reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

URL: https://onlyfans.com/641902036/shizucosplay
Title: 是，保持前往

URL: https://re-news.tw/prnasia/4229890_XG29890_2

URL: https://re-news.tw/golike/21475

URL: https://re-news.tw/racingcharger/43863

URL: https://re-news.tw/gbyhn/51698

URL: https://re-news.tw/creditcard/280576

URL: https://re-news.tw/zocha/6503bcc65a561035e1af68ef

URL: https://re-news.tw/alphaloan/20451

URL: https://re-news.tw/rayskyinvest/98223

URL: https://re-news.tw/renews/151

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

URL: https://youtils.cc/geoip
Title: IP查詢

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

URL: https://youtils.cc/qrcode
Title: QRCode

URL: https://youtils.cc/length
Title: 身高/長度換算

URL: https://www.comptw.com/
Title: 台灣公司查詢網

URL: https://stockinfo.tw/
Title: 台股資訊網

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

URL: https://youtils.cc/utm
Title: UTM網址

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/c9xmKrJo2H Page URL
https://reurl.cc/zY14YV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FzY14YV&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FzY14YV&rid=esp&cc=1

Request Chain 37

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8762400542692224976

Request Chain 38

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=cdb86662-a2dd-c1e9-1a19-15c8b609658d HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=cdb86662-a2dd-c1e9-1a19-15c8b609658d&dcc=t

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk&google_tc=

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1&C=1

Request Chain 55

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSAseZljb4vffzPEM1WUbAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEFkQbJ34l0mFVzk_MsAsj4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFkQbJ34l0mFVzk_MsAsj4%26google_cver%3D1

Request Chain 57

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNDAyMzAyMTYyNjkzODY4NA%3D%3D

Request Chain 66

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 77

https://hal900010.redintelligence.net/request.php?zone=4o0txixm01eg&nw=20&renderingType=javascript&namespace=d27f1f6733&subid=&uid=a95c0bc6e23691dc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdEY1eCwgZbCiDb-v1fAP-bGT-AyV8NqfaY7NnNG_D_AuEAEg0syBGmD9gpGE6BHIAQmpAgiHxTO1tLE-qAMByAObBKoEkgJP0Fw8H6uyo_2E3EqdM2clMqL6QUT4OGmZpU1HEJ_UZPHvTS3dkuVgMaOXvgMfu0F2Zbfqa-GM-6VcQGVewXCZxkIIH8_N3_d86HCK01k2ArCRbGbaGRe5shIoVmUmkFyMvO13oMCZWR-TKf557OmdbaB8acPoBuDNDWLYa6Jc7ys_DW6TNRd_GU9jzn_xDlvvH1_bQXebk2g0G7uuhqYUy0TAxJgXaIagN6Wj5QJQtDL4S8cGOPMlpyf3oGjxVKYJ1eMi3ZJ7mcadisromGcQeSqaW6yfKzjTa2bXKd-VJSsy2H5J3ZbE2gbbCGj5Sft3K965QFVBQMFXy2vI1IEAA9pdcMzL501I43Ha_OZXYpU-wASm3q_V-QPgBAOIBcT04f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CSVTIDQHiDRMIrtmz9OLhgQMVv1cVCB352ATPsBPTz80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsL619OLhgQMVv1cVCB352ATPEAEYASAAEgI7MvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB%26sig%3DAOD64_0Rm2y9t5lyT7k9ZZGqncYcDE9LLw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D-10ikC_NrTS_5bkvIkUtP9XsR9nC-1PgYvD_ueaL58Dh5U3RSjWzUUckiRbET33h1y8e_eTLArcJHAqyi04lNGpuXHtjWjL4otVNkDaJ3FgNDqmtLDKioYxKRraki5nGg-iWI7HTy8BUI9sDjYZyuuEIbzRAYnv96cEMD_lhcKGx9XG4%26cry%3D1%26dbm_d%3DAKAmf-CVsy_T8HvFpmlEvmGW7kaet0TjVtCKZVWB8a4M238Am1U3hsU6tc9tYhcX-g1SGS7iaLC3cTkXbVVu6dTnTYdp2vIGv6hFjQ9j9hMFjDLmcyVb5cQYGilFKEsVlguJ9xut7VA113xvv1HWCn4FpwsnFRBgHfXzqUlBY8yK6kjD7toDgv1Yo19YD5oVlMYZHXGV2Cnwoc4Zz8ynLkLql0rota_3IvaPctLs8X9QCLO2pqFoQfjVY8zAXGSCPqNNTD5at4Np4eguEvKg1X0aZYAXg5tdLP2MkxVcRauKIazVMliIH1HSFYy6knZClolWX6vU82d1LkeiKu2VafKp1AdfaIwojDd1JEUWDfOByNLR4SqypKadmJqy9LBuTkPwP80T8x8i_eeN_cJIa7EtIy3udYZkvUQhBUcRMDBm7bCEXF_h4av-akVypreAog-JaMcbo4eA7P_aS33cDWvecg_QnFIkfwuKYD-OWjZJPFKm9UjZGQvNfaxidAQlT49a961FPNca4ugN47RmAhslCbZ-uM978c7DB-lphZXCDs_xqBnTfhg%26adurl%3D&documentReferer=https%3A%2F%2Freurl.cc%2F&ancestorOrigins=https%3A%2F%2Freurl.cc&random=3566562286540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900010.redintelligence.net/request.php?zone=4o0txixm01eg&nw=20&renderingType=javascript&namespace=d27f1f6733&subid=&uid=a95c0bc6e23691dc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdEY1eCwgZbCiDb-v1fAP-bGT-AyV8NqfaY7NnNG_D_AuEAEg0syBGmD9gpGE6BHIAQmpAgiHxTO1tLE-qAMByAObBKoEkgJP0Fw8H6uyo_2E3EqdM2clMqL6QUT4OGmZpU1HEJ_UZPHvTS3dkuVgMaOXvgMfu0F2Zbfqa-GM-6VcQGVewXCZxkIIH8_N3_d86HCK01k2ArCRbGbaGRe5shIoVmUmkFyMvO13oMCZWR-TKf557OmdbaB8acPoBuDNDWLYa6Jc7ys_DW6TNRd_GU9jzn_xDlvvH1_bQXebk2g0G7uuhqYUy0TAxJgXaIagN6Wj5QJQtDL4S8cGOPMlpyf3oGjxVKYJ1eMi3ZJ7mcadisromGcQeSqaW6yfKzjTa2bXKd-VJSsy2H5J3ZbE2gbbCGj5Sft3K965QFVBQMFXy2vI1IEAA9pdcMzL501I43Ha_OZXYpU-wASm3q_V-QPgBAOIBcT04f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CSVTIDQHiDRMIrtmz9OLhgQMVv1cVCB352ATPsBPTz80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsL619OLhgQMVv1cVCB352ATPEAEYASAAEgI7MvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB%26sig%3DAOD64_0Rm2y9t5lyT7k9ZZGqncYcDE9LLw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D-10ikC_NrTS_5bkvIkUtP9XsR9nC-1PgYvD_ueaL58Dh5U3RSjWzUUckiRbET33h1y8e_eTLArcJHAqyi04lNGpuXHtjWjL4otVNkDaJ3FgNDqmtLDKioYxKRraki5nGg-iWI7HTy8BUI9sDjYZyuuEIbzRAYnv96cEMD_lhcKGx9XG4%26cry%3D1%26dbm_d%3DAKAmf-CVsy_T8HvFpmlEvmGW7kaet0TjVtCKZVWB8a4M238Am1U3hsU6tc9tYhcX-g1SGS7iaLC3cTkXbVVu6dTnTYdp2vIGv6hFjQ9j9hMFjDLmcyVb5cQYGilFKEsVlguJ9xut7VA113xvv1HWCn4FpwsnFRBgHfXzqUlBY8yK6kjD7toDgv1Yo19YD5oVlMYZHXGV2Cnwoc4Zz8ynLkLql0rota_3IvaPctLs8X9QCLO2pqFoQfjVY8zAXGSCPqNNTD5at4Np4eguEvKg1X0aZYAXg5tdLP2MkxVcRauKIazVMliIH1HSFYy6knZClolWX6vU82d1LkeiKu2VafKp1AdfaIwojDd1JEUWDfOByNLR4SqypKadmJqy9LBuTkPwP80T8x8i_eeN_cJIa7EtIy3udYZkvUQhBUcRMDBm7bCEXF_h4av-akVypreAog-JaMcbo4eA7P_aS33cDWvecg_QnFIkfwuKYD-OWjZJPFKm9UjZGQvNfaxidAQlT49a961FPNca4ugN47RmAhslCbZ-uM978c7DB-lphZXCDs_xqBnTfhg%26adurl%3D&documentReferer=https%3A%2F%2Freurl.cc%2F&ancestorOrigins=https%3A%2F%2Freurl.cc&random=3566562286540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 98

