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1742856748&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FXqAx30&dt=Dynamics%20365%20Customer%20Voice&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1810
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to
{"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:87:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/ 		438 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0&l=dataLayer&cx=c&gtm=45je53o0h2v9181474282za200&tag_exp=102482433~102788824~102803279~102813109
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c80136a03038c067ac796ebdd918ec9895a37cf758d6c56da2acff6862defdab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
expires
Mon, 24 Mar 2025 22:52:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1020:0
content-length
144927
x-xss-protection
0
server
Google Tag Manager
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je53l1v897965293za200zb9181474282&_p=1742856747805&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102015666~102482433~102788824~102803279~102813109~102887800&cid=1468600448.1742856748&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1742856748&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FXqAx30&dt=Dynamics%20365%20Customer%20Voice&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1899
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
report-to
{"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:137:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
552 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1468600448.1742856748&gtm=45je53l1v897965293za200zb9181474282&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102015666~102482433~102788824~102803279~102813109~102887800
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:112:0
report-to
{"group":"ascnsrsggc:112:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:112:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:112:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame ECF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-N394QBRGC0&gacid=1468600448.1742856748&gtm=45je53l1v897965293za200zb9181474282&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102015666~102482433~102788824~102803279~102813109~102887800&z=2122411848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:29 GMT
expires
Mon, 24 Mar 2025 22:52:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsrv
onead.onevision.com.tw/v2/ 		177 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/adsrv?version=20240208&uid=1000480&category=-1&cookie=true&ip=&guid=a9753e42-0902-11f0-a254-0242ac120002&channel=0&volume=0.5&r=&adid=&response_freq_multiple=native-drive.0&web_location=https%3A%2F%2Freurl.cc%2FXqAx30&title=Dynamics%20365%20Customer%20Voice&fp=04c6d3e15a52f9e0d5fe2d47f4a29cde&_t=1742856748757&cb=ONEAD_text_response_2rcgv&pb=0&spid=&bgid=0
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
35adab997afb8e674c98dca1639696be4d2b8b5520bbc93f3046bde97cd2157f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-onead-version
61c8a0f6
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
641174806
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-onead-guid
a9753e42-0902-11f0-a254-0242ac120002
access-control-allow-credentials
true
x-onead-message
browser_incompatible
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
177
x-onead-backend
onead-http-query-xvl9-gohttp
server
gws
x-powered-by
OneAD
128002626
fundingchoicesmessages.google.com/i/ 		196 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/128002626?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3edfc4148a9c1d34e410db1a5d73369e751e2c450fd5384123a93cdbad390d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-heNETo0-1v7NkeXVO-pmYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmJw1ZBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjWHmnfzybwYM3MDkYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjUwNjI2M9A7P4AkMA_2Urmg"
content-security-policy
script-src 'report-sample' 'nonce-heNETo0-1v7NkeXVO-pmYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.26.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.26.160.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
public,max-age=3600
etag
W/"5fad-191b5b37a20"
age
3401
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24493
date
Mon, 24 Mar 2025 21:55:47 GMT
last-modified
Tue, 03 Sep 2024 02:25:24 GMT
x-powered-by
Express
content-type
image/png
Microip_Inc_Logo.jpg
mma.prnasia.com/media2/2428123/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/2428123/Microip_Inc_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:60e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
039e147a3d5e4b0857c0230686525f58ab3b688ea092c8d963be13ac1ae0bc19

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cf-bgj
h2pri
cf-cache-status
HIT
age
33657
access-control-allow-methods
GET, POST, OPTIONS
expires
Mon, 24 Mar 2025 13:31:33 GMT
server-timing
intid;desc=2bb2b00bfd570674
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
image/jpeg
last-modified
Mon, 24 Mar 2025 13:31:32 GMT
vary
*, Accept-Encoding
access-control-allow-headers
Content-Type
cache-control
public, max-age=1
cf-ray
9259bd39ddb214dc-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
12105
x-powered-by
ASP.NET
server
cloudflare
%E5%8F%B0%E7%81%A3-Pay-%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6%E8%88%87%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2020/10/ 		0
0
1742800023-1384b5e7572f24a117a0ac78b2d642f2-840x525.jpg
img.gbyhn.com.tw/2025/03/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2025/03/1742800023-1384b5e7572f24a117a0ac78b2d642f2-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
395afb1491e62cb0666325882b2d9ffd6258f76bc2da4f8c163e0b484d82927e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cf-cache-status
HIT
age
49951
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FW8GueS4Nb2F6MaYrdl%2ByHTFg8Ua8Ib9nqwK3V16Rac1il66J1Yc6kbXOTiPf%2BL0Ko0d1OGla6MjRS7L3EY6KDUm%2BtP1K4MOj0bp1EPViDHWdSh7ARsORCnJETe9HHO4K6Ot"}],"group":"cf-nel","max_age":604800}
expires
Mon, 31 Mar 2025 07:08:29 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=100406&min_rtt=100367&rtt_var=37665&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4136&recv_bytes=4386&delivery_rate=32783&cwnd=12000&unsent_bytes=0&cid=fb4dc237877124e5&ts=123&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
image/jpeg
last-modified
Mon, 24 Mar 2025 07:07:03 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
9259bd39ef0de769-DEN
accept-ranges
bytes
content-length
67916
x-turbo-charged-by
LiteSpeed
server
cloudflare
2025032402565924.jpg
img.racingcharger.tw/wp-content/uploads/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2025032402565924.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.1.220.9 , Taiwan, ASN131149 (YUANJHEN-AS-TW Yuan-Jhen Info., Co., Ltd, TW),
Reverse DNS
ph2.g-dns.com
Software
Apache /
Resource Hash
95634eb651772e9ecc489c8a2e12cccb71cd06089ae3f03f8dab3654ce669c8c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

accept-ranges
bytes
content-length
155748
date
Mon, 24 Mar 2025 22:52:29 GMT
last-modified
Mon, 24 Mar 2025 02:57:04 GMT
content-type
image/jpeg
server
Apache
1f449.png
s.w.org/images/core/emoji/15.0.3/72x72/ 		423 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/72x72/1f449.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=315360000
x-nc
HIT bur 2
access-control-allow-methods
GET, HEAD
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
423
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
image/png
last-modified
Tue, 30 Jan 2024 01:21:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
file.png
static.wixstatic.com/media/9a254c_bd6ab9dc57c349009b5f1eedc6fb236d~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		1010 KB
1011 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/9a254c_bd6ab9dc57c349009b5f1eedc6fb236d~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:ba00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.27.1.1 /
Resource Hash
76e0fe9b59aa81409567a77b7f5cfaebcbe6d1a5586d4979c5a83a327f68d517

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-cf-id
KAKLvJCBTaK9b3m_yxN-u2wTHp__jbQEBDfSnEnFHEcXoUrYuHn2Lw==
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
age
5826631
via
1.1 google, 1.1 0880eac0689b5b1cff547e39e0daa976.cloudfront.net (CloudFront)
x-wixmp-trace
projects/wix-media-infrastructure/traces/2ri7cBp46xWd33dO3u9uPvVzHvF
access-control-allow-origin
*
x-seen-by
image-manipulator-79c6fd85fd-gsnqc
content-length
1033732
alt-svc
h3=":443"; ma=86400
date
Thu, 16 Jan 2025 12:21:58 GMT
content-type
image/png
x-cache
Hit from cloudfront
server
openresty/1.27.1.1
x-amz-cf-pop
YUL62-P1
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		0
0
policy-check
cpt.geniee.jp/hb/v1/ 		12 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/policy-check?loc=https%3A%2F%2Freurl.cc%2FXqAx30&list_id=mid-219632&gam_id=gam-424536528%2Cgam-0
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v4.23.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.154 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-allow-origin
*
cache-control
max-age=10800, private
content-length
12
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
application/json
server
nginx
cross-origin-resource-policy
cross-origin
vzn
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA&verify=true
  • https://onead.onevision.com.tw/v2/pixel/vzn?id=y-1y.aVMhE2p9CKAPl_MOdCk4HP9nSRCpvYniecQ--~A
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/vzn?id=y-1y.aVMhE2p9CKAPl_MOdCk4HP9nSRCpvYniecQ--~A
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-onead-version
61c8a0f6
x-vendor
vzn
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
573409572
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-vendor-client-id
y-1y.aVMhE2p9CKAPl_MOdCk4HP9nSRCpvYniecQ--~A
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-csbv-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

strict-transport-security
max-age=31536000
location
https://onead.onevision.com.tw/v2/pixel/vzn?id=y-1y.aVMhE2p9CKAPl_MOdCk4HP9nSRCpvYniecQ--~A
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
text/html
server
ATS
ltm
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id}
  • https://bcp.crwdcntrl.net/map/ct=y/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id}
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=bda557552ccc98991161318a602412a
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/ltm?id=bda557552ccc98991161318a602412a
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-onead-version
61c8a0f6
x-vendor
ltm
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
237835977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-vendor-client-id
bda557552ccc98991161318a602412a
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-d11z-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

expires
0
cache-control
no-cache
location
https://onead.onevision.com.tw/v2/pixel/ltm?id=bda557552ccc98991161318a602412a
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Mon, 24 Mar 2025 22:52:29 GMT
pragma
no-cache
ttd
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=r1jlltl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=r1jlltl&ttd_tpi=1
  • https://onead.onevision.com.tw/v2/pixel/ttd?id=5c44cf5a-c4c0-409e-bef2-a927afbea5d0
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/ttd?id=5c44cf5a-c4c0-409e-bef2-a927afbea5d0
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-onead-version
61c8a0f6
x-vendor
ttd
age
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
x-varnish
237114585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
image/png
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
x-vendor-client-id
5c44cf5a-c4c0-409e-bef2-a927afbea5d0
x-status
okay
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
content-length
170
x-onead-backend
onead-http-event-d11z-gohttp
server
gws
x-powered-by
OneAD

Redirect headers

location
https://onead.onevision.com.tw/v2/pixel/ttd?id=5c44cf5a-c4c0-409e-bef2-a927afbea5d0
content-length
197
date
Mon, 24 Mar 2025 22:52:29 GMT
server
Kestrel
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=3m51m51&uid=a9753e42-0902-11f0-a254-0242ac120002&t=ajs
  • https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=a9753e42-0902-11f0-a254-0242ac120002&t=ajs
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=a9753e42-0902-11f0-a254-0242ac120002&t=ajs
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
HTTP/1.1
Server
52.54.69.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-69-117.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

Content-Length
1228
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Mon, 24 Mar 2025 22:52:29 GMT
Content-Type
application/javascript

Redirect headers

Location
/pixel/bounce/?pid=3m51m51&uid=a9753e42-0902-11f0-a254-0242ac120002&t=ajs
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Mon, 24 Mar 2025 22:52:29 GMT
cm
trc.taboola.com/sg/onedata/1/ 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/onedata/1/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-fastly-to-nlb-rtt
151015
x-timer
S1742856750.761173,VS0,VE153
x-vcl-time-ms
153
via
1.1 varnish
accept-ranges
bytes
x-cache
MISS
content-length
0
date
Mon, 24 Mar 2025 22:52:29 GMT
x-service-version
v1
server
nginx
x-cache-hits
0
x-served-by
cache-toj-leto2350031-TOJ
AGSKWxUomjfIRzpYn3MyYtddm1K2EWMokac3Y59puN1ApKfztn7UT5SKYCdx35P9mfgM1wsdC7vdDlHKHRkQyxCxok89_qoDpB-QaR4UMZo6mK_4xKj0QDcAc7KUYeuKXmiL9qnMY7bWpA==
fundingchoicesmessages.google.com/f/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUomjfIRzpYn3MyYtddm1K2EWMokac3Y59puN1ApKfztn7UT5SKYCdx35P9mfgM1wsdC7vdDlHKHRkQyxCxok89_qoDpB-QaR4UMZo6mK_4xKj0QDcAc7KUYeuKXmiL9qnMY7bWpA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyODU2NzQ5LDYyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZXVybC5jYy9YcUF4MzAiLG51bGwsW1s4LCJkYUh6ekRVd0hHUSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTMsOTUzNDAyNTVdXSJdLFsyOSwiZmFsc2UiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7a4ac9e3544a899db56271a02e57b354c525ae67b231c12a0c2c05898898405
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kauje67EYYqn3gCRtp5t6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmII1JBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjWHmnfzyaw4cP380xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpgbGRsZ6BmbxBYYAJNEsYA"
content-security-policy
script-src 'report-sample' 'nonce-kauje67EYYqn3gCRtp5t6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7FA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28858
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:44:31 GMT
expires
Mon, 24 Mar 2025 23:34:31 GMT
last-modified
Mon, 24 Mar 2025 19:44:53 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
553980
x-goog-stored-content-encoding
gzip
expires
Wed, 18 Mar 2026 12:59:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Tue, 18 Mar 2025 12:59:29 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AKDAyIvuhycBiZV9JeORnaJQHZmOjiL0vuW97VD_EUR507Gfo-1WAjwPJLIgsSbqvowsnZT2CV3ySGx02hF6
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