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=isM5v8vMDGGkAr26eywgZQ

Request Chain 99

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=r-HLMHN3AMOmUANaeywgZQ

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1

Request Chain 123

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEEMBjqUtMgEOcFTtJN1gq2Y&google_cver=1

270 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 c9xmKrJo2H
t.co/ 224 B
547 B 203ms
136ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/c9xmKrJo2H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 175
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 15:49:10 GMT
expires: Fri, 06 Oct 2023 15:54:10 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 4ae6daa5acfd5924528b087b165fa352d40cde1ca65be600d614ff25f236f977
x-response-time: 110
x-transaction-id: 4c3e5bea5138e78b
x-xss-protection: 0

GET
H2 200 Primary Request zY14YV Show response
reurl.cc/ 10 KB
3 KB 660ms
219ms Document
text/html 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/zY14YV
Requested by: Host: t.co
URL: https://t.co/c9xmKrJo2H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7b8ced7d2bd8d5b078c03dec1e1ce3d25bf7aedb64a36bf54e66985aed91e7ef

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 15:49:11 GMT
server: nginx/1.18.0 (Ubuntu)
target: https://onlyfans.com/641902036/shizucosplay
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 67ms
32ms Stylesheet
text/css 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8560332
x-jsd-version: 4.3.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230028-FRA, cache-yyz4543-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaNs%2Blmare1fgsWfQMDwZ5dBN6x1GqnLfLjm4pHXshzwkpbd1oDx721YI0zPbEibVBrvhwyzPFoXnKjrvj8mzLlAhtTf7cTw7wqvoYrwNAMCKZnmYmtpJYM0w1Y0C3VxE%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811f0d8b5ff0ba8c-MXP

GET
H2 200 style.css
reurl.cc/stylesheets/rwd/ 2 KB
1 KB 217ms
216ms Stylesheet
text/css 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/zY14YV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:11 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63356adf-9f6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Sat, 05 Oct 2024 15:49:11 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 164 KB
39 KB 187ms
18ms Script
application/javascript 151.101.129.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

469d4d0f83b5f36bbf22241eff44e58a8a1c54ed9e64f246fab82c8f9a19e8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Thu, 05 Oct 2023 22:06:54 GMT
date: Fri, 06 Oct 2023 15:49:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 63737
x-guploader-uploadid: ADPycdunY8wgJiv3tRS9egAge4NbWP6rbC1esdaGFCLY0doi29-HX0h6tdoEtUtJ62U3S_UGxOQ
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39127
x-served-by: cache-tyo11954-TYO, cache-mxp6952-MXP
last-modified: Tue, 15 Aug 2023 07:32:57 GMT
server: UploadServer
x-timer: S1696607352.706324,VS0,VE2
etag: "a251cd6d6d1d7b8a30fd3b078f2341e2"
vary: Accept-Encoding
x-goog-generation: 1692084777439942
x-goog-hash: crc32c=nyYt0Q==, md5=olHNbW0de4ow/TsHjyNB4g==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 39127
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 978, 1

GET
H2 200 pixel.js Show response
storage.reurl.cc/javascripts/ 429 B
411 B 136ms
91ms Script
application/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:08:21 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 9650
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327

GET
H2 200 view.js Show response
storage.reurl.cc/javascripts/ 355 B
478 B 63ms
18ms Script
application/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/view.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: fad41bf43b95675bd3f74f2194dcd5efc947245f44f7cf2437b22724fd41159f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 10:10:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 28 Sep 2023 09:16:51 GMT
age: 20351
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ 5 KB
3 KB 1431ms
410ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 06 Oct 2023 15:59:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 98ms
35ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3adf67d15e238c2385cf5cca5c286a900b7b2fa95a97b0a13891f371d4240848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 15:49:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 197ms
123ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bda1f764e97c4f6996d3c8a59db3ffc0b85ce2932ee8307e6f6c89ee56923e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29886
x-xss-protection: 0
server: cafe
etag: 300 / 19636 / m202310030101 / config-hash: 7682450070620400040
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 15:49:11 GMT

GET
H2 200 yj8984_300x250_3.gif
storage.reurl.cc/images/ 47 KB
48 KB 310ms
308ms Image
image/gif 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.reurl.cc/images/yj8984_300x250_3.gif
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 7253fdad78f69ffff8deba1a234a48973a5cf65ee29a3a00ed9383c98a5eba49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:11 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 20 Sep 2023 16:07:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-type: image/gif; charset=UTF-8

GET
H2 200 ad-serv.min.js Show response
ad-specs.guoshipartners.com/static/js/ 34 KB
12 KB 2759ms
680ms Script
application/javascript 168.95.245.1
CHTCDN Data Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 168.95.245.1 Palo Alto, United States, ASN131660 (CHTCDN Data Communication Business Group, TW),
Reverse DNS: 168-95-245-1.hinet-ip.hinet.net
Software: HiNetCDN/2307 / OneAD
Resource Hash: c9e9d5b19899e1018121f703ad5043e97eda27ef35660231276b073a75df5a35

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
via: 1.1 google
content-encoding: br
age: 0
x-powered-by: OneAD
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified: Tue, 26 Sep 2023 07:30:46 GMT
server: HiNetCDN/2307
etag: W/"651288a6-8933"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 121041352
cache-control: public, max-age=360
access-control-allow-credentials: true

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
32 KB 28ms
27ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19552293
x-jsd-version: 2.5.16
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230020-FRA, cache-yyz4542-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LIRLzMhYEiE2oAKBS5U%2FBtJfR9BNlvyeOHuLcyRQaFcuh%2BZR7Hovy3iYwdUHvwwIS0SywgRuDqLloQ2jpxNmfCstENsgFYm8gKd4EQ4bnNSjIgHci6wcB2bNd7YSn77d7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811f0d8c792bba8c-MXP

GET
H2 200 renews.js Show response
storage.reurl.cc/javascripts/ 412 B
351 B 46ms
42ms Script
application/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:07:11 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 9720
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291

GET
H2 200 loading.js Show response
storage.reurl.cc/javascripts/ 134 B
201 B 102ms
99ms Script
application/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 08:03:59 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 27912
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139

GET
H2 200 ga2.js Show response
storage.reurl.cc/javascripts/ 536 B
416 B 22ms
19ms Script
application/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 08:25:50 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 26601
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=28800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 354

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 95ms
30ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

server-13-32-99-33.fra60.r.cloudfront.net

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 15:49:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: CCrIbEje+WVh3gZu5vGhHcZH8ESOcJaYceqPeyab+AG4c0odeBGGTjsCK+Xzc8DMyleP23rUZBTdD1brAa9omw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v3 Show response
openfpcdn.io/fingerprintjs/ 33 KB
14 KB 118ms
36ms Script
text/javascript 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://openfpcdn.io/fingerprintjs/v3

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/view.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://reurl.cc
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 13:07:21 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 9710
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"hurxpFJ1hzJm8rhSSUCMgpelT2E"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=586076, s-maxage=10791
x-amz-cf-id: CxR_-di7HDbGUCXv9coXAvWZYOHZ7dBdf-iz_5dUgIsgE0dzntWaqQ==

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 123 KB
33 KB 30ms
29ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.132&r=stable&domain=reurl.cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6cff45c859b40f9265e336b22c179a5792c141eba75034da459dba0e73702b3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 15:49:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33228
x-xss-protection: 0
pragma: public
x-fb-debug: GclzxJUkEYnOnghsseCvIIoKTMMSdCAL9iNwq+hOUdUhQKMB0EZvB9McppumxTxV0BFaZue/P3tdG8DADH2+rw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
240 B 85ms
34ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3a40&_p=264347633&_gaz=1&cid=301216938.1696607352&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696607352&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FzY14YV&dr=https%3A%2F%2Ft.co%2F&dt=OnlyFans&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
240 B 108ms
35ms Ping
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=301216938.1696607352&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
408 B 124ms
63ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=301216938.1696607352&gtm=45je3a40&aip=1&z=112135729

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 26ms
25ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 11:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15921
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 05 Oct 2024 11:23:51 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 86ms
26ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=https%3A%2F%2Ft.co&if=false&ts=1696607352056&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=28&fbp=fb.1.1696607352053.741098063&cs_est=true&pm=1&hrl=d4b5c3&ler=other&it=1696607351966&coo=false&cs_cc=1&exp=a1&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 06 Oct 2023 15:49:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 count Show response
f.reurl.cc/v1/ 0
158 B 216ms
215ms XHR
text/plain 35.194.205.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.reurl.cc/v1/count
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/view.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.194.205.218 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.205.194.35.bc.googleusercontent.com
Software: nginx/1.25.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 06 Oct 2023 15:49:12 GMT
server: nginx/1.25.2
access-control-allow-headers: Content-Type, User-Agent
content-length: 0
access-control-allow-methods: POST, OPTIONS

OPTIONS
H2 200 count
f.reurl.cc/v1/ Frame 0
0 658ms
220ms Preflight 35.194.205.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.reurl.cc/v1/count
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.194.205.218 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.205.194.35.bc.googleusercontent.com
Software: nginx/1.25.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://reurl.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, User-Agent
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://reurl.cc
content-length: 0
date: Fri, 06 Oct 2023 15:49:12 GMT
server: nginx/1.25.2

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
14 KB 113ms
41ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-ab99"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 15:49:12 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 14 KB
5 KB 83ms
24ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 17:20:48 GMT
server: cloudflare
age: 338075
etag: W/"650886f0-39ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 811f0d8f5aa30e17-MXP
expires: Mon, 09 Oct 2023 15:49:12 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 59ms
17ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 03:56:33 GMT
content-encoding: gzip
age: 993159
x-guploader-uploadid: ADPycdtOg7H8DhblNBOWH6xhaEXUrt9FoNcFQ8vIPRoEJefA-_MjrZrGvswxp2RgJS4BlfjgSGqGFenXgWbP_u6DFX38ByZBh8AI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 24 Sep 2024 03:56:33 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 87ms
42ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 6a39fa8a4b695aa7305f582408c251c2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 105ms
34ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:10:11 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 74342
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: _slBL51U9le1JClKbLoxz8KywhiLmbZ7-IM5OnBjI_J65BFC6P4Obg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
28 KB 742ms
742ms Fetch
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=752197553909234&correlator=4489263012180442&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696607352140&lmt=1696600152&adxs=-9%2C-9%2C1445%2C2205&adys=-9%2C-9%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2FzY14YV&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=0x-1%7C0x-1%7C380x250%7C380x250&msz=0x-1%7C0x-1%7C350x250%7C350x250&fws=1026%2C1026%2C1024%2C1024&ohw=0%2C0%2C0%2C0&ga_vid=301216938.1696607352&ga_sid=1696607352&ga_hid=264347633&ga_fc=true&dlt=1696607351531&idt=579&cust_params=url%3D%252FzY14YV%26ref%3Dt.co&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a66804911529743ac9de227417d88ef611df5d96bfa4808455de7609b3c280a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28602
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,6297900949
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138432357881
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8068 6 KB
3 KB 151ms
60ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:12 GMT
expires: Sat, 05 Oct 2024 15:49:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FzY14YV&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FzY14YV&rid=esp&cc=1

85 B
202 B

138ms
135ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FzY14YV&rid=esp&cc=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 30f1ce2ce00b45487c3f36d3a1beb22eaf6d465430bb3011963b6fa506124fbb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-O/3SUsojl9K/5SIGashR5gd8AEc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 06 Oct 2023 15:49:12 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://reurl.cc
location: /esp?url=https%3A%2F%2Freurl.cc%2FzY14YV&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 171ms
52ms XHR
application/json 54.217.255.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.255.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 92dbe0083c287324196a669a2cf3cd6b19e71dd623e230a29e88ec789e235fdf

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://reurl.cc
cache-control: no-cache
x-server: 10.45.27.134
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8396 15 KB
6 KB 100ms
35ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 259817
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 8396 417 B
554 B 37ms
34ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2a82ecb918dbd61ef9d2e95da377d83af0fed124bb2acb62908081b387d0d2b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 956542
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 0EFC 572 B
791 B 84ms
41ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 91ae1e548550457363160791ac1cf29257b04fa83b69a552eb03532d6ce61f54

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 375
content-type: text/html
date: Fri, 06 Oct 2023 15:49:12 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 0EFC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8762400542692224976

43 B
97 B

48ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8762400542692224976
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8762400542692224976
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 0EFC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=cdb86662-a2dd-c1e9-1a19-15c8b609658d
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=cdb86662-a2dd-c1e9-1a19-15c8b609658d&dcc=t

43 B
568 B

53ms
52ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=cdb86662-a2dd-c1e9-1a19-15c8b609658d&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 15:49:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 03NT68CNGAA1BK508DQF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 15:49:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W2T0GGBSW6B9Y28N6KV6
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=cdb86662-a2dd-c1e9-1a19-15c8b609658d&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 0EFC 70 B
149 B 165ms
53ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=956e1a1f-be77-7a13-da17-975fde3aae6d&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0EFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk&google_tc=

170 B
243 B

47ms
44ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk&google_tc=

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0EFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1