etag
861bdaf24bda5c0db45c6ebe1c94a9eb
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2729
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 05 Feb 2025 14:45:21 GMT
server
Google Frontend
x-cloud-trace-context
44acd8a91b1a3bf94742d30d3442cb56
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b6c5af2d5c532a14b5aa51656c9d5e8be329b1424ec1df2947ad2de309622448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-a641"
cross-origin-resource-policy
cross-origin
expires
Tue, 25 Mar 2025 22:52:29 GMT
access-control-allow-origin
*
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.29.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"678fc4ec-4599"
age
187596
cf-ray
9259bd3efcec28f6-LAX
expires
Thu, 27 Mar 2025 22:52:29 GMT
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
application/javascript
last-modified
Tue, 21 Jan 2025 16:01:48 GMT
vary
Accept-Encoding
server
cloudflare
ads
securepubads.g.doubleclick.net/gampad/ 		219 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3717478559314238&correlator=1199073899929340&eid=31089588%2C83321073%2C95340253%2C95340255&output=ldjh&gdfp_req=1&vrg=202503180101&ptt=17&impl=fifs&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13848%2C18535%2C13856%2C13860%2C14209%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=300x250%2C1x1%7C320x480%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100%2C300x250&ifi=1&didk=3663017418~954026992~3220679602~2335188262~1073006158~4279657583&dids=div-gpt-ad-1692339097859-0~div-gpt-ad-1706005027566-0~div-gpt-ad-1682415009667-0~div-gpt-ad-1682415043506-0~div-gpt-ad-1683598631228-0~div-gpt-ad-1683598657711-0&adfs=1641170635~~3999208325~~4276429512~3230137061&sfv=1-0-41&sc=1&cookie_enabled=1&abxe=1&dt=1742856749648&lmt=1742856749&adxs=1005%2C-9%2C245%2C-9%2C245%2C625&adys=108%2C-9%2C108%2C-9%2C455%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FXqAx30&vis=1&psz=380x250%7C0x-1%7C380x250%7C0x-1%7C1140x50%7C380x250&msz=350x250%7C0x-1%7C350x250%7C0x-1%7C1110x50%7C350x250&fws=0%2C2%2C0%2C2%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742856747587&idt=1230&adks=1451399479%2C4066066610%2C827794272%2C3475397127%2C3271617715%2C3242553145&frm=20&eoidce=1&td=1&egid=19957&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
81f73bb5f47a5466e291c670ef793588146ec4aaccf0831b7d184db4ce5fc221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
dcb
google-lineitem-id
6690069789,6405456366,6424070779,6295930452,6499557592,6499556608
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138468304473,138452341869,138456634296,138433089508,138462658624,138462658495
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
content-length
16000
x-xss-protection
0
server
cafe
container.html
5fa805c3a361b91ca2fbc7e539aa4ad0.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame 6CE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5fa805c3a361b91ca2fbc7e539aa4ad0.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:30 GMT
expires
Mon, 24 Mar 2025 22:52:30 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWkzSctx2rER-rtwOHR_rHX-w6GQW0Unxa-f2IjkydmRQptJxA0sABB8agnCOOeKxKSPzy1Qe-IvIWcqnYsY_Vz5LDi6QtkiEhjtlo8EDwUTmfr2AvbOxwodvhsKL8mC8bRvekK2g==
fundingchoicesmessages.google.com/f/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWkzSctx2rER-rtwOHR_rHX-w6GQW0Unxa-f2IjkydmRQptJxA0sABB8agnCOOeKxKSPzy1Qe-IvIWcqnYsY_Vz5LDi6QtkiEhjtlo8EDwUTmfr2AvbOxwodvhsKL8mC8bRvekK2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyODU2NzQ5LDc3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcmV1cmwuY2MvWHFBeDMwIixudWxsLFtbOCwiZGFIenpEVXdIR1EiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsyNCwiIl0sWzI1LCJbWzk1MzQwMjUzLDk1MzQwMjU1XV0iXSxbMjksImZhbHNlIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b91ee463bc679d15657ebbd5be77babc22f0797d2944262a66f2555b86db6192
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Y7GHbsZBfaB_XTdB8BN62A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:29 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmII0pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjWHmnfzybw4PKp6cxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpgbGRsZ6BmbxBYYAF3ksEA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Y7GHbsZBfaB_XTdB8BN62A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
view
securepubads.g.doubleclick.net/pcs/ Frame C28D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyVmFnRaRum4Rs2W9RleVQS4O1pv7Z43AsPDAfdb6ACtDT7lq7h5rrWulTGwJp2iinsH5iMquivk1mDezfuL5VhrIJla_TzOFbvQRPwUUbI1mPnYgIDDuPIqKx-n6GWG3sOWKZR_Gm0fJjak_QoXiNZ8sCUSPdGYKDGbnXrvG1NaQkwNB31NAUyP2K5s1yEf9fIT94UhU3T2ZAsWUlgK7zw9AN0P3pE8BcxW9bFd1yqCm61dklpzfGnIU8HzyRLJpDLvkVdgRbSlqOQrGhTWVkhY9NcL1JzElz__vpzPkU8H7kLp4DmIRqpx5eALC9P3J4QmXr3lcDRP5KPPxzTb5W_aeqy2gAbNuQjapoOZVhd-rR9d1-iTa4pR0k6yS8uROxmS4-7B2yZsmWU8QJVE_52-8Ybx8LGBgw5R_9nQXhvDxCugYRbUXR4w&sai=AMfl-YQLjU5rXfw1co0-jYbBKLxCH0K9R8aA7TC5kTmzjAbvoR0YDmOVhzf8vdMAh9bm2yuGDQu8yD0qZ0A_ImMeNJ09ZXUPdoOCoXJnIi7cd9d77YXmSMZXKX8D6ysa&sig=Cg0ArKJSzJ-GZnxf2LewEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C28D 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
a471e9901a1971743ef905770e5de060e24ea0e085dde04096f5adf8182bf67f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
748000979506655825
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
15183
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C28D 		219 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
3df3e9a13132631718a2843cf49fff08f798133b4e6957562e31d48e42a0078b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
9225633084484645003
age
3540
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 21:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68912
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 0EF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzyFoZVSekmMe8I0VuKcjFtTkOiztRnZ1a0MNAF0ofESJJ0hZgqP3iK-g4BcsYs_p10PCuOL05uAzw7GU3WYtebOdJf7a_2zIgvNV8NKACYTORfdf5u5ek5ImVp32-o1zcYht3tbhyDZM86ThNyCIjiwKoAj-dOZsrsac73Rjygju3x0o6MDBhH8GgJladaz9iuZ5FBeggeO0FkhJE6J0MhDcVsVqBZY9rujtkp9jo50b3_1OX8rvaxWOB3FiC2bDlLjQpHWnd5oY66MtQBBBL_qvNMEwlhGCRTqub_yn1XQbUlEyL1_R8X0NNq-8_x4IrISvtIEThhHzPieTsRTJPsOQgKNVPeI1d3nrnMWC1kKxPhpiOLBtjuIxK4A01rvPE4ZV26oaN9uHRVZ5h6FRtxQ-vF5AjbUufwxG1SPDrAASwLDnWQJkJ4A&sai=AMfl-YT9Iq4v6MYOBXNTc0E2l7mPCi-bdNuW94mWmbfmdfPYeWQWdaGQnjbW8qJwtMrYRxNIiNVYfuCTMXbEQ8Y6D1RgPiBAN2msRgvAM7siZe7u3DeLgIZ3xuAS-dfj&sig=Cg0ArKJSzGoTfTd3QxZsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cf_reurl_tw_gam.js
api.popin.cc/searchbox/ Frame 0EF3 		129 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
cd0db2d68f6fb00e1197e823f47e1f53aa2aa2ae85228a5e5d04a4a863629cc1

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

Content-Encoding
gzip
ETag
W/"84c303c8957ac66aa38f2a88e2291b99"
x-amz-version-id
u2A0lYWFB7No0ZP_ZBKUcX5kfrhgSMHf
Expires
Mon, 24 Mar 2025 23:52:30 GMT
Date
Mon, 24 Mar 2025 22:52:30 GMT
Last-Modified
Wed, 19 Mar 2025 07:07:58 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Cache-Status
HIT from 10.252.55.25
x-amz-replication-status
PENDING
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0EF3 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
3df3e9a13132631718a2843cf49fff08f798133b4e6957562e31d48e42a0078b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
9225633084484645003
age
3540
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 21:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68912
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 598A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssj_pJuUdUNo-5A9Rb1e1KOPfyr42a8e6webjpqPozSq2jk8rYOSCb3lwrmCLMjUKtPy3YQgXKNDAJyJQ4KCYVHvkr4v19V0quDRK3dkw7RgoL0DVHIuYvEbxTmdLafYTRtIlhvkaksztG3wjG_LlwAYa-34yxaqGJEmbUV0mgii3GvdNgWQMM50Pjih-Vae68-BnF5Hj1LBVfKEb3fG_JAlBAM1vsOB88fN8YeCbqVKs_wgxG1aMSnMVRDVm6t52CIpfC5IFMseXrXlEPq0fvyy_trFYYGVtgYNENhxelKFVpyRTsYvr_rao0PD0I3xfEWPlCkCPZvvzjsL7F1OkqD2KoUY75-_1Xg2gSYpcW4k-B1PBJAXiL0EdH8-gi66B0wJSHM8OGVeMAfzER97fgwZ0lN_pl6YZypiabuuzzE9wEjnONv5UVgHntTzN9yeng&sai=AMfl-YRzJKVeuiLa-0xXLncWOEH-kDqbvXGa-vnzqb5t4XuAGcgwfgEX3CW-5Cmg7SeIY8nNKQxLFgAN0mJsIYM2miq0aYrno5YX8W8-_9ZzFppCdiIvwMXu1YljefVN&sig=Cg0ArKJSzIG5gSI5zzpsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
init.js
cdn.holmesmind.com/js/ Frame 598A 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag
"2b18447e41c64d14195cefd72eb57400"
age
35
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
9645
x-amz-cf-id
iOV-BTw0alb45IZVgjsRlIqNuVyjHtqLxMFzcyHQbIlcDJaCOt3Erw==
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript
last-modified
Fri, 14 Mar 2025 09:01:33 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 598A 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
3df3e9a13132631718a2843cf49fff08f798133b4e6957562e31d48e42a0078b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
9225633084484645003
age
3540
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 21:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68912
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame C4F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX6XBCXSbjcf1h7BQOyXsek3BJJQVZmivAHtQao-miKgK1vyEH2NifnZOOS-S0OLK_zTjNVGpdwW7yGZgGf71z2MvHKQJhFpx9f-ZKelrPLStGgCYhkw4wpKj3N4XU0w8pdPL23jJqFYQs7vwkjhAEvu4mx9TZJl_LUsDOo8Qx38DeOndt90twM8-4UmmAuYo1uG7hkpGdaDi00uHKYt1-OdEgVJA_HL9IOJKCBeZrimMOFdW7zh2vPMU--QWzxhZkbxVTvm9RlEIZWKfwxrVGhGsCSQ_K0E9Qj0Hc2_FhVA6sShbx66000IMB0CYz2mus0JwPR-yWNka3gUiBVKgMaLvsN23kLRVhgn2R7Wd5sSWgR01tuK6_qJE_C13K71Ia0xQue_QFCPIORtUE5XnEm6YtJkwBkFr3671qZW859axvXrUHXGgjJ7sZcFCL4kI&sai=AMfl-YQPuthStPcYKaIY6uG8P3i5rPwOsXqPllgIXE3HJj3q_w9-BCill7xu5IIRHk0suwvZIZu33HMSiYy4_umD0AayjQEKnr8p4sRTicgTYvOkdwkpuwIVKV292Pad&sig=Cg0ArKJSzBn72BfgbW5zEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
init.js
cdn.holmesmind.com/js/ Frame C4F0 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag
"2b18447e41c64d14195cefd72eb57400"
age
35
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
9645
x-amz-cf-id
iOV-BTw0alb45IZVgjsRlIqNuVyjHtqLxMFzcyHQbIlcDJaCOt3Erw==
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript
last-modified
Fri, 14 Mar 2025 09:01:33 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C4F0 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
3df3e9a13132631718a2843cf49fff08f798133b4e6957562e31d48e42a0078b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
9225633084484645003
age
3540
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 21:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68912
x-xss-protection
0
server
cafe
syncframe
gum.criteo.com/ Frame 78CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:30 GMT
server
Kestrel
server-processing-duration-in-ticks
350455
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C28D 		185 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
86aafe206a1c24c8f705043765700322e0fc2e1871484ab8ab44ddde12a3472a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
2953815888740840370
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
60686
x-xss-protection
0
server
cafe
pagead46.
fundingchoicesmessages.google.com/f/AGSKWxXcKBHUXQrh4FaP0F-bz57PWo3XqMiLN5S5o3fcck0-we1Y6VCndtfGmdgHf3sopxIQ80qI3R4o2n9RlaQUOjISV3vM9VYAcKlf3yfyvHm86xxhgqjxIPXJFloDoUyjt63neQ7_-0zWL-qKE-WB8ufeNb2OA... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXcKBHUXQrh4FaP0F-bz57PWo3XqMiLN5S5o3fcck0-we1Y6VCndtfGmdgHf3sopxIQ80qI3R4o2n9RlaQUOjISV3vM9VYAcKlf3yfyvHm86xxhgqjxIPXJFloDoUyjt63neQ7_-0zWL-qKE-WB8ufeNb2OAMKiBusSLiTRlbeuvGbYUPKnWB0HuStV/_/native-ads-_ad_small./admeld._advert//pagead46.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
8c360d1229dd665ac530acb7ef15e85cde3cedc5334a44f5d6dc0bba3e6665ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bdUMEzp9R_z9YTDp4Cqq0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmJw05BiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjWHWnfzyZwY8fmU0xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpgbGRsZ6BmbxBYYAENor_Q"
content-security-policy
script-src 'report-sample' 'nonce-bdUMEzp9R_z9YTDp4Cqq0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
13036835877489095579
age
36066
x-content-type-options
nosniff
expires
Mon, 07 Apr 2025 12:51:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 12:51:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zfEG_xsPyNR7IPkdmgTtVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/XqAx30