43 B
171 B

61ms
40ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2656 6 KB
3 KB 26ms
25ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:12 GMT
expires: Sat, 05 Oct 2024 15:49:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B1A 0
0 63ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGCj6KV1b5EK9nYM34i2DZT4dODAsUdbjXY33Gl_-eEZpHdsilY_L-0Lv2b1-IzJw57vsRi-ZvPrkUnengFcFt988s6txCxQIeKJcmUzi2Bn4h8kFgiH4JsQiboswqv1gfQVus86EtYVbWKhZrAZBKb_iatQw-6E--n5Pd1N7tCjNAQQvXsSVKg4ctHdZExkdlXVMb7x0XPPmxRq-8gDwM0wmz3oiFhI_9nimsRMP-EimVe53bTDs3_-VHwXFvWbRJ4sDzalsB3z2dexBVeJUufvDtcR_WjqR-lGQSE1ORPTEMrsfwavYxcIF34IlMM8XkeHxuYDpoayH6WOmGS89549rEEBruTxQ8Rw&sai=AMfl-YT4opIdVrTGSILBWioAr2yds67I6S8FCWjo5yieYlAXT8bexaGcaVYeMXY2s01FAKheSbz0eZ7UlvuxI_55aq3abJ2dt1acNzHDbjI2VVmO6lvvqqjh1ijHCj5Bde9-Mf6QEn3KYS08puWjaJA&sig=Cg0ArKJSzHYuEIU6IF7zEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/c9xmKrJo2H

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 9B1A 9 KB
9 KB 122ms
36ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8e15342517755abc1831a42d004f007ab0e00cb26bbbd6aa6c4193d89bb882

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: f8_4CwQTT_UnBXRtf02aiYVk9aB8D47H
date: Fri, 06 Oct 2023 15:49:06 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 03:42:38 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 9
x-amz-server-side-encryption: AES256
etag: "9d3aeb1c087722541820446aebcd8c24"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9235
x-amz-cf-id: xGu5TZ8WfRCB8PyWGetsLGElgzVCnie_9ibCpSyj0hFEiiHKIvIkCg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B1A 187 KB
59 KB 134ms
120ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 15:49:13 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 41ms
41ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3a40&_p=264347633&cid=301216938.1696607352&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1696607352&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FzY14YV&dr=https%3A%2F%2Ft.co%2F&dt=OnlyFans&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4763 624 B
447 B 70ms
66ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjrmLvGATAB&v=APEucNXtcEac74QXJHbMMu2nlaGH5T9MjUUN42SH7VG-SuMaZJ8K73hFnyL2yG73Em9a21d4CfCJBEezOW7Gvdi8ypzPssIzAYUJp4dGsCAWeW3jROClS2HyFsHdLAFwIH7ubvqNuvVEg2DpHCzZIn-y1-1NV5iesbnlV5g4P2SM3HN3yl12R_Y

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:13 GMT
expires: Fri, 06 Oct 2023 15:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2656 89 KB
31 KB 157ms
99ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 15:49:13 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2656 42 B
110 B 194ms
138ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DRKd0ZLbXHkExhxlfirGdicQejgyiT02Z4bxWlYRDlRfXqAGBH6IT2blId10aPfy0B2QHo0T8DyD9kNjKyDGZpYuZjhUUNKEpUinNoWz9v1HFOrR4

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2656 0
121 B 186ms
129ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1051250500291595141&x=1&ct=77

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2656 3 KB
1 KB 90ms
29ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 2656 20 KB
9 KB 86ms
26ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2656 187 KB
59 KB 133ms
131ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 15:49:13 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4763
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1&C=1

43 B
336 B

55ms
55ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjrmLvGATAB&v=APEucNXtcEac74QXJHbMMu2nlaGH5T9MjUUN42SH7VG-SuMaZJ8K73hFnyL2yG73Em9a21d4CfCJBEezOW7Gvdi8ypzPssIzAYUJp4dGsCAWeW3jROClS2HyFsHdLAFwIH7ubvqNuvVEg2DpHCzZIn-y1-1NV5iesbnlV5g4P2SM3HN3yl12R_Y
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltQiFh2wWBofD2do%2FgF2bWSSUj0CmpXspJYkwVVZSe8k7UKNIHABdiEbqvEZ6QHxox7tbsg9dup9h3JrrtZ5xl17i5NcbAFj3Bu4s8eHePRh2ZOWellvXquz%2FuWk8Wt8xFeOg1Z%2FAWLfzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811f0d957dd7baa6-MXP
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zloGCYaQk92CeuN6nKIbl0DHVm12%2F4Wsa8s6CEKCH2UOQxPXCcDtYIV22OxQ3jDwsw9%2B%2BiF3tep805yuTra5geOuOe2%2FEvm7mQre3GdfqDu6AT4zwEjV46UJjJKeDU8RC%2BD0D%2FhVwNQ0Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1&C=1
cache-control: no-cache
cf-ray: 811f0d94dd3dbaa6-MXP
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4763
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSAseZljb4vffzPEM1WUbAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1

43 B
768 B

58ms
57ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjrmLvGATAB&v=APEucNXtcEac74QXJHbMMu2nlaGH5T9MjUUN42SH7VG-SuMaZJ8K73hFnyL2yG73Em9a21d4CfCJBEezOW7Gvdi8ypzPssIzAYUJp4dGsCAWeW3jROClS2HyFsHdLAFwIH7ubvqNuvVEg2DpHCzZIn-y1-1NV5iesbnlV5g4P2SM3HN3yl12R_Y
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhhkToqiRZwA1niJeWpM1Bs4ADRJNU6hCXnVPCDEZF7e0n82hq%2BnUg3A703GoU3TukgWsf9sqYIEP%2FntAxX7gIWk1ZusCiuTIRmEM1xYYOdrqwIj3v1isG8WkjvcGWd0Nb3kjqPZE%2F9i1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811f0d961ab90e1d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEANxnDNXQKuFKDwY-SrQ77g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 4763
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEFkQbJ34l0mFVzk_MsAsj4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFkQbJ34l0mFVzk_MsAsj4%26google_cver%3D1

43 B
888 B

35ms
35ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFkQbJ34l0mFVzk_MsAsj4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjrmLvGATAB&v=APEucNXtcEac74QXJHbMMu2nlaGH5T9MjUUN42SH7VG-SuMaZJ8K73hFnyL2yG73Em9a21d4CfCJBEezOW7Gvdi8ypzPssIzAYUJp4dGsCAWeW3jROClS2HyFsHdLAFwIH7ubvqNuvVEg2DpHCzZIn-y1-1NV5iesbnlV5g4P2SM3HN3yl12R_Y

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
an-x-request-uuid: d8ed12ce-fd7a-4d8d-b090-5e074e7e3d78
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.11.82.134; 45.11.82.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
an-x-request-uuid: 44f35676-b9cf-4ff8-90fc-65de745954d2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEFkQbJ34l0mFVzk_MsAsj4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 45.11.82.134; 45.11.82.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4763
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNDAyMzAyMTYyNjkzODY4NA%3D%3D

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNDAyMzAyMTYyNjkzODY4NA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
an-x-request-uuid: dd3975f8-bc23-4b64-a57d-7586e89e8240
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQwNDAyMzAyMTYyNjkzODY4NA%3D%3D
x-proxy-origin: 45.11.82.134; 45.11.82.134; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 57AB 9 KB
9 KB 35ms
34ms Document
text/html 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca8708ceeec43763993d2daff2d9d2ab337e64fcbba5031b6f626e609e2db08f

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 26
content-length: 8961
content-type: text/html
date: Fri, 06 Oct 2023 15:48:47 GMT
etag: "56c880695a57094a5870b3120df2ca74"
last-modified: Mon, 02 Oct 2023 00:31:32 GMT
server: AmazonS3
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
x-amz-cf-id: P42ROzCAPETW-5VxMOsHqGBcjvYNY9y2e7ocHNhYwRpCu0M3xqxSUQ==
x-amz-cf-pop: AMS58-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: eW6cWzcOOb6T61HVOGfEzVZoubEHsljb
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 8FCB 8 KB
8 KB 42ms
41ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date: Fri, 06 Oct 2023 15:48:53 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 02:43:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 22
x-amz-server-side-encryption: AES256
etag: "6cb998b36618c683768049fa1b914a4e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8036
x-amz-cf-id: fTkfWFfGCdhY6dKzqxHO-R7Chd30y6VFbU961O7YL94CaBgEpf1rYg==