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0JBi-FB_mfUHEAvxcKw70r6fTWBH29ZmZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkamBsZKxnYB5fYAAARCMkDA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zfEG_xsPyNR7IPkdmgTtVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
gen_204
pagead2.googlesyndication.com/pagead/ Frame C28D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame C28D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e03f11546b4c757a1fc84cd970014dbad3257e17069706b49717f172fb6b132

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 0EF3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fab1d998b80e7bfeddb27df96e02ce1e8e1cafb28a2eeadde5b4165542898db

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 598A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame C28D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 598A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 598A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a1aed4790654d92cf46a11a5c90b6798f81835cad3b427b26040ceb3fba7d7e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame C4F0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7ce6fe7bdb65d520a9a69380017f26f1f37187d8694aa8a80897f3cb69c46f5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
capmapping.htm
cdn.holmesmind.com/js/ Frame 7D9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
27
content-length
12184
content-type
text/html
date
Mon, 24 Mar 2025 22:52:21 GMT
etag
"313c12f57383ae26248323c3b33af799"
last-modified
Mon, 17 Mar 2025 05:33:47 GMT
server
AmazonS3
via
1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-id
SKPSmlw2b0BhSuRrvFAJ2e0IP_M8wu_Dj7VuzrK_jmBub_pGu9SLSQ==
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 45FD 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag
"1ff97ce94c5a1127f915e6bf2a02c6a9"
age
35
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10957
x-amz-cf-id
Bjuq1DJ4joMsiWOZoOOm_v101oKr8L13PSazu_EmmcgL76ETWcY4yA==
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 06:05:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
capmapping.htm
cdn.holmesmind.com/js/ Frame 3476 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
27
content-length
12184
content-type
text/html
date
Mon, 24 Mar 2025 22:52:21 GMT
etag
"313c12f57383ae26248323c3b33af799"
last-modified
Mon, 17 Mar 2025 05:33:47 GMT
server
AmazonS3
via
1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-id
SKPSmlw2b0BhSuRrvFAJ2e0IP_M8wu_Dj7VuzrK_jmBub_pGu9SLSQ==
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 2BAD 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag
"1ff97ce94c5a1127f915e6bf2a02c6a9"
age
35
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10957
x-amz-cf-id
Bjuq1DJ4joMsiWOZoOOm_v101oKr8L13PSazu_EmmcgL76ETWcY4yA==
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 06:05:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
show_ads_impl.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/ Frame C28D 		501 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
c8e9318c3c4d4267ff19a29ff8e36700e7e2b9de1dc992191a6e7157c4b97924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
16655410260656470125
age
37969
x-content-type-options
nosniff
expires
Mon, 07 Apr 2025 12:19:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 12:19:41 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
163372
x-xss-protection
0
server
cafe
AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IfWJPHhTjrODhxDeNx_kgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/XqAx30

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBi-FB_mfUHEAvxcKw70r6fTWDCzq27mZVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqYGxkbGegXl8gQEAXakkYQ"
content-security-policy
script-src 'report-sample' 'nonce-IfWJPHhTjrODhxDeNx_kgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2Y0Qj_pXSxlnzwRdRGq3RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/XqAx30

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBi-FB_mfUHEAvxcKw70r6fTWDC8h17mJVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRqYGxkbGegXl8gQEAWZgkUw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2Y0Qj_pXSxlnzwRdRGq3RQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'unsafe-inline';report-uri https://csp.withgoogle.com/csp/script-inclusions/a00d54fdef4a77536baac3725d1409f8
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVrmyfPcF_Yr4IQzDtDgjhayY1bD7JDN2_nSpX4_SNAeulAzYASk6L1LOEqt9O-9JZhVpZ8gfDjCjM21eYNW_Brkp-qcycgmpdjF_eBKr0KuEqnEAIDtAZN9eklmkQpQwr_Ty07A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-puiSPYx1hCb3oOm-saEXBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/XqAx30

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw05Bi-FB_mfUHEAvxcKw70r6fTWBCz8E9zEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDI1MDYyFjPwDy-wAAAT9skNQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-puiSPYx1hCb3oOm-saEXBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVZES8z0E3f_d4qYoAIxuFCRST8Ll1Ni9nDlb53-PALeQZHk8oSIcj7npHgeWsT4gjOVsKWiBpcIuvHg0R8o3JP8RdiS5mO9j6VaepZjZELEFhYar0d9N6iSdqk6ndcsv6DkY-HlQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVZES8z0E3f_d4qYoAIxuFCRST8Ll1Ni9nDlb53-PALeQZHk8oSIcj7npHgeWsT4gjOVsKWiBpcIuvHg0R8o3JP8RdiS5mO9j6VaepZjZELEFhYar0d9N6iSdqk6ndcsv6DkY-HlQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzQyODU2NzUwLDg2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yZXVybC5jYy9YcUF4MzAiLG51bGwsW1s4LCJkYUh6ekRVd0hHUSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTMsOTUzNDAyNTVdXSJdLFsyOSwiZmFsc2UiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
c0f2d20ff36ba8e3c35a04646221244075f59ef0d084c89a2984a15b5ae60ac0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-uHS05H2U9Ay_FEcr6yxFXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjstDikmLw05BiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYiFeDjWHWnfzyaw48uvg8xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpgbGRsZ6BmbxBYYAJDwsYA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-uHS05H2U9Ay_FEcr6yxFXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
Preset.js
ad.holmesmind.com/adserver/ Frame 45FD 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.103.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-103-138.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
43a71fb6e8f61126f7dfb3fe8a1a01eba8cfbff5cd7d681bba0e62f64ad924c7

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
js-md5.js
cdn.holmesmind.com/js/ Frame 45FD 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
age
7
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
30621
x-amz-cf-id
_Omj8hgdY3rPbHlWnYQqEbRplIAswfGGjHiq5kGee4Sxt55wi_2Ibg==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
Preset.js
ad.holmesmind.com/adserver/ Frame 2BAD 		2 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.103.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-103-138.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
851c3da53f870dab9f8fd365f8eb9af27af956d79a96f89f412f8baa5b7b1624

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
js-md5.js
cdn.holmesmind.com/js/ Frame 2BAD 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
age
7
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
30621
x-amz-cf-id
_Omj8hgdY3rPbHlWnYQqEbRplIAswfGGjHiq5kGee4Sxt55wi_2Ibg==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
AGSKWxUcE5KLSU-T5U0UDpBEyR42ScVQuvSdgr7M9LaKXGZQKGodURJwCCz5e4RlFw8vmVpyOILLrY8nfQPb4GXmh0T3Xe0_Abv_TabGoFeURtAmy-FkQgnVfJNlxgo5Be9hHmJMniOQ8Q==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUcE5KLSU-T5U0UDpBEyR42ScVQuvSdgr7M9LaKXGZQKGodURJwCCz5e4RlFw8vmVpyOILLrY8nfQPb4GXmh0T3Xe0_Abv_TabGoFeURtAmy-FkQgnVfJNlxgo5Be9hHmJMniOQ8Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.daHzzDUwHGQ.es5.O/d=1/rs=AJlcJMw0U3pAz_cITaWp4fDBnRc9ZevyHQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WKxIXdZur05sZuwPhiTACQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain
Referer
https://reurl.cc/XqAx30

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0JBi-FB_mfUHEAtxc6w_0r6fTWDH1JsaSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjUwNjIWM_APL7AAAAtiyPh"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WKxIXdZur05sZuwPhiTACQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://reurl.cc
content-length
0
x-xss-protection
0
server
ESF
view
securepubads.g.doubleclick.net/pcs/ Frame C28D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8Ve6t52_gLG70griEFTrke8Y0Dk0uwWjTMqLLEptgyJ6dBzx_-2iroMlv9a6jdsYVh3RjY_yl44abAco-KNMO-gaswlU-yWaUmdgjDBVqnu5GiJhx74zonBfqAU27kMe65eV0r_kh9F4xhCssSZ06D4fwY0fRb9MLwDHFlllbVVsvh4ZJ74I5pBQQ5Ga_5GHEKlcsc5mGZzyE71S0TYGNnjKZazm5CVChB40wp8ycCoKVMPcZIHT5jkKGY8tCtRLOyK3T8iLKGajHf0nMKYbbyTSOrSUp-bQLvpbZo4oCE1NS6O_XyeMS46ubi1eNn5q3nfIcdrkxOQlMTcxsfkAJ_QJ2i-nLgSltpMTGxT-NNtzJVT0bAGJNky9IXevTnChvvhqoP4lWlnd5lV8rFBmdnUApFcl8D0NdB3BtQtv8_VW1S6zG7CW92gST&sai=AMfl-YQZ6v-NjT79gvmg4q1PC00Kxzyvq-n1vPgrZgYT2pEojQqB7nGxqSaxtYL5o3KN4_-4YnT-oGn55fvcPplMAnTIwX53l8evorRUHuon2xHdOmlQRIvR2JtM3Gj9&sig=Cg0ArKJSzGN_zVdE6RwZEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:31 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20250319/r20190131/ Frame 40D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20250319/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/show_ads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

age
74235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4228
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 02:15:16 GMT
etag
2080659458937595761
expires
Mon, 07 Apr 2025 02:15:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
adx.holmesmind.com/adx-file/20220715/ Frame 8573
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13803&adk=2220942683&adf=3173046724&pi=t.ma~as.2784%2F13803&w=300&lmt=17428567...
  • https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:1200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/XqAx30
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

content-type
application/xml
date
Mon, 24 Mar 2025 22:52:31 GMT
server
AmazonS3
via
1.1 05515d3ee39ade93c9eed3120029b212.cloudfront.net (CloudFront)
x-amz-cf-id
Qstg-3eP6JGfTizEOOgEV5astSPohskPDiPuqBw8n9C5l_TubEbftg==
x-amz-cf-pop
YUL62-P1
x-cache
Error from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:31 GMT
location
https://adx.holmesmind.com/adx-file/20220715/DkKnrBdt5clw3Tnvnp9EqZncJzw4s090s3IZtsfB.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame C28D 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250319&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/show_ads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
81777c329a6e482da1883206cc200dd667279066548a9cc1dda9de5b650ed3fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13062
date
Mon, 24 Mar 2025 22:52:31 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
td_js_sdk_171.js
api.popin.cc/ Frame 0EF3 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
3402df1af7b8665c51ac7e2d4fed5dc6cac147d61966672d9cf32a34acafedfe

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

Transfer-Encoding
chunked
X-Cache-Status
HIT from 10.252.55.25
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Content-Encoding
gzip
ETag
W/"d7d7ebc58d77dc27a2c068acdf41021d"
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Expires
Mon, 24 Mar 2025 23:52:31 GMT
Date
Mon, 24 Mar 2025 22:52:31 GMT
Last-Modified
Tue, 28 May 2024 09:22:02 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
nginx
x-amz-server-side-encryption
AES256
recommend
tw.popin.cc/popin_discovery/ Frame 0EF3 		691 B
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Freurl.cc%2FXqAx30&&device=pc&media=reurl.cc&extra=windows&agency=popinag&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=25284a794658e4d81ae1742892751270&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODguMC40MzI0IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIEhlYWRsZXNzQ2hyb21lLzg4LjAuNDMyNC4xOTAgU2FmYXJpLzUzNy4zNiIsInVzZXJfdGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL1hxQXgzMCIsInVzZXJfdGRfcGF0aCI6Ii9YcUF4MzAiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiIiwidXNlcl90ZF91cmwiOiJodHRwczovL3JldXJsLmNjL1hxQXgzMCIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJyZXVybC5jYyIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE3NDI4NTY3NTEyNzIsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&uis=%7B%22ss_fl_pp%22%3Anull%2C%22ss_yh_tag%22%3Anull%2C%22ss_pub_pp%22%3Anull%2C%22ss_im_pp%22%3Anull%2C%22ss_im_id%22%3Anull%2C%22ss_gn_pp%22%3Anull%7D&callback=_p6_9e830bc16542
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
c26d764cea67a8dc738942c17e31d677fa8363bb4656bf1cb4b42b02e5961f2b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-length
691
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript;charset=UTF-8
server
nginx/1.13.5
cross-origin-resource-policy
cross-origin
track.js
ad.tagtoo.co/media/ad/ Frame 0EF3 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.tagtoo.co/media/ad/track.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.12.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
80279f6baf172b794e35da391ac30711c57a3276abda4280d170920df9cca9b1

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=wTuGGA==, md5=5ROst+pHZlGo3jXf0Ga7EA==
etag
"e513acb7ea476651a8de35dfd066bb10"
age
3553
x-goog-stored-content-encoding
gzip
expires
Tue, 08 Apr 2025 21:53:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1810
date
Mon, 24 Mar 2025 21:53:18 GMT
last-modified
Thu, 20 Mar 2025 09:18:49 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AKDAyIvTgNIdFwEaGMJkLxJ5hs30_dWI9pixdJ6Ws6DPTabm5fEaAYG_pdQBlxHOtWVZxpbb057mDr4
cache-control
public, max-age=1296000
x-goog-storage-class
STANDARD
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1742462329152868
content-length
1810
server
UploadServer
tuec.js
uec.tagtoo.co/ Frame 0EF3 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uec.tagtoo.co/tuec.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.150.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
etag
"2fa133db50cd81d87b8ffb8729a6ab35"
age
1247
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
3770
date
Mon, 24 Mar 2025 22:31:44 GMT
last-modified
Tue, 12 Dec 2023 09:08:46 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AKDAyIvZaKKPWKLsnZvFEtWDdRHmykRDNaQGEyf4KqlYMWSIzI-dQYHruSmVmCwoata0SAnrCNaZ-fg
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1702372126688115
content-length
3770
server
UploadServer
utag.js
t.ssp.hinet.net/ Frame 0EF3 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Mon, 24 Mar 2025 23:02:32 GMT
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
popin_discovery5-min.js
api.popin.cc/ Frame 0EF3 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
46e977bd2e693545c10424af0ca8ae2061ce096d8e5658d997fa9ca60471e26d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

Content-Encoding
gzip
ETag
W/"51910bb1cd9873a17caea8588a900e56"
x-amz-version-id
MCe3oXQalSYt2eLBNz01lVj92TQAzYxl
Expires
Mon, 24 Mar 2025 23:52:31 GMT
Date
Mon, 24 Mar 2025 22:52:31 GMT
Last-Modified
Mon, 24 Mar 2025 06:26:46 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Cache-Status
HIT from 10.252.55.25
x-amz-replication-status
PENDING
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Server
nginx
x-amz-server-side-encryption
AES256
discoverylogs
log.popin.cc/log/popin_media/ Frame 0EF3 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBIZWFkbGVzc0Nocm9tZS84OC4wLjQzMjQuMTkwIFNhZmFyaS81MzcuMzYiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9YcUF4MzAiLCJsb2MiOiJodHRwczovL3JldXJsLmNjL1hxQXgzMCIsInRkX29zIjoiV2luZG93cyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBIZWFkbGVzc0Nocm9tZS84OC4wLjQzMjQuMTkwIFNhZmFyaS81MzcuMzYiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg4LjAuNDMyNCJ9&t=1742856751276
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

etag
"5c12092b-42"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
image/jpeg
last-modified
Thu, 13 Dec 2018 07:24:27 GMT
server
nginx/1.13.5
discoverylogs
log.popin.cc/log/popin_media/ Frame 0EF3 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9YcUF4MzAiLCJ1aWQiOiIyNTI4NGE3OTQ2NThlNGQ4MWFlMTc0Mjg5Mjc1MTI3MCIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODguMC40MzI0IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIEhlYWRsZXNzQ2hyb21lLzg4LjAuNDMyNC4xOTAgU2FmYXJpLzUzNy4zNiJ9&t=1742856751284
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

etag
"5c12092b-42"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
image/jpeg
last-modified
Thu, 13 Dec 2018 07:24:27 GMT
server
nginx/1.13.5
0.js
ecs.tagtoo.co/js/ Frame 0EF3 		201 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/0.js
Requested by
Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ed1353670cbe52a301571e6717fab543726f43f7bed2edd0ffca2e74f6a1d8bf

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
content-encoding
gzip
x-goog-hash
crc32c=2mAcSQ==, md5=ijKbxOP20q6Aq4WlmoGeCA==
etag
"8a329bc4e3f6d2ae80ab85a59a819e08"
age
2043
x-goog-stored-content-encoding
gzip
expires
Mon, 24 Mar 2025 23:48:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
56322
date
Mon, 24 Mar 2025 22:18:28 GMT
last-modified
Fri, 14 Feb 2025 14:16:26 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AKDAyIvA0hiKhftDXL5Orhs__yktWEa8Sy3U27jKT1DUd8Y65bYyHGFAvdlVSJYnvJh4TQYtxhyXbks
cache-control
public, max-age=5400
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1739542586669957
content-length
56322
server
UploadServer
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame C28D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202503200101/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
ads.js
ad.holmesmind.com/adserver/ Frame 2BAD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FXqAx30&n=584&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.103.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-103-138.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f3b9da8c40e7410be0836fdab21966590ba380827a9438a99096d06ce1d2e603

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 2BAD 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
etag
"519bf06eca29382b4ee4cc4f1dace214"
age
45
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2905
x-amz-cf-id
fGsqbFDLXZjOZcrG9grQhIazVycuy_RyA7PwhFhzGGZqBEOJ5Nphag==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
publishertag.js
static.criteo.net/js/ld/ Frame 2BAD 		130 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
6690e3c30b0eededab18045eb475d854615ca6c2205a1ee112762ea1d1625484
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-2072d"
cross-origin-resource-policy
cross-origin
expires
Tue, 25 Mar 2025 22:52:31 GMT
access-control-allow-origin
*
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
criteoV2.js
cdn.holmesmind.com/js/ Frame 2BAD 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
etag
"13519f9e63c9828d93a698c47992e115"
age
45
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3197
x-amz-cf-id
bqFpqW7jGnU16B_7gnimBOdLOXKSIuLRJO-uZV7we0iMgSGe4XJ0-Q==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 2BAD 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
age
45
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3470
x-amz-cf-id
CByxxRm2TVB3izdcYAK5YR0Aqrk0okS5-uG8UiiZf-Wfkhiqj-IEeA==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appierV2.js
cdn.holmesmind.com/js/ Frame 2BAD 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
age
57
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3446
x-amz-cf-id
cBAI017dXp8CqJOfkJut_MMdTORp52yG8kCO6gLaQsLPHfo1r2zOpg==
date
Mon, 24 Mar 2025 22:51:34 GMT
content-type
application/javascript
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 2BAD 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
age
33
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5467
x-amz-cf-id
TgkkMm5pnpOGLbSoT_N_LTWjZS7l2T_2t6JJ5uOA0OMGb2jLEcB6yQ==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ads.js
ad.holmesmind.com/adserver/ Frame 45FD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FXqAx30&n=71&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.103.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-103-138.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fea149271413ec26098fac7325d4c8b208ffdd262da5ad7e4c93a11c0571b25d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 2BAD
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=YMk0KCABBU24ojQ6MOLhZw
2 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=YMk0KCABBU24ojQ6MOLhZw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
via
1.1 google
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
application/json; charset=utf-8

Redirect headers

Cache-Control
no-store
Location
https://ad2.apx.appier.net/v1/prebid/bid?acid=YMk0KCABBU24ojQ6MOLhZw
Accept-Ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
null
Content-Length
0
P3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Mon, 24 Mar 2025 22:52:32 GMT
Server
nginx
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2BAD 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/XqAx30

Response headers

access-control-max-age
3600
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:32 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 2BAD 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.612798448475709
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/XqAx30

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Mon, 24 Mar 2025 22:52:32 GMT
Server
Kestrel
Access-Control-Allow-Credentials
true
utag.js
t.ssp.hinet.net/ Frame 2BAD 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Mon, 24 Mar 2025 23:02:32 GMT
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
drawV2.js
cdn.holmesmind.com/js/ Frame 2BAD 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FXqAx30&n=584&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
etag
"dcf480340ca4b65dc9aa76bd9e677036"
age
26
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
13033
x-amz-cf-id
nrT5-iOT-nuUHHBhDZJYKxHCz6uCXCbZvmIwchlbA6FeF7cKsn_u3A==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bid
ad2.apx.appier.net/v1/prebid/ Frame 2BAD
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=FwYcCicjBcifo4k0MeLhZw
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=FwYcCicjBcifo4k0MeLhZw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
via
1.1 google
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
application/json; charset=utf-8

Redirect headers

Cache-Control
no-store
Location
https://ad2.apx.appier.net/v1/prebid/bid?acid=FwYcCicjBcifo4k0MeLhZw
Accept-Ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
null
Content-Length
0
P3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Mon, 24 Mar 2025 22:52:33 GMT
Server
nginx
utag.js
t.ssp.hinet.net/ Frame 45FD 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Mon, 24 Mar 2025 23:02:32 GMT
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
discoverylogs
log.popin.cc/log/popin_media/ Frame 0EF3 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoyLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9YcUF4MzAiLCJ1aWQiOiIyNTI4NGE3OTQ2NThlNGQ4MWFlMTc0Mjg5Mjc1MTI3MCIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjZiYjQwNzFiLTg1MjMtNGMyYi1hNWM2LTI2ZGY2ZmIzYmRiMiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9YcUF4MzAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgSGVhZGxlc3NDaHJvbWUvODguMC40MzI0LjE5MCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL1hxQXgzMCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9YcUF4MzAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODguMC40MzI0IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjZiYjQwNzFiLTg1MjMtNGMyYi1hNWM2LTI2ZGY2ZmIzYmRiMiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1742856751885
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

etag
"5c12092b-42"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
image/jpeg
last-modified
Thu, 13 Dec 2018 07:24:27 GMT
server
nginx/1.13.5
log.gif
r.popin.cc/ Frame 0EF3 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=25284a794658e4d81ae1742892751270&url=https%3A%2F%2Freurl.cc%2FXqAx30&t=1742856751887
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

etag
"5d6f3ceb-23"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
image/gif
last-modified
Wed, 04 Sep 2019 04:26:19 GMT
server
nginx
drawV2.js
cdn.holmesmind.com/js/ Frame 45FD 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FXqAx30&n=71&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
etag
"dcf480340ca4b65dc9aa76bd9e677036"
age
26
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
13033
x-amz-cf-id
nrT5-iOT-nuUHHBhDZJYKxHCz6uCXCbZvmIwchlbA6FeF7cKsn_u3A==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame EB12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
2764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:06:28 GMT
expires
Mon, 24 Mar 2025 22:56:28 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 120A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vy-1UTQyAdTT2nwfhcdE_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Vy-1UTQyAdTT2nwfhcdE_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:32 GMT
expires
Mon, 24 Mar 2025 22:52:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 0EF3 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?eid=1742856751954&id=404012299753340&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FXqAx30&rl=https%3A%2F%2Freurl.cc%2FXqAx30&if=true&ts=1742856751953&sw=1600&sh=1200&v=2.9.44&r=stable&fbp=fb.1.1742856748440.731211981565462824&it=1742856751946&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=116, rtx=0, c=30, mss=1232, tbw=12710, tp=26, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
cdb
bidder.criteo.com/ Frame 2BAD 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=14687538211
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://reurl.cc/XqAx30