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 57AB 35 B
470 B 1269ms
254ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 06 Oct 2023 15:49:14 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 07D5 0
218 B 860ms
242ms Document
text/html 52.198.67.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.67.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-67-35.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 15:49:13 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 74DA 39 B
191 B 178ms
130ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 15:49:13 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 57AB 409 B
632 B 843ms
261ms Script
application/javascript 52.69.123.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.69.123.154 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-123-154.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 15:49:13 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 57AB 5 KB
3 KB 426ms
423ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 06 Oct 2023 15:59:13 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 57AB 0
217 B 862ms
245ms Image
text/html 52.198.67.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.67.35 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-67-35.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 57AB
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

142ms
141ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 06 Oct 2023 15:49:13 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 9B1A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b585e1ccbe6b8306f7c2611d499518c23b9206801d10c008f7ea6b281bcd06b8

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 8FCB 1 KB
640 B 815ms
260ms Script
text/html 54.150.88.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.88.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-88-244.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 481d86a73487c4edc6e1edeb26433134874e6c51a00c894d18ab7887e209ddfe

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 06 Oct 2023 15:49:13 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2656 0
56 B 130ms
129ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4789517468119&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2656 0
56 B 132ms
131ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4789517468119&version=m202309260101&ct=77&x=1&cor=1051250500291595100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2656 16 KB
12 KB 62ms
62ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQUUipQeILx1ZL5v1rrTwr97CUFMRjU6OJs2BMOMA6l4iUw7RTAHeEA5mlIU87sZQj2AHhRE2yJsMONV9OWOKuzCxNE_inMVcgH87EaZGkeI2cZm8y0BXsrFpvwDahuzzX6aleolEZOn7piBKqtPgDpFwZnkhvB9NjErSB5Cz_QUm6JWA&cry=1&dbm_d=AKAmf-AW4lGzd2SBXfexH2_lWK-4qrP2soBIGMPgpB10_8az8FkNqVVOVFLPE0Uod4EtSsXHNDA_osB2IMoVJdb4MqtcS01BLWYbfxgAt5JmMBJBiZ4lKlnOaHv3c8ABCNIGnfGwfTvmo9klunGrWy7n2DRr48-fbHwlp56qzlQm3B3esbkViL0AJx_WT1muxYCDd4h3iIG7vfCypSmRhUvWHv91sH_fRjILQqElbtjSppWv3atNtf9nT3zfeytBXBndSMTjIJ6WHsCYQoJB2E_mln9sKp3XaZJi--fmHGILdzaslu6qLGBp9RSxBimaGZmuv--Y8vkG2mA2JcT6_nuY62lAvZevSUBqWNAgI3z-B_Yp3aoKxSTh2yH2eRXGDpbbqRLiiLGLzwFa2xGBvB7i4Avn_rMDeVEWcu_ekjQKM58K-L-DPvFpoJLFCqHkUBkCeAk0mieObVVSqCQZ1BKcR-9Loj7MzywWZPluJt_d-mLkqQ-rZZ01FxzKinutqhMM03hQetcKWLp8RaPw-sDx6pwlc5tOhy0EmBpwW9ZYKip2UW-vcQFzfP1ntLwJ0JBusm-GeL9exIAVwoNw-r2kZG9i2xtkjRPVakfIiE-Ba_rigg_OiP-OYIOB8CV53p7zMDk8bPKTvqGyY3fAz_J2c7LwVTEpzEo4wl42huWeEADbAyc7t5-