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:31 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
activeview
pagead2.googlesyndication.com/pcs/ Frame C28D 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujyNz2ZiSLnqd2I2EofxbGfNltlNG6omhuwjVx_4ON0eYQjuh31VNVnYwbZLIJNv2F6mWfafiiF--ZD28R_w7k_nanJU7Ezw7ZTsV7daQ9uRgZCY44s9g8Dn-5fJlogevL0oRRyrndbm4e_NmJvQBzWlazH7lqtOcXVOC2SqDwxCo&sig=Cg0ArKJSzBfzoZwbHIQ0EAE&id=lidar2&mcvt=1000&p=108,1030,358,1330&tm=1456.2000007629395&tu=456.5&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20250324&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3878955000&rst=1742856750047&rpt=1098&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 24 Mar 2025 22:52:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
t.ssp.hinet.net/ Frame 0EF3 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
deb4603c036d491f57a33705e6460d6b165cd0d3ec3aaa692409ccb3b6a4d10c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Origin
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 0EF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmo6oMCxC2T4BPG5itSuTiv4NqZSTanV3xbFqKqq3lgzLRaT4e09lDAyZ7nFkXuXt_qomgkxTes2Zb_eQb-fO5lZI1rueTR1OAaZCqpMkE3HnOt-Mw4QAtih8hzSx9UAOdn0eDfJllifvoJVpdcOcHLGo-ArvsqbWsEv1BbqRFuybENkbS_NKCMDFwfntxlKKYYH1nqRav1mrtYx9hqCr8U5xP2cMAhVVV2dudPPmsMzVXlt29NLQ1d8ipLt4yUOPrKhYjeUgI1E-kLE5zwaDCWp_J4WW7NQregrxlcqRov0wOGVv3hNQdtO42X0lrnL_qCVpi9alXoeU4lHuODV168giOLuLV4hzqMuoF6asFoPxPYbXkjM69XYnWKgwZN7X8vkI9VrcWK9vakd3yp2bDDNuyxM1Az4PAmuP0alB78Mh8wBuSgA2r5dxx&sai=AMfl-YRRy4U9J_h6J2K6EUbJ7bMHvdoGoNcBMciX8ovfFZU3uK7kXl4-lhkfzLVYgfh-gHNJ7huMlvdYLNXtNr4HjBQUhFu31So7uHZIpFLO9sRHM0IcZLL2oTg7e2ym&sig=Cg0ArKJSzJlvpYW6N3v7EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
t.ssp.hinet.net/ Frame 2BAD 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
c7f80f0b3292941c2fb425a84922eed64d135712c8cad3698a8e07a655b089fe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Origin
server
nginx
/
t.ssp.hinet.net/ Frame 45FD 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
8728942e3844ccdac2a4e36416ce632b1abcd020ab95be929ba19155056bc0cc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Origin
server
nginx
events
bidder.criteo.com/csm/ Frame 2BAD 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/XqAx30

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:32 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixel.gif
static.criteo.net/images/ Frame 2BAD 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Thu, 19 Mar 2026 22:52:32 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
pixel.gif
static.criteo.net/images/ Frame 2BAD 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Thu, 19 Mar 2026 22:52:32 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6DAE 		107 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7eb8a27626378cb6e9717bb2cc1212209cd9e152c362990ec00655672e556e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
484 / 20171 / m202503180101 / config-hash: 13793887222185163369
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33574
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3F68 		107 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7eb8a27626378cb6e9717bb2cc1212209cd9e152c362990ec00655672e556e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
484 / 20171 / m202503180101 / config-hash: 13793887222185163369
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 22:52:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33574
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/ Frame 6DAE 		524 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
24c55f7fd45388e8a6c4fb7fc8bdae53992181227bb8f77f1d4dc04be9f15556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
8549058430066818552
age
44113
x-content-type-options
nosniff
expires
Tue, 24 Mar 2026 10:37:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 10:37:15 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168179
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/ Frame 3F68 		524 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
24c55f7fd45388e8a6c4fb7fc8bdae53992181227bb8f77f1d4dc04be9f15556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
8549058430066818552
age
44113
x-content-type-options
nosniff
expires
Tue, 24 Mar 2026 10:37:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 10:37:15 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
168179
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/ Frame 6DAE 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/gpt
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
724bf9b6cead6b42a8435c2dd63959f95a2868fc29d0c19f44b7f26c83a18cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6636832657936373745
age
30091
x-content-type-options
nosniff
expires
Mon, 31 Mar 2025 14:30:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 14:30:57 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23172
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503200101"
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/ Frame 3F68 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202503200101/gpt
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
724bf9b6cead6b42a8435c2dd63959f95a2868fc29d0c19f44b7f26c83a18cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6636832657936373745
age
30091
x-content-type-options
nosniff
expires
Mon, 31 Mar 2025 14:30:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 14:30:57 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23172
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202503200101"
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 6831 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28858
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:44:31 GMT
expires
Mon, 24 Mar 2025 23:34:31 GMT
last-modified
Mon, 24 Mar 2025 19:44:53 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 6DAE 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202503180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
11f4ef5aeb1eff58cb9b60be8c4af199bb344e58afef91ee6ad8d3cff444e377
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12877
date
Mon, 24 Mar 2025 22:52:32 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ Frame 6DAE 		36 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3308485111310740&correlator=2478681143325523&eid=31091183%2C31085777%2C83321073&output=ldjh&gdfp_req=1&vrg=202503180101&ptt=17&impl=fif&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&didk=607409652&dids=gpt-passback&adfs=3758817455&sfv=1-0-41&sc=1&cookie=ID%3D822c81110b26fdfe%3AT%3D1742856749%3ART%3D1742856749%3AS%3DALNI_MZ81k4P6W8IJ9NlFHIJG0_naa0TLA&gpic=UID%3D00001000ed6f9cef%3AT%3D1742856749%3ART%3D1742856749%3AS%3DALNI_MadaIT3g3bKj-Nlg8DU9xcMkLXSJw&abxe=1&dt=1742856752791&lmt=1742856752&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=i465qmq2j0hn&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FXqAx30&ref=https%3A%2F%2Freurl.cc%2FXqAx30&top=https%3A%2F%2Freurl.cc%2FXqAx30&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742856752645&idt=70&adks=3360245792&frm=23&eo_id_str=ID%3D88283767ebc8a1e4%3AT%3D1742856749%3ART%3D1742856749%3AS%3DAA-AfjYiOiQ2g76rmOCrcMx7cTHX&td=1&egid=51031&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
f5580160021f286a1ac6628dc927533430d93c8ce6ced8df39b7b876e34b32ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
dcb
google-lineitem-id
6499556608
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138462658495
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
content-length
7949
x-xss-protection
0
server
cafe
container.html
f1874c75e8614ef276d61a2a1301b50d.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame 0784 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f1874c75e8614ef276d61a2a1301b50d.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:33 GMT
expires
Mon, 24 Mar 2025 22:52:33 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9D76 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28858
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:44:31 GMT
expires
Mon, 24 Mar 2025 23:34:31 GMT
last-modified
Mon, 24 Mar 2025 19:44:53 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ Frame 3F68 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202503180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
8a1e91b5fb20d6feac2bb822a8d0b2bf6e28d86b6e3a126cb2a4f6bca96defaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12883
date
Mon, 24 Mar 2025 22:52:33 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ Frame 3F68 		519 B
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1215606435950452&correlator=1993544232237709&eid=31090593%2C31090917%2C31091186%2C83321072&output=ldjh&gdfp_req=1&vrg=202503180101&ptt=17&impl=fif&gdpr=0&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x100&ifi=1&didk=607409652&dids=gpt-passback&adfs=3758817452&sfv=1-0-41&sc=1&cookie=ID%3D822c81110b26fdfe%3AT%3D1742856749%3ART%3D1742856749%3AS%3DALNI_MZ81k4P6W8IJ9NlFHIJG0_naa0TLA&gpic=UID%3D00001000ed6f9cef%3AT%3D1742856749%3ART%3D1742856749%3AS%3DALNI_MadaIT3g3bKj-Nlg8DU9xcMkLXSJw&abxe=1&dt=1742856752828&lmt=1742856752&adxs=640&adys=455&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=pmhmorotuxtc&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FXqAx30&ref=https%3A%2F%2Freurl.cc%2FXqAx30&top=https%3A%2F%2Freurl.cc%2FXqAx30&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1742856752654&idt=80&adks=1212019568&frm=23&eo_id_str=ID%3D88283767ebc8a1e4%3AT%3D1742856749%3ART%3D1742856749%3AS%3DAA-AfjYiOiQ2g76rmOCrcMx7cTHX&td=1&egid=51031&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
fa88704a10c7c637bbd6ce24e92286118bb54435daa4b9890531701c25120fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
dcb
google-lineitem-id
-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
content-length
263
x-xss-protection
0
server
cafe
container.html
c352bfd00f479b20a7eddb69bb12a57f.safeframe.googlesyndication.com/safeframe/1-0-41/html/ Frame B681 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c352bfd00f479b20a7eddb69bb12a57f.safeframe.googlesyndication.com/safeframe/1-0-41/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3024
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:33 GMT
expires
Mon, 24 Mar 2025 22:52:33 GMT
last-modified
Thu, 30 Jan 2025 19:28:58 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
emome2
t.ssp.hinet.net/ Frame 0EF3 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=32fb1b00-1937-4891-8895-10b5fd50d826
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
nginx
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 6DAE 		18 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame D055 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
2764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:06:28 GMT
expires
Mon, 24 Mar 2025 22:56:28 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 81FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vy-1UTQyAdTT2nwfhcdE_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Vy-1UTQyAdTT2nwfhcdE_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:32 GMT
expires
Mon, 24 Mar 2025 22:52:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
cm
t.ssp.hinet.net/ Frame 0EF3 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=f3244e&cid=25284a794658e4d81ae1742892751270&mp=32fb1b00-1937-4891-8895-10b5fd50d826
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
image/png
vary
Origin
server
nginx
pixel
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net/ Frame 0EF3 		0
0
cm
t.ssp.hinet.net/ Frame 2BAD 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
image/png
vary
Origin
server
nginx
cm
t.ssp.hinet.net/ Frame 45FD 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
image/png
vary
Origin
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 075A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssh1g5vY1CSwmPkrlYaa_gwAPDsQrZfsRQhILy7VvDIJG3qkb0Bfpeb_-J1xY3T3wqA_iiVGQuXmQxQ1vivmgjlkHZh_4xysXlDuaEzL_eJAwhgam2dLEueGZJPmQhPPi9tzz8on6F9KdPALAsW5UiFhFkS-OYpWaoq44U0ABs83aoFbFzunoppKROL1xhzmDSEPGl0kTn7UI1RMz3v73ZiP8sln_u8hdPGda9ipcpdlnXHlnB3AwIUj61UPivur31ApR6b_cWizmbLaUA1B42KmfdYmAnAUQxOmH3gYohrPTcdr9IEfDqW9HS0sMu6VQqR0kVgAzoNVEadWCSw1tXTrRb2tmyh-NV48S2f1ZsMYIFFFTDZLMs-iaKIJFVUBLYig_3TYcZM30wi466CFANgMMyG0lu4bsu-LqTy5EuwZC7YRxFYgxEwpKMdFYIPcKtIiPGl-mp6g&sai=AMfl-YSkXg1P51xKYGP8uin4s97za_39PMwENQ9jRAevNtKGIuA2eKQYpr5peV6NAGwxMFu3NB_cBjz_UsohakwPvWy1KuuB1sS_a7Ic2lCMyG33PiHnqDG0FJ-X0g7C&sig=Cg0ArKJSzOk8h_irCjb4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
init.js
cdn.holmesmind.com/js/ Frame 075A 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag
"2b18447e41c64d14195cefd72eb57400"
age
35
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
9645
x-amz-cf-id
iOV-BTw0alb45IZVgjsRlIqNuVyjHtqLxMFzcyHQbIlcDJaCOt3Erw==
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript
last-modified
Fri, 14 Mar 2025 09:01:33 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 075A 		219 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
3df3e9a13132631718a2843cf49fff08f798133b4e6957562e31d48e42a0078b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
br
etag
9225633084484645003
age
3540
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 24 Mar 2025 21:53:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68912
x-xss-protection
0
server
cafe
capmapping.htm
cdn.holmesmind.com/js/ Frame 5EB6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
29
content-length
12184
content-type
text/html
date
Mon, 24 Mar 2025 22:52:21 GMT
etag
"313c12f57383ae26248323c3b33af799"
last-modified
Mon, 17 Mar 2025 05:33:47 GMT
server
AmazonS3
via
1.1 a6f2e7c3dd76750ec70d32e7fcf09838.cloudfront.net (CloudFront)
x-amz-cf-id
90k5DdGH5gUxvmppfMHQE1q2effctJbuCXEJdePFahblilN-hcs7hw==
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 399F 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag
"1ff97ce94c5a1127f915e6bf2a02c6a9"
age
35
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
10957
x-amz-cf-id
Bjuq1DJ4joMsiWOZoOOm_v101oKr8L13PSazu_EmmcgL76ETWcY4yA==
date
Mon, 24 Mar 2025 22:52:30 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 06:05:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
gen_204
pagead2.googlesyndication.com/pagead/ Frame 075A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/ Frame 3F68 		18 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202503180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 075A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 24 Mar 2025 22:52:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
Preset.js
ad.holmesmind.com/adserver/ Frame 399F 		2 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.103.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-103-138.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
851c3da53f870dab9f8fd365f8eb9af27af956d79a96f89f412f8baa5b7b1624

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
js-md5.js
cdn.holmesmind.com/js/ Frame 399F 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
age
7
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
30621
x-amz-cf-id
_Omj8hgdY3rPbHlWnYQqEbRplIAswfGGjHiq5kGee4Sxt55wi_2Ibg==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 6133 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

accept-ranges
bytes
age
2764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:06:28 GMT
expires
Mon, 24 Mar 2025 22:56:28 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vy-1UTQyAdTT2nwfhcdE_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/XqAx30
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Vy-1UTQyAdTT2nwfhcdE_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Mar 2025 22:52:32 GMT
expires
Mon, 24 Mar 2025 22:52:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 075A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c678d4c12744f267ddc4d7fc762597e395fe95d25cbcb2a2a12a5830ea3a7cf

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer

Response headers

Content-Type
image/png
ads.js
ad.holmesmind.com/adserver/ Frame 399F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FXqAx30&n=257&o=1&fc=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&d=1&b=2&ts=1&ii=2&FPCK=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.103.138 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-103-138.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e01eedfa9116f146121b64d2d27e097717f100e6743a04133ab19ca21043f0f4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

access-control-allow-origin
https://reurl.cc
content-encoding
gzip
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
access-control-allow-credentials
true
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 399F 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
etag
"519bf06eca29382b4ee4cc4f1dace214"
age
45
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2905
x-amz-cf-id
fGsqbFDLXZjOZcrG9grQhIazVycuy_RyA7PwhFhzGGZqBEOJ5Nphag==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
publishertag.js
static.criteo.net/js/ld/ Frame 399F 		130 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
6690e3c30b0eededab18045eb475d854615ca6c2205a1ee112762ea1d1625484

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67c8043f-2072d"
cross-origin-resource-policy
cross-origin
expires
Tue, 25 Mar 2025 22:52:31 GMT
access-control-allow-origin
*
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
text/javascript
last-modified
Wed, 05 Mar 2025 07:58:55 GMT
server
nginx
criteoV2.js
cdn.holmesmind.com/js/ Frame 399F 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
etag
"13519f9e63c9828d93a698c47992e115"
age
45
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3197
x-amz-cf-id
bqFpqW7jGnU16B_7gnimBOdLOXKSIuLRJO-uZV7we0iMgSGe4XJ0-Q==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 399F 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
age
45
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3470
x-amz-cf-id
CByxxRm2TVB3izdcYAK5YR0Aqrk0okS5-uG8UiiZf-Wfkhiqj-IEeA==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appierV2.js
cdn.holmesmind.com/js/ Frame 399F 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
age
57
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
3446
x-amz-cf-id
cBAI017dXp8CqJOfkJut_MMdTORp52yG8kCO6gLaQsLPHfo1r2zOpg==
date
Mon, 24 Mar 2025 22:51:34 GMT
content-type
application/javascript
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 399F 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
age
33
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
5467
x-amz-cf-id
TgkkMm5pnpOGLbSoT_N_LTWjZS7l2T_2t6JJ5uOA0OMGb2jLEcB6yQ==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 399F 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/XqAx30

Response headers

access-control-max-age
3600
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:33 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 399F 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.1444721562890796
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/XqAx30

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Mon, 24 Mar 2025 22:52:33 GMT
Server
Kestrel
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 399F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=KvMIRlI4CWKpTWakMeLhZw
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=KvMIRlI4CWKpTWakMeLhZw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
via
1.1 google
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
application/json; charset=utf-8

Redirect headers

Cache-Control
no-store
Location
https://ad2.apx.appier.net/v1/prebid/bid?acid=KvMIRlI4CWKpTWakMeLhZw
Accept-Ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
null
Content-Length
0
P3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Mon, 24 Mar 2025 22:52:33 GMT
Server
nginx
bid
ad2.apx.appier.net/v1/prebid/ Frame 399F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=GI_WJotqD8GSPF7rMeLhZw
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=GI_WJotqD8GSPF7rMeLhZw
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
via
1.1 google
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
application/json; charset=utf-8

Redirect headers

Cache-Control
no-store
Location
https://ad2.apx.appier.net/v1/prebid/bid?acid=GI_WJotqD8GSPF7rMeLhZw
Accept-Ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
null
Content-Length
0
P3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Mon, 24 Mar 2025 22:52:33 GMT
Server
nginx
cdb
bidder.criteo.com/ Frame 399F 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=159&profileId=184&cb=78547874048
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://reurl.cc/XqAx30

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:32 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixel
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net/ Frame 2BAD 		0
0
sodar
ep1.adtrafficquality.google/pagead/ Frame C28D 		0
0
events
bidder.criteo.com/csm/ Frame 399F 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::5 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://reurl.cc/XqAx30

Response headers

cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:34 GMT
vary
Origin
server
Kestrel
access-control-allow-credentials
true
pixel.gif
static.criteo.net/images/ Frame 399F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Thu, 19 Mar 2026 22:52:32 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
pixel.gif
static.criteo.net/images/ Frame 399F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/XqAx30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"493ea254-2b"
cross-origin-resource-policy
cross-origin
expires
Thu, 19 Mar 2026 22:52:32 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
image/gif
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
drawV2.js
cdn.holmesmind.com/js/ Frame 399F 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FXqAx30&n=257&o=1&fc=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&d=1&b=2&ts=1&ii=2&FPCK=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&fp_uuid=0560-b0402c918abb74a472c702ef00e2a1ce&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:269f:c400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
etag
"dcf480340ca4b65dc9aa76bd9e677036"
age
26
via
1.1 1444171bfa6dc77903048694929271f2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
13033
x-amz-cf-id
nrT5-iOT-nuUHHBhDZJYKxHCz6uCXCbZvmIwchlbA6FeF7cKsn_u3A==
date
Mon, 24 Mar 2025 22:52:31 GMT
content-type
application/javascript
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
x-amz-server-side-encryption
AES256
utag.js
t.ssp.hinet.net/ Frame 399F 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
max-age=600
content-encoding
gzip
etag
W/"65e6c0fa-15e4"
expires
Mon, 24 Mar 2025 23:02:32 GMT
date
Mon, 24 Mar 2025 22:52:32 GMT
content-type
application/javascript
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 0EF3 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJw-X3dqKqP6ZqQHz0fOZqTUiMvFmatsQfvVhXGx_FxHDpWaYy--IlAXEWrBg8hgV5W-a--6WXNSH-4YWgUMte-u6ukI_lPuBzB4T2GcamRMJ9zQ0-E8dd9ibPIj05NZEGGpVBKF1oMcCWDYVJLDDhAWJ0uHgz5axwzr3zoWwajJo&sig=Cg0ArKJSzG3K_E-T2cADEAE&id=lidar2&mcvt=1001&p=108,270,358,570&tm=2795.4000005722046&tu=1794.5&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20250324&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3878955000&rst=1742856750077&rpt=2437&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 24 Mar 2025 22:52:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/pagead/ Frame 6DAE 		0
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZDFZCDVDK1&gtm=45je53o0h2v9181474282za200&_p=1742856747805&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102482433~102788824~102803279~102813109&cid=1468600448.1742856748&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1742856748&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FXqAx30&dt=Dynamics%20365%20Customer%20Voice&en=scroll&epn.percent_scrolled=90&_et=19&tfd=6834
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFZCDVDK1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.102 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:87:0
report-to
{"group":"ascnsrsggc:87:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:87:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:87:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
text/plain
server
Golfe2
pixel
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net/ Frame 45FD 		0
0
sodar
ep1.adtrafficquality.google/pagead/ Frame 3F68 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je53l1v897965293za200zb9181474282&_p=1742856747805&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102015666~102482433~102788824~102803279~102813109~102887800&cid=1468600448.1742856748&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1742856748&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FXqAx30&dt=Dynamics%20365%20Customer%20Voice&en=scroll&epn.percent_scrolled=90&_et=15&tfd=6917
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:137:0
report-to
{"group":"ascnsrsggc:137:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:137:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://reurl.cc
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:137:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 24 Mar 2025 22:52:33 GMT
content-type
text/plain
server
Golfe2
/
t.ssp.hinet.net/ Frame 399F 		36 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
01376fdb9cd0dba8e0a693f71b3d0b75ce10d1d55e3e0bde75acc423960a85ec
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

strict-transport-security
max-age=0
cache-control
no-cache, private
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://reurl.cc
date
Mon, 24 Mar 2025 22:52:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Origin
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 075A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdjNJKTD656clx87VwvSpz79jj_1CZT_IZrFM35jcng5Ib5CZszTvyyni9znGjHL_zlLXuuWDzLjjivd3-I8x-W0FJbd5F_OPjZ1Ap21IdGC-ZT93Dr00cp96XJKNGQmR6hUlE50zq50_B6eE4UqvlHbc7FzcBbHKMJNt_iswHdTFauqhWdsh75SwmpBZiRR_a1BK-009ehN9hPke46RSYdhifbRepCWbX9TY77kJNfqeb534pu8X3ixgI1odhque7JJIYHlNAfc--fRArATk0Qv5Yi-pQFiaQ5OpjOHz3ILR0krLkqeUYp3DK6Gpuz-GEmtYfJ3a8T3YCxHHAIZB0e8AEcDH6Xspk_nZCbmjHmcrY09B4mmMLqQSZFcawB8mTQfDz3DMu6MDRcWL9T2Nd3gk_jjiH_hbSbdoAcKNclxbIJzOckV6-k4hRncts-YXt4a8brARtIONu&sai=AMfl-YQxilU63MWBPLk9Eju7PaQojnMNk0EK5pQwzJHYopzjJHtlR5NCrZatVw8eeXwEMYh1gr3Rl5JRj34cumUoQDD0Mpichtyz6vmOrZqm_Xq_vnKqzTmwwgm5kUK4&sig=Cg0ArKJSzH6AxxIcPKk3EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 24 Mar 2025 22:52:34 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 24 Mar 2025 22:52:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cm
t.ssp.hinet.net/ Frame 399F 		0
0
pixel
2631dc94-7650-4c53-899f-3f4144a09e75.t.ssp.hinet.net/ Frame 399F 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8BE3 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 075A 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvw_egjwMkHl3kzlHrlzhKMU9xphR5IiSXYTSZWZDnUTNrf1Io3rnC4wQia9W6l2SPmjgYdz_Ee67PTTjIROEAI-DDdYWZROcaMAcsg4k52bnTunQliQc5vNAs2awSNS1T0yQf8mPLudwZvt9WGie6FHRb5VK34HPeVvClh6ia32lk&sig=Cg0ArKJSzOXQLLf5OeQoEAE&id=lidar2&mcvt=1001&p=108,650,358,950&tm=1970.6000003814697&tu=970&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20250324&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3878955300&rst=1742856753040&rpt=1019&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/88.0.4324.190 Safari/537.36
Referer
https://reurl.cc/XqAx30