pOnzitDiPL57EJaBZBUWvVcDpAwkutARzf_ub6QaTwbj7e5dGxjCmDubru46b2GJbwMFS7G9adrXYeqqifgOwhwxf0EThoCkgSkDTRpZ_cUD0gb1vKPwbL6kmX_z7QyA8fKHkL189odugwrXNyRL4lbeFJ8TPIHaBzr0eEmbBHeb11ZD7C2qhhYLv8F0SeAjfFTJ8bWq8ytQdG7cX2XSCpESrQQU12whu7WnSLesPyPARdqzmfZ6Njy1c3ExNnkeuNYTOC9O0-s9V74RVSf0eIUYVKMkkD94LPOxYfT7PKDdNJWhRc1Gm7APOC9PJPaP8Nqx1jZ3w5ZdT2hB062JbwaEaToIwZ2gk81IN4dTNdAj2TcLq31TAC2B5XJRPJES7x1USmMcF3xNieuz1YYUU2GcLSlJdFA6EzuLrRV8lzcpI-WY0O134nQmKSoZe9JJHesB4TXC0Ik6lsLO0G_RjxomyzY557jxrFMFMA38JjuG8qt3smQ6RNcDgjvzf_EFBK0iKFSoGEubj3BzuhDcFcnySBJtslDGWG3ZyovC1ddVp6c2XdGkgTv4TVwIzHWmWgS3lR2IO9a47ILxDCjLHhZO62aY2sirmd4SKxLzv4zGfPmNuHBGhdhrDFBynFQMIbN5amXpwSG3zRubTOqiT-e7iCSPdouhBy0JzL5HsO6xSBojA0DGn5VceFSVXM3BX05ilqi2jSl1Cxc6s1KlVH-t-pKBkDSpk1zhZ-ktu4tiYfU0pqHdtNHd_3yEBIgUhdbAxpBWwFh86GbXpgJCtv8lcojwp5ap46QYBxECh6IhG2CG32nYo8ko7fWDI9pA8akCno0AYMiIkUijpE0N9c4N2IDErNmf44nZuf81FyhSj5zg2GBBPcWtNOHFzNUCzBDxdjhTDgLJi7l9NWU5PY2NvKWjfV8dvWsVETXNv_Mt8Gi1nE4P7vdMwi3vTBuSpZW6RJy6e_pIGKlPUOd2-nP3SuMmqrI2mefh1lvzL4oz21vI01H0xXk5l1PexQ0-bhWRt7Ukz6D7PU1cQ_-7RIiSjwkk4UtM7e6SXwr4EHmn42waj3I5m5o87afThqmCuzr8sOQT2DwHwfP3XkYm0hUMBYJ3Lk6rcIO2oXinyOCdUmzxs2TtU2JHEsDurIt6c_uFmjKYPdGKvGVZLSv-YFGXIV7rTD150YdeKaRgdIwl96RVV86SV1TVvw1OPhqB0DHFtTLFePzGX1tlx6zjdww4UMo0Sk1E92REbn2QPlSHXqyBkhIH5uXNcdr8vlUvk2GY6rOsSCY95loP9iRnl7Doz_cNAAfR__10EZnhqW7ZqXdZLd8PvJ8NPIiSVeSoOYakIAodv3YP_qp7WUIl-1mo_wOLCEGrQG4Lh_a6VChQNkOcbUqyMfpo-DCi7rRqnNqfhDCkLJUbTZNZd1vMtTRYiqKYJwVOJWV86alaTVG2Rxs1ZDlmmfnnARYGS_tN8mVgQQcn6bh4KXKCEti1MLWGWlkvNE7Www70XLg9fgiAXxgVLJZYHmfNrwpKETysB3xKSey-w5bhlbek5p--QkjkHm-pviR9ixnzR-8OAxDADncTMRWmCtkwgUsow4Dnlux3I48sw9xJ8zG7fgUK8EYPl-BCQPBxeOvWahGfJrr00q9EN3ogAAlZjxtpQsOTFialmhS2HazuQgqe3LG1bzIxAWy37WCkSY2V-DtHBoEa16KUlH47F9HQxGy2IZqSV2o1b6fJbwlt9yqiZxW054rwdMOdW1kKV0oKWvMEDUA6ENnpbmHct9-JlXcQbH157Z7rIgCtPAUsmcwNsMlwdWRhQSZmPaT8OjJy74Y3SHqcOitqjL3E1q50NI6swAPYzSrBHJHneEpyl7ErPyuctqqqrL2lhvMUewlXPTE1WJYwXIqhk6iFHk6WhAfvJXuP8x2qaI-xKriemKMmaqSLH1luWKvcgttMGQAoFO3L-yoJ-sc_Gs6a3CYV83bQU3cjr6WsXoR_tgWpbXSjFY1Pa-IAU2JspKVzM4CUMDgVa3JTtvdzgzdxF-CfiBCejAaS0pY__-hht3yMYMkiO90BmYiI-Db5RDLu07mYt8kUOkjTZkMwwWX5hL-GYe8pIrOUJsVYW7pOHTWlkzCmPuvBykhReOsuqJPYhV6eCbGu0VVBjRcGV-4ZltRI0RAD2mPLrBtJFlWKproCkmoPJe8VUghTyFCqeFhiEnrQPjSNxRhWYkD4U_3Ba2Aka6ynQHjbb_eQzKl_pZtAlOUlQpOUkU8gIeH7YcYGljpHIo6CRLhqNWK-xNHR_LzYPFCm4u9U-vvKd3llrV77nPvCdB8c9453I8AdNJRHPpNXapaf6MwslSdz7CMi4ZDYaj_vg_4CVInjQiUj1gUWjh-9NQBtLrvjYhlieM066Yt8uzHYhtHaerSgK8VKXZRr1YaMSd1db-jbC_tcY5D_DweVRmuKmq4yIK_8tqWoLxIUwQPGCm9vhjUcgv8XyFVs_1oEg4uebuMgF1elBhnX593cYDoPknwCWk3cwaOLE-8FoW4hJDuNZuY-ogPqsw2rQ3n3cnHoMGKzkJpxV5UcJ2WgRK3n-2-7Ll_vi77MMykOg5N45fk2yqBnrh-VNw4syn_yjSiJpRA3wAvgSqLaf6qjbYsrXBQLhB0_6ewCm-0QYAwHR14gKCedCI2k17n6jj-wH0xuHKLnABDH6MacmMUO41d7NANgJDjOp8K43Ty2ZtCxvnC2D85hZzVdtnkCOOCFVlZNWuAVkfE5J_xi-H383BiPaZMND3sM90KQPuDXSucGTEm2yWafaWvAOZf27OSk6SFpNN1mnKoIFOLtGqTDoGbgsTiKyBNbagNm0I9P1c833Y4qmAjr1gCFzp_6AgU4xmg6W4y6l9Jh71p0pr5Ev6sKcdsvgmnfYl9PNqZsLZBb8_1PAHEOkIFLhYlF522D4IHfqZisrN4iiEqjhwj8flBPgY-LSZpQdarB7Ehfb_Phh263J7i4E1vxiW7kQm0dlzYWUHe-m0ayKfYSofM48NN74xXwWHCYcfa-LzoHhrsd2nIbNXPEYeD2vHplF-0Z76cvfjj_1fhqwFKO24hNyhI7n1OqZJJOvL3jAvii8XrnWWmYJ8sYNjwHaD391uMZ_elijfljBE_bxo5EDSurpe7Wu8QuD6EnlIoo9DNz3pcd6qdKEENsbVIwaLPWMCB8PQyTGVYy263zuLC8suEGtd6Zi0vM70Hhn3Z95-rm24PkC2fs6RBA2QaVd40Idt26LjZkfRBifJLz3dFPPHqR5bHNT&cid=CAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F&ds=l&xdt=1&iif=1&cor=1051250500291595100&adk=250412560&idt=187&cac=0&dtd=47