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 24 Mar 2025 22:52:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
creditcards.com.tw
URL
https://creditcards.com.tw/wp-content/uploads/2020/10/%E5%8F%B0%E7%81%A3-Pay-%E9%AB%98%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1%E6%8E%A8%E8%96%A6%E8%88%87%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E5%84%AA%E6%83%A0%E5%BD%99%E6%95%B4-1080x630.jpg?crop=1
Domain
blog.alphaloan.co
URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Domain
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net
URL
https://32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net/pixel?bd=32fb1b00-1937-4891-8895-10b5fd50d826&t=f3244e&referrer=https%3A%2F%2Freurl.cc%2FXqAx30
Domain
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net
URL
https://32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net/pixel?bd=32fb1b00-1937-4891-8895-10b5fd50d826&t=50ef57&referrer=
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250319&jk=2228132933401317&bg=!PT6lPnHNAAaCZO-FomQ7ADQBe5WfOE_IHHjNOWaeFKn13KsryzPaEri140Hh9GA2y8tBn933iK3kOkxs28BWPUh5gQBgAgAAAFJSAAAABGgBB34ANdCz72xKpFC9zpitlPKkC-bheaK1WJpWhxJ-hsGZgbX0wnE0gP5zR459tHxhxi1e_YT_HnZvCgCs7NbiMGALadFlpKnuh1064sbJtiLHILK-6IAKibQSxJUWVGLnrq-XNuwy05I7YkbtYSQG94yi8ydoSEp1d2eurBGyZRETwKUzP3DeJzMY2FDFrfrt4K1rgPKW3boroC97KDA6G2t2N8x3KZKKLEYsFht9Ot7RDMOZoqpJjopBTNmLSvGhzaFOlznevolMqvwY4tyFKEtAmbrUbNq9zQC63vl858Yv6HVeDhLnFpkCnNRLBa3jpBiEMKgSw9dMBgz7wP1RpEEY_reS4XYANm60NLemMPZGi6Vh4fpdu1ut1ismy9hRDgQneFVSOuYscvVvvQw1hKGfTSl6Rr107xGB6LL-gjozC5CJOn1KE1Q15AD45pKLaOK1_LQPF-BJNfVuZzaMkxVB2rA5xWn15VPtwkWfHcptApR9J5PePaIvePiRdn9OPv2ypCTaH6xDDzbxZgEKEdB2pQdp7WzYaMXP54vWAfQRcdAGYjBMvDS8jv-VPZ7Y0gjsga5nCPEpHYHf1kH-t9qkeoIbmqCdCXvkKKIT31XymUrvR0AzL6Ia94yfjCY5db3Ym6zD7dq_PQseI-GfftJie_ZSOOcZ_cYq7so5c53M_v9QKh5zVwrYLNbvPmWR5i2RAWIpZep-S7vvTYHpXDzGq3IHAj5KyShqMfurHIeR7VEXZKUh163fzfCiFyCrBqFb_FhpwtHLMysvTSTC_hxha8c0kQwoV53_2iFBKXiXeNLzidH5u6IqSqx1030cNkBIIVbssYNNtJ9EG5XCDiZf7GBScs1gguQ0EcO3K7YnXnmrvmh7_soYItMjgFLNCUhsaZY7n3K8qlwzARK2XoIZo4ZVSyGpJMqNgt7R5VqTV235UyCokx36umEv6crvKBLUk5gnkD68ZIXCtjxBbCAf4grIc-aHbWPvR-fU2kFRXdR3WKE6sL6HwVg1ny5ThlV2pxMqwKQDazPEMC9EU2-U-_e2eESJsK9Yi3WAT6AgPSNJz3PaA9dhQkiag5LIvx9_ChbbCFLkBwn47hWBZMXMoAIfapvdkELUHaH1FokdeIAK6U9-dFM8ciD-KRul3TGrs7VXPdqZ2dRCHLvMxboKdFYUVuU3fbohNlFghcAor19X6pEh
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202503180101&jk=3308485111310740&bg=!PzylPHPNAAaCZO-FomQ7ADQBe5WfONIAHMrBcSePkKtvGrdNWONWV-oMXiuAti0VkoldhZSvJcrWAMHbgDpDb2NN9iEwAgAAAE9SAAAABWgBB34ANUiAshI95k9AiHmKwKoRReN7tDDWjm12BmyAFBUhlFlEFAmYYmQoI7GsoIiZI21dPp5V-RXLCgBAgJzP2GMt2x4bbBmKp_5W5FxGrAAubg859hNHNsH04m4GBwkVcQp8CLnUUbkUe-MJBa6dpr1L01o1ghKH-qXn0ZkCza7ZR3L5iZEqbZRCXmraLlLGFb_IE3lBV4WY747nbHzM2QAUJ4Xpmcrr02H6FPKiWYiSihovW-QYFnjrQLiHLtaJhq8jZ_o5JEZ5Q_1EFH3hYlTvcnIoAfuc7LRMCQXm0kHUeDF09EX29rOBFGFyImpfEpu-pplSBuexwCuwZ2PAb_Eh4rPGQkQPiA53hg5g4DyQ-mRAbv45sW204CXxyRrWDdw0hXxiMhKUK96OzDmFBqsn4l2CtJ16tzqFtRQDNJ4F2yRyC-VjhpDLDKo7lsBWnyj4TYQYYvI0lyADpJMwGy2Z1rvUSLA2-qswkDnGphBLsDfWDZ4O5leYhy845tMYgp3_-mITxAqgoRKzM6F1zr0v0h092p2Pe8NDQ4bfozVd0tR3Sm-II2Zu3bXvKL1dp8Qd9cw9R8ffQzMLKqXgNqTUWw8DewBK-ihKPry6OqrGdnb5MbjU-k_aOFflJxrHAqT4t5jUlqj6GQupfYIUlGkKRdLGQA9LSWFn8Kbf-fmoSsrMq3Nu2RJXZGU4BV0ZrrYuNmmDJ2ujcSaQvMl8yR_idkef4C_IcbOfXZxVGgQ7VHjHaifqN7GcsmhFkONP-iCEwIkL4F2r7r395ReGpHhIWmC76bYnlwXYrd4-6kq_x3sRkRABJm7U1BDoG91L40lxFra75cgUDg5WT0EfGF5AlwUfgcqybXjhN7Z0xdDXhRmjDM4z3OikogShehWxVl0mzKV1DBTjHrEK5PMdsz_Zf8z2Gj03jn_Xmxj7C_Z0bMR8jv8Yfe6Dz4P2VxbVfT9p0PrI8E6P97KIMUjRVebxQylge4ABDVpeVyZd8xtMmFLz_RLj9HxpM5RL2psk5jNgRMz5WsjN1WTJZHNuyYk-Yx6xndVVukjO-0kwACJU325IMpVxkRmLd4l3nJB9a10QM1WqgAKBKfIBLeSTeW3AoiQOe0QkyMV6CQ
Domain
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net
URL
https://32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net/pixel?bd=32fb1b00-1937-4891-8895-10b5fd50d826&t=50ef57&referrer=
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202503180101&jk=1215606435950452&bg=!ammlaSbNAAaCZO-FomQ7ADQBe5WfOOfJk8JX2BtPKputBB1nrZ7AWTZSSbSc1Vryi7Db8Qg7HjuzxuH6qC9syGKnLu_NAgAAAFlSAAAABmgBB34ANcs5yaeGEiwmFwwgpX27bywsje1GkYAJikSqoV68A0PGnQPunuudAB3ieX-OjTDggaT4YnWPmQLHYXDNeojI_asbISi8mRWFulxw3V5WFr8EuSKNk4oAQbbYOxnYbZtb5ClrDvOHZ-e5tDKjU-KHnpZ9dkilzzZ_BvZEMAokNtG1hC_8mio0Gg4uRfT4eGe3-z9fJgGXuq7uelY0RO86gCOXhoHlTc_5zMT56vjzJBPsw63dAa7u-OEejqHHkihmYCScs4goir2jYbIHqJCtg_WqoD8HSalINyZaTUEwkhrBTFx050cLO2t0whaVgSpGyE0RUGAYM4l-_Hd8SjIVQVrKUs8WCToLStUN6mP21__YWDF4OVevlqCstJMCjX4Ne_AJ0_SLuC_eQE3s3U8_XxWABNqlgJKUYq4AlvCRKNAB2f-fhZcQA4in5O8R8qT9NEeshuuNEQi9FJTostOmYFxtylK3GO55SIY7bvhU6TLLB8lJYulAnkIgtvZT_SbkHzCBSXZb8NQl09O4p4f2iqkm2574vB655_qty9m2cew79a_dCIH5pj5mA8WMEhrCFMUXMCEUjX63oBXI7jh-drhU-dmO0oEcCulXT3QAUgJ8cJWcz3nCS26CEr5l-BrzGjtAIMggaoOnzo4MHJwBCfgSeZkRCSEIny6IJSeJcgUyNf0nYClcjP8B0ZG3N-p3yqyd2-iIVAo5HZjnSlExUpClQ7Jfno3JNZG923iM4s0EfM3-fDhuP4sJ_IKDnRqle8DaB8F37LEualwkF4bgYBBOcboGpQEaD3vWpNl1ZPjJYrmzoESwgtFbUWvtwdWvuK8aa2Pl0Iq3uYnl4L6zRqzB3BCufuSgtjoEGzSaeau7xJODEBHY0gJaB9vbbQn-UHX887eoAxxplEe-wDHpjt7MwfOmAhFhYDdR8YWd3wAcFsjggESTbFwZ9mgCL-RBxfgIAvcTYnNj7Tx_Lerhm8yT-DdpICSrfks5IH518X26Zw1-krCY4im_ogWhWKBy
Domain
t.ssp.hinet.net
URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy&mp=2631dc94-7650-4c53-899f-3f4144a09e75
Domain
2631dc94-7650-4c53-899f-3f4144a09e75.t.ssp.hinet.net
URL
https://2631dc94-7650-4c53-899f-3f4144a09e75.t.ssp.hinet.net/pixel?bd=2631dc94-7650-4c53-899f-3f4144a09e75&t=50ef57&referrer=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| gtag object| dataLayer object| gnshbrequest object| googletag function| custom_call_ND object| ONEAD_TEXT object| ONEAD_text_pubs function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga function| ONEAD_text_response object| ONEAD_TEXT_INFO function| ONEAD_text_response_2rcgv function| text_etag_callback_2rcgv function| custom_call_MIR object| _ONEAD object| ONEAD_pubs function| Vue object| renews function| getRenewsFeeds boolean| gn_wrapper_executed object| gn_wrapper_queue object| gnpb string| gn_pvid string| gn_native_template object| __gn_config boolean| gnslibincluded boolean| __gnpb_analytics number| __gn_prebid_sampling_rate number| gn_aladdin_vendor_id number| gn_beacon_rate object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| app object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| google_reactive_ads_global_state object| YJ_YADS function| getGnshbrequestSlots object| gecptparams object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTk3NmUzMjkyZTQyZjBlNWxvYWRlcl9qcw== string| YTk3NmUzMjkyZTQyZjBlNWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id object| YAHOO function| YadsTimelineManager function| yadsTimelinePoolAds object| YJ_UADF function| gAdController function| yadsDispatchDeliverProduct function| yadsRenderAd_v2 object| yadsInnerFuncs function| yadsRequestAsync object| regeneratorRuntime object| ox_esp object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 boolean| google_empty_script_included boolean| 5c764a60-c23c-403f-b285-f960bfd4c18a boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_ad_modifications number| google_global_correlator object| google_prev_clients