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94df380b52e1dc2430d84568fa6490210f81f7fe9ecadc764291fe276cfeb94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12002
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ 37 B
402 B 416ms
416ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

bf0fd21dcd6689c763e9c71e0ca6d16a85e60a98b93a234a35deba194f3d01f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2656 41 KB
14 KB 26ms
25ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CQUUipQeILx1ZL5v1rrTwr97CUFMRjU6OJs2BMOMA6l4iUw7RTAHeEA5mlIU87sZQj2AHhRE2yJsMONV9OWOKuzCxNE_inMVcgH87EaZGkeI2cZm8y0BXsrFpvwDahuzzX6aleolEZOn7piBKqtPgDpFwZnkhvB9NjErSB5Cz_QUm6JWA&cry=1&dbm_d=AKAmf-AW4lGzd2SBXfexH2_lWK-4qrP2soBIGMPgpB10_8az8FkNqVVOVFLPE0Uod4EtSsXHNDA_osB2IMoVJdb4MqtcS01BLWYbfxgAt5JmMBJBiZ4lKlnOaHv3c8ABCNIGnfGwfTvmo9klunGrWy7n2DRr48-fbHwlp56qzlQm3B3esbkViL0AJx_WT1muxYCDd4h3iIG7vfCypSmRhUvWHv91sH_fRjILQqElbtjSppWv3atNtf9nT3zfeytBXBndSMTjIJ6WHsCYQoJB2E_mln9sKp3XaZJi--fmHGILdzaslu6qLGBp9RSxBimaGZmuv--Y8vkG2mA2JcT6_nuY62lAvZevSUBqWNAgI3z-B_Yp3aoKxSTh2yH2eRXGDpbbqRLiiLGLzwFa2xGBvB7i4Avn_rMDeVEWcu_ekjQKM58K-L-DPvFpoJLFCqHkUBkCeAk0mieObVVSqCQZ1BKcR-9Loj7MzywWZPluJt_d-mLkqQ-rZZ01FxzKinutqhMM03hQetcKWLp8RaPw-sDx6pwlc5tOhy0EmBpwW9ZYKip2UW-vcQFzfP1ntLwJ0JBusm-GeL9exIAVwoNw-r2kZG9i2xtkjRPVakfIiE-Ba_rigg_OiP-OYIOB8CV53p7zMDk8bPKTvqGyY3fAz_J2c7LwVTEpzEo4wl42huWeEADbAyc7t5-pOnzitDiPL57EJaBZBUWvVcDpAwkutARzf_ub6QaTwbj7e5dGxjCmDubru46b2GJbwMFS7G9adrXYeqqifgOwhwxf0EThoCkgSkDTRpZ_cUD0gb1vKPwbL6kmX_z7QyA8fKHkL189odugwrXNyRL4lbeFJ8TPIHaBzr0eEmbBHeb11ZD7C2qhhYLv8F0SeAjfFTJ8bWq8ytQdG7cX2XSCpESrQQU12whu7WnSLesPyPARdqzmfZ6Njy1c3ExNnkeuNYTOC9O0-s9V74RVSf0eIUYVKMkkD94LPOxYfT7PKDdNJWhRc1Gm7APOC9PJPaP8Nqx1jZ3w5ZdT2hB062JbwaEaToIwZ2gk81IN4dTNdAj2TcLq31TAC2B5XJRPJES7x1USmMcF3xNieuz1YYUU2GcLSlJdFA6EzuLrRV8lzcpI-WY0O134nQmKSoZe9JJHesB4TXC0Ik6lsLO0G_RjxomyzY557jxrFMFMA38JjuG8qt3smQ6RNcDgjvzf_EFBK0iKFSoGEubj3BzuhDcFcnySBJtslDGWG3ZyovC1ddVp6c2XdGkgTv4TVwIzHWmWgS3lR2IO9a47ILxDCjLHhZO62aY2sirmd4SKxLzv4zGfPmNuHBGhdhrDFBynFQMIbN5amXpwSG3zRubTOqiT-e7iCSPdouhBy0JzL5HsO6xSBojA0DGn5VceFSVXM3BX05ilqi2jSl1Cxc6s1KlVH-t-pKBkDSpk1zhZ-ktu4tiYfU0pqHdtNHd_3yEBIgUhdbAxpBWwFh86GbXpgJCtv8lcojwp5ap46QYBxECh6IhG2CG32nYo8ko7fWDI9pA8akCno0AYMiIkUijpE0N9c4N2IDErNmf44nZuf81FyhSj5zg2GBBPcWtNOHFzNUCzBDxdjhTDgLJi7l9NWU5PY2NvKWjfV8dvWsVETXNv_Mt8Gi1nE4P7vdMwi3vTBuSpZW6RJy6e_pIGKlPUOd2-nP3SuMmqrI2mefh1lvzL4oz21vI01H0xXk5l1PexQ0-bhWRt7Ukz6D7PU1cQ_-7RIiSjwkk4UtM7e6SXwr4EHmn42waj3I5m5o87afThqmCuzr8sOQT2DwHwfP3XkYm0hUMBYJ3Lk6rcIO2oXinyOCdUmzxs2TtU2JHEsDurIt6c_uFmjKYPdGKvGVZLSv-YFGXIV7rTD150YdeKaRgdIwl96RVV86SV1TVvw1OPhqB0DHFtTLFePzGX1tlx6zjdww4UMo0Sk1E92REbn2QPlSHXqyBkhIH5uXNcdr8vlUvk2GY6rOsSCY95loP9iRnl7Doz_cNAAfR__10EZnhqW7ZqXdZLd8PvJ8NPIiSVeSoOYakIAodv3YP_qp7WUIl-1mo_wOLCEGrQG4Lh_a6VChQNkOcbUqyMfpo-DCi7rRqnNqfhDCkLJUbTZNZd1vMtTRYiqKYJwVOJWV86alaTVG2Rxs1ZDlmmfnnARYGS_tN8mVgQQcn6bh4KXKCEti1MLWGWlkvNE7Www70XLg9fgiAXxgVLJZYHmfNrwpKETysB3xKSey-w5bhlbek5p--QkjkHm-pviR9ixnzR-8OAxDADncTMRWmCtkwgUsow4Dnlux3I48sw9xJ8zG7fgUK8EYPl-BCQPBxeOvWahGfJrr00q9EN3ogAAlZjxtpQsOTFialmhS2HazuQgqe3LG1bzIxAWy37WCkSY2V-DtHBoEa16KUlH47F9HQxGy2IZqSV2o1b6fJbwlt9yqiZxW054rwdMOdW1kKV0oKWvMEDUA6ENnpbmHct9-JlXcQbH157Z7rIgCtPAUsmcwNsMlwdWRhQSZmPaT8OjJy74Y3SHqcOitqjL3E1q50NI6swAPYzSrBHJHneEpyl7ErPyuctqqqrL2lhvMUewlXPTE1WJYwXIqhk6iFHk6WhAfvJXuP8x2qaI-xKriemKMmaqSLH1luWKvcgttMGQAoFO3L-yoJ-sc_Gs6a3CYV83bQU3cjr6WsXoR_tgWpbXSjFY1Pa-IAU2JspKVzM4CUMDgVa3JTtvdzgzdxF-CfiBCejAaS0pY__-hht3yMYMkiO90BmYiI-Db5RDLu07mYt8kUOkjTZkMwwWX5hL-GYe8pIrOUJsVYW7pOHTWlkzCmPuvBykhReOsuqJPYhV6eCbGu0VVBjRcGV-4ZltRI0RAD2mPLrBtJFlWKproCkmoPJe8VUghTyFCqeFhiEnrQPjSNxRhWYkD4U_3Ba2Aka6ynQHjbb_eQzKl_pZtAlOUlQpOUkU8gIeH7YcYGljpHIo6CRLhqNWK-xNHR_LzYPFCm4u9U-vvKd3llrV77nPvCdB8c9453I8AdNJRHPpNXapaf6MwslSdz7CMi4ZDYaj_vg_4CVInjQiUj1gUWjh-9NQBtLrvjYhlieM066Yt8uzHYhtHaerSgK8VKXZRr1YaMSd1db-jbC_tcY5D_DweVRmuKmq4yIK_8tqWoLxIUwQPGCm9vhjUcgv8XyFVs_1oEg4uebuMgF1elBhnX593cYDoPknwCWk3cwaOLE-8FoW4hJDuNZuY-ogPqsw2rQ3n3cnHoMGKzkJpxV5UcJ2WgRK3n-2-7Ll_vi77MMykOg5N45fk2yqBnrh-VNw4syn_yjSiJpRA3wAvgSqLaf6qjbYsrXBQLhB0_6ewCm-0QYAwHR14gKCedCI2k17n6jj-wH0xuHKLnABDH6MacmMUO41d7NANgJDjOp8K43Ty2ZtCxvnC2D85hZzVdtnkCOOCFVlZNWuAVkfE5J_xi-H383BiPaZMND3sM90KQPuDXSucGTEm2yWafaWvAOZf27OSk6SFpNN1mnKoIFOLtGqTDoGbgsTiKyBNbagNm0I9P1c833Y4qmAjr1gCFzp_6AgU4xmg6W4y6l9Jh71p0pr5Ev6sKcdsvgmnfYl9PNqZsLZBb8_1PAHEOkIFLhYlF522D4IHfqZisrN4iiEqjhwj8flBPgY-LSZpQdarB7Ehfb_Phh263J7i4E1vxiW7kQm0dlzYWUHe-m0ayKfYSofM48NN74xXwWHCYcfa-LzoHhrsd2nIbNXPEYeD2vHplF-0Z76cvfjj_1fhqwFKO24hNyhI7n1OqZJJOvL3jAvii8XrnWWmYJ8sYNjwHaD391uMZ_elijfljBE_bxo5EDSurpe7Wu8QuD6EnlIoo9DNz3pcd6qdKEENsbVIwaLPWMCB8PQyTGVYy263zuLC8suEGtd6Zi0vM70Hhn3Z95-rm24PkC2fs6RBA2QaVd40Idt26LjZkfRBifJLz3dFPPHqR5bHNT&cid=CAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F&ds=l&xdt=1&iif=1&cor=1051250500291595100&adk=250412560&idt=187&cac=0&dtd=47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:39:12 GMT