47 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _gid
Value: GA1.2.1434124153.1742856748
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _fbp
Value: fb.1.1742856748440.731211981565462824
.reurl.cc/ Name: _ga
Value: GA1.1.1468600448.1742856748
.reurl.cc/ Name: _ga_ZDFZCDVDK1
Value: GS1.1.1742856748.1.0.1742856748.0.0.0
onead.onevision.com.tw/ Name: onevision_guid
Value: a9753e42-0902-11f0-a254-0242ac120002
onead.onevision.com.tw/ Name: oid
Value: a9753e3b-0902-11f0-a254-0242ac120002
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1742856748.1.0.1742856748.60.0.0
reurl.cc/ Name: oid
Value: %257B%2522oid%2522%253A%2522a9753e42-0902-11f0-a254-0242ac120002%2522%252C%2522ts%2522%253A-62135596800%252C%2522v%2522%253A%252220201117%2522%257D
.prnasia.com/ Name: __cf_bm
Value: YKqIhJrkY9lH_gNtnxDtKCUzeoI66LMebCsoj23zLa0-1742856749-1.0.1.1-Wfh1je.mMDrh3Z_LwM50t3Ez0PLyFHo4CQKlOuNtCs18wCinJuMySi6jY8h8.D4mF.nf7ozOMvEEwW4y2HycjBI8mY_hbI2rCyucFCy1PjE
.adsrvr.org/ Name: TDID
Value: 5c44cf5a-c4c0-409e-bef2-a927afbea5d0
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiM-rqSqcz1PRAFOAE.
.eyeota.net/ Name: mako_uid
Value: 195ca5b8313-26110000010a50a2
.eyeota.net/ Name: SERVERID
Value: 20642~DM
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: bda557552ccc98991161318a602412a
.yahoo.com/ Name: A3
Value: d=AQABBC3i4WcCEMxYTaZDcRFM5EOVfADw084FEgEBAQEz42frZ9wr0iMA_eMAAA&S=AQAAApQkGxqz44F9MRkDNpkc1jc
.doubleclick.net/ Name: IDE
Value: AHWqTUmVUDTZr2hDI2_I6weOKb1axAbeSKiv0pHgwGoLheiRyDXHf8gzdOYFGXxGafU
.reurl.cc/ Name: __gads
Value: ID=822c81110b26fdfe:T=1742856749:RT=1742856749:S=ALNI_MZ81k4P6W8IJ9NlFHIJG0_naa0TLA
.reurl.cc/ Name: __gpi
Value: UID=00001000ed6f9cef:T=1742856749:RT=1742856749:S=ALNI_MadaIT3g3bKj-Nlg8DU9xcMkLXSJw
.reurl.cc/ Name: __eoi
Value: ID=88283767ebc8a1e4:T=1742856749:RT=1742856749:S=AA-AfjYiOiQ2g76rmOCrcMx7cTHX
.analytics.yahoo.com/ Name: IDSYNC
Value: 19d3~2o8m
.criteo.com/ Name: uid
Value: c3e1010c-4a4c-4f3f-af56-325d83364b94
.reurl.cc/ Name: FCNEC
Value: %5B%5B%22AKsRol-e2kWS1vMSvjun17YJ1C5zUMnSkQ2PQD5TySHyxNFA2hq1BFC-8QrrL1ZgFXAOmQgrrg8ZeNMPgYMD3w9-17gphmnkElOpYWqXtTgQcsocT7-yDFt1rLEL3d6KhLtjtGTf5TcoA4bnXfk2I6l6ikzhCvG1nw%3D%3D%22%5D%5D
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.reurl.cc/ Name: _ss_pp_id
Value: 25284a794658e4d81ae1742892751270
.reurl.cc/ Name: _td
Value: 6bb4071b-8523-4c2b-a5c6-26df6fb3bdb2
.holmesmind.com/ Name: Vision
Value: 20250325-23:59,20250325-09,20250325-09,20250325-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: CFFPCKUUID
Value: 547-MqVw0ixHJzMoaXpYViJuom9Ol9v1El3Q
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 560-vQB4nJtDvea7vfVCiW2fZVaVOOFMpRRy
.reurl.cc/ Name: FPUUID
Value: 0560-b0402c918abb74a472c702ef00e2a1ce
.holmesmind.com/ Name: P
Value: 906962-KTaiciaGubB4DZ3NFZCGg1SXMsddKPWe
.popin.cc/ Name: uid
Value: 25284a794658e4d81ae1742892751270
.holmesmind.com/ Name: fcm
Value: 1
.reurl.cc/ Name: _tg_csi
Value: 1
.lndata.com/ Name: admckid
Value: 2503250652321207356
.reurl.cc/ Name: _ht_em
Value: 1
track.91app.io/ Name: deviceid
Value: e08dfb74-8587-4d02-a081-85ec77b7f79d
.reurl.cc/ Name: _ht_f3244e
Value: 1
.reurl.cc/ Name: _ht_50ef57
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.hinet.net/ Name: uuid
Value: 2631dc94-7650-4c53-899f-3f4144a09e75
.reurl.cc/ Name: _ht_hi
Value: 1
.reurl.cc/ Name: __htid
Value: 2631dc94-7650-4c53-899f-3f4144a09e75

2 Console Messages

Source Level URL
Text
rendering warning URL: https://reurl.cc/XqAx30(Line 76)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F05200242B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2631dc94-7650-4c53-899f-3f4144a09e75.t.ssp.hinet.net
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net
5fa805c3a361b91ca2fbc7e539aa4ad0.safeframe.googlesyndication.com
ad-specs.guoshipartners.com
ad.holmesmind.com
ad.tagtoo.co
ad2.apx.appier.net
adx.holmesmind.com
analytics.google.com
api.popin.cc
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c352bfd00f479b20a7eddb69bb12a57f.safeframe.googlesyndication.com
cdn-ima.33across.com
cdn.holmesmind.com
cdn.jsdelivr.net
cms.analytics.yahoo.com
connect.facebook.net
cpt.geniee.jp
creditcards.com.tw
ecs.tagtoo.co
ep1.adtrafficquality.google
ep2.adtrafficquality.google
f1874c75e8614ef276d61a2a1301b50d.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
log.popin.cc
match.adsrvr.org
mma.prnasia.com
oa.openxcdn.net
onead.onevision.com.tw
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
ps.eyeota.net
r.popin.cc
re-news.tw
reurl.cc
s.w.org
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
stats.g.doubleclick.net
storage.reurl.cc
t.ssp.hinet.net
td.doubleclick.net
trc.taboola.com
tw.popin.cc
uec.tagtoo.co
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
yads.c.yimg.jp
2631dc94-7650-4c53-899f-3f4144a09e75.t.ssp.hinet.net
32fb1b00-1937-4891-8895-10b5fd50d826.t.ssp.hinet.net
blog.alphaloan.co
creditcards.com.tw
ep1.adtrafficquality.google
securepubads.g.doubleclick.net
t.ssp.hinet.net
103.1.220.9
103.132.192.30
104.18.29.101
107.178.241.176
119.63.193.220
119.63.198.143
119.63.198.188
119.63.198.189
142.251.16.132
142.251.16.157
142.251.163.154
142.251.167.102
142.251.167.147
157.240.229.1
168.95.246.4
172.105.213.147
172.253.122.132
172.253.122.139
172.253.62.157
172.67.150.31
183.79.249.124
192.0.77.48
2001:4860:4802:32::181
2001:4998:60:807::1
203.137.133.154
203.75.214.136
210.59.219.34
2600:9000:269f:1200:0:e06c:e940:93a1
2600:9000:269f:ba00:1e:5c56:d400:93a1
2600:9000:269f:c400:0:e06c:e940:93a1
2606:4700::6812:60e1
2606:4700::6812:ba1f
2607:f8b0:4004:c06::9a
2607:f8b0:4004:c07::9d
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c0b::9b
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1d::8b
2620:100:a00b::12
2620:100:a00b::30
2620:100:a00b::5
2a04:4e42:400::300
31.13.66.35
34.102.146.192
34.102.218.41
34.107.150.21
34.111.12.34
34.149.98.30
34.160.26.175
34.202.71.45
34.96.70.87
35.185.130.121
35.190.36.98
52.223.40.198
52.54.69.117
54.178.103.138
64.233.180.132
64.233.180.155
64.233.180.156
01376fdb9cd0dba8e0a693f71b3d0b75ce10d1d55e3e0bde75acc423960a85ec
039e147a3d5e4b0857c0230686525f58ab3b688ea092c8d963be13ac1ae0bc19
0614ad45d47a5da6d9880c2e175c88526cd223c16d2121e48bab3a9e1121f55d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c310205ab2dbf30ae9b8a24ee1359f493e1bf5c982c124e42af22b759ac07ce
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
11f4ef5aeb1eff58cb9b60be8c4af199bb344e58afef91ee6ad8d3cff444e377
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1bf41ca1364230ce3a9cbbac1110ff4d7d287a9f978fa74297aa30117c4da9c0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22743d9dc93a38d7096ec7c9a02146da7a721ada15192d87e81d78ff53cb2f2a
24c55f7fd45388e8a6c4fb7fc8bdae53992181227bb8f77f1d4dc04be9f15556
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840
2e5f5cb912c0619933ea6c3ad8ac1466a005f792e3338d96a8432d144c63520f
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
3402df1af7b8665c51ac7e2d4fed5dc6cac147d61966672d9cf32a34acafedfe
35adab997afb8e674c98dca1639696be4d2b8b5520bbc93f3046bde97cd2157f
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
395afb1491e62cb0666325882b2d9ffd6258f76bc2da4f8c163e0b484d82927e
3df3e9a13132631718a2843cf49fff08f798133b4e6957562e31d48e42a0078b
43a71fb6e8f61126f7dfb3fe8a1a01eba8cfbff5cd7d681bba0e62f64ad924c7
46e977bd2e693545c10424af0ca8ae2061ce096d8e5658d997fa9ca60471e26d
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52ca9d6996ed5bdc1cfafda56a1305e9b2228f958230ed4c815804df73772289
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63ca82ea17a3e4c4c6acf635f8e8f76298def9f63711f1ca4cb1a98c15ecabdd
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6690e3c30b0eededab18045eb475d854615ca6c2205a1ee112762ea1d1625484
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
6fab1d998b80e7bfeddb27df96e02ce1e8e1cafb28a2eeadde5b4165542898db
715b95ed3f6c3d42f33b9cb1616430ae403a6d65d3f3034b0c4415bac2d820b6
72223c20f8ad08445b32a2b4843a0f04fe33cee40811ade04b21598cf67fbea3
724bf9b6cead6b42a8435c2dd63959f95a2868fc29d0c19f44b7f26c83a18cdd
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
76e0fe9b59aa81409567a77b7f5cfaebcbe6d1a5586d4979c5a83a327f68d517
7eb8a27626378cb6e9717bb2cc1212209cd9e152c362990ec00655672e556e2f
80279f6baf172b794e35da391ac30711c57a3276abda4280d170920df9cca9b1
81777c329a6e482da1883206cc200dd667279066548a9cc1dda9de5b650ed3fc
81f73bb5f47a5466e291c670ef793588146ec4aaccf0831b7d184db4ce5fc221
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851c3da53f870dab9f8fd365f8eb9af27af956d79a96f89f412f8baa5b7b1624
86aafe206a1c24c8f705043765700322e0fc2e1871484ab8ab44ddde12a3472a
8728942e3844ccdac2a4e36416ce632b1abcd020ab95be929ba19155056bc0cc
8a1aed4790654d92cf46a11a5c90b6798f81835cad3b427b26040ceb3fba7d7e
8a1e91b5fb20d6feac2bb822a8d0b2bf6e28d86b6e3a126cb2a4f6bca96defaa
8aad7f034c2e39ee145189b327d6b1df64240486e08c7eba41d399e7e72797a6
8c360d1229dd665ac530acb7ef15e85cde3cedc5334a44f5d6dc0bba3e6665ef
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
91cb9c957e2a074b32b3b9edf1d0c7272281c6be2e4ff03574c5b2cd41800959
95634eb651772e9ecc489c8a2e12cccb71cd06089ae3f03f8dab3654ce669c8c
9c678d4c12744f267ddc4d7fc762597e395fe95d25cbcb2a2a12a5830ea3a7cf
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
9e03f11546b4c757a1fc84cd970014dbad3257e17069706b49717f172fb6b132
a471e9901a1971743ef905770e5de060e24ea0e085dde04096f5adf8182bf67f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6c5af2d5c532a14b5aa51656c9d5e8be329b1424ec1df2947ad2de309622448
b91ee463bc679d15657ebbd5be77babc22f0797d2944262a66f2555b86db6192
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bc73ed340ef20534b613afea9bd95f199a55b77beab7c472e92ad92b4e39a1aa
c0f2d20ff36ba8e3c35a04646221244075f59ef0d084c89a2984a15b5ae60ac0
c26d764cea67a8dc738942c17e31d677fa8363bb4656bf1cb4b42b02e5961f2b
c280d38004a82811e8659f68bbd6dc8dde7f7c6a95d3172d7ddec4acf8c96d6f
c3edfc4148a9c1d34e410db1a5d73369e751e2c450fd5384123a93cdbad390d8
c7f80f0b3292941c2fb425a84922eed64d135712c8cad3698a8e07a655b089fe
c80136a03038c067ac796ebdd918ec9895a37cf758d6c56da2acff6862defdab
c8e9318c3c4d4267ff19a29ff8e36700e7e2b9de1dc992191a6e7157c4b97924
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cd0db2d68f6fb00e1197e823f47e1f53aa2aa2ae85228a5e5d04a4a863629cc1
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d7ce6fe7bdb65d520a9a69380017f26f1f37187d8694aa8a80897f3cb69c46f5
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb4603c036d491f57a33705e6460d6b165cd0d3ec3aaa692409ccb3b6a4d10c
e01eedfa9116f146121b64d2d27e097717f100e6743a04133ab19ca21043f0f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a4ac9e3544a899db56271a02e57b354c525ae67b231c12a0c2c05898898405
e7e4fb9b3b1239835abc60fd16d2e64da36bfa919b8e81f11eea442c2bbf05f2
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ed1353670cbe52a301571e6717fab543726f43f7bed2edd0ffca2e74f6a1d8bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effb1e81657d32209892d95ae4da584ac7fc28b8a2d8832e4126717f9c4bdbfc
f3b9da8c40e7410be0836fdab21966590ba380827a9438a99096d06ce1d2e603
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f5580160021f286a1ac6628dc927533430d93c8ce6ced8df39b7b876e34b32ac
fa88704a10c7c637bbd6ce24e92286118bb54435daa4b9890531701c25120fec
fea149271413ec26098fac7325d4c8b208ffdd262da5ad7e4c93a11c0571b25d
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99