GET
H/1.1 200
OK 4o0txixm01eg Show response
hal9000.redintelligence.net/zone/ Frame 2656 12 KB
4 KB 115ms
36ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4o0txixm01eg?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdEY1eCwgZbCiDb-v1fAP-bGT-AyV8NqfaY7NnNG_D_AuEAEg0syBGmD9gpGE6BHIAQmpAgiHxTO1tLE-qAMByAObBKoEkgJP0Fw8H6uyo_2E3EqdM2clMqL6QUT4OGmZpU1HEJ_UZPHvTS3dkuVgMaOXvgMfu0F2Zbfqa-GM-6VcQGVewXCZxkIIH8_N3_d86HCK01k2ArCRbGbaGRe5shIoVmUmkFyMvO13oMCZWR-TKf557OmdbaB8acPoBuDNDWLYa6Jc7ys_DW6TNRd_GU9jzn_xDlvvH1_bQXebk2g0G7uuhqYUy0TAxJgXaIagN6Wj5QJQtDL4S8cGOPMlpyf3oGjxVKYJ1eMi3ZJ7mcadisromGcQeSqaW6yfKzjTa2bXKd-VJSsy2H5J3ZbE2gbbCGj5Sft3K965QFVBQMFXy2vI1IEAA9pdcMzL501I43Ha_OZXYpU-wASm3q_V-QPgBAOIBcT04f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CSVTIDQHiDRMIrtmz9OLhgQMVv1cVCB352ATPsBPTz80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsL619OLhgQMVv1cVCB352ATPEAEYASAAEgI7MvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB%26sig%3DAOD64_0Rm2y9t5lyT7k9ZZGqncYcDE9LLw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D-10ikC_NrTS_5bkvIkUtP9XsR9nC-1PgYvD_ueaL58Dh5U3RSjWzUUckiRbET33h1y8e_eTLArcJHAqyi04lNGpuXHtjWjL4otVNkDaJ3FgNDqmtLDKioYxKRraki5nGg-iWI7HTy8BUI9sDjYZyuuEIbzRAYnv96cEMD_lhcKGx9XG4%26cry%3D1%26dbm_d%3DAKAmf-CVsy_T8HvFpmlEvmGW7kaet0TjVtCKZVWB8a4M238Am1U3hsU6tc9tYhcX-g1SGS7iaLC3cTkXbVVu6dTnTYdp2vIGv6hFjQ9j9hMFjDLmcyVb5cQYGilFKEsVlguJ9xut7VA113xvv1HWCn4FpwsnFRBgHfXzqUlBY8yK6kjD7toDgv1Yo19YD5oVlMYZHXGV2Cnwoc4Zz8ynLkLql0rota_3IvaPctLs8X9QCLO2pqFoQfjVY8zAXGSCPqNNTD5at4Np4eguEvKg1X0aZYAXg5tdLP2MkxVcRauKIazVMliIH1HSFYy6knZClolWX6vU82d1LkeiKu2VafKp1AdfaIwojDd1JEUWDfOByNLR4SqypKadmJqy9LBuTkPwP80T8x8i_eeN_cJIa7EtIy3udYZkvUQhBUcRMDBm7bCEXF_h4av-akVypreAog-JaMcbo4eA7P_aS33cDWvecg_QnFIkfwuKYD-OWjZJPFKm9UjZGQvNfaxidAQlT49a961FPNca4ugN47RmAhslCbZ-uM978c7DB-lphZXCDs_xqBnTfhg%26adurl%3D
Requested by: Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 753e355b5e81b4b758f6ed71208d1dbc01375dde60c2a97598a58033c1888097

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 15:49:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4227
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CE37 38 KB
13 KB 26ms
25ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 45734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 03:06:59 GMT
expires: Sat, 05 Oct 2024 03:06:59 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame CE37 37 KB
14 KB 26ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

GET
H/1.1

200
OK

request.php Show response
hal900010.redintelligence.net/ Frame 2656
Redirect Chain

https://hal900010.redintelligence.net/request.php?zone=4o0txixm01eg&nw=20&renderingType=javascript&namespace=d27f1f6733&subid=&uid=a95c0bc6e23691dc&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900010.redintelligence.net/request.php?zone=4o0txixm01eg&nw=20&renderingType=javascript&namespace=d27f1f6733&subid=&uid=a95c0bc6e23691dc&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

174ms
100ms

Script
application/x-javascript

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request.php?zone=4o0txixm01eg&nw=20&renderingType=javascript&namespace=d27f1f6733&subid=&uid=a95c0bc6e23691dc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdEY1eCwgZbCiDb-v1fAP-bGT-AyV8NqfaY7NnNG_D_AuEAEg0syBGmD9gpGE6BHIAQmpAgiHxTO1tLE-qAMByAObBKoEkgJP0Fw8H6uyo_2E3EqdM2clMqL6QUT4OGmZpU1HEJ_UZPHvTS3dkuVgMaOXvgMfu0F2Zbfqa-GM-6VcQGVewXCZxkIIH8_N3_d86HCK01k2ArCRbGbaGRe5shIoVmUmkFyMvO13oMCZWR-TKf557OmdbaB8acPoBuDNDWLYa6Jc7ys_DW6TNRd_GU9jzn_xDlvvH1_bQXebk2g0G7uuhqYUy0TAxJgXaIagN6Wj5QJQtDL4S8cGOPMlpyf3oGjxVKYJ1eMi3ZJ7mcadisromGcQeSqaW6yfKzjTa2bXKd-VJSsy2H5J3ZbE2gbbCGj5Sft3K965QFVBQMFXy2vI1IEAA9pdcMzL501I43Ha_OZXYpU-wASm3q_V-QPgBAOIBcT04f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CSVTIDQHiDRMIrtmz9OLhgQMVv1cVCB352ATPsBPTz80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsL619OLhgQMVv1cVCB352ATPEAEYASAAEgI7MvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB%26sig%3DAOD64_0Rm2y9t5lyT7k9ZZGqncYcDE9LLw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D-10ikC_NrTS_5bkvIkUtP9XsR9nC-1PgYvD_ueaL58Dh5U3RSjWzUUckiRbET33h1y8e_eTLArcJHAqyi04lNGpuXHtjWjL4otVNkDaJ3FgNDqmtLDKioYxKRraki5nGg-iWI7HTy8BUI9sDjYZyuuEIbzRAYnv96cEMD_lhcKGx9XG4%26cry%3D1%26dbm_d%3DAKAmf-CVsy_T8HvFpmlEvmGW7kaet0TjVtCKZVWB8a4M238Am1U3hsU6tc9tYhcX-g1SGS7iaLC3cTkXbVVu6dTnTYdp2vIGv6hFjQ9j9hMFjDLmcyVb5cQYGilFKEsVlguJ9xut7VA113xvv1HWCn4FpwsnFRBgHfXzqUlBY8yK6kjD7toDgv1Yo19YD5oVlMYZHXGV2Cnwoc4Zz8ynLkLql0rota_3IvaPctLs8X9QCLO2pqFoQfjVY8zAXGSCPqNNTD5at4Np4eguEvKg1X0aZYAXg5tdLP2MkxVcRauKIazVMliIH1HSFYy6knZClolWX6vU82d1LkeiKu2VafKp1AdfaIwojDd1JEUWDfOByNLR4SqypKadmJqy9LBuTkPwP80T8x8i_eeN_cJIa7EtIy3udYZkvUQhBUcRMDBm7bCEXF_h4av-akVypreAog-JaMcbo4eA7P_aS33cDWvecg_QnFIkfwuKYD-OWjZJPFKm9UjZGQvNfaxidAQlT49a961FPNca4ugN47RmAhslCbZ-uM978c7DB-lphZXCDs_xqBnTfhg%26adurl%3D&documentReferer=https%3A%2F%2Freurl.cc%2F&ancestorOrigins=https%3A%2F%2Freurl.cc&random=3566562286540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 35a686b2ab37a0ed3578040f81ed181206b1609f356c6f9909609304b549e810

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 15:49:13 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 34629700085227304444486012469010
Connection: close
Content-Length: 330
Expires: Fri, 06 Oct 2023 16:49:13 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 15:49:13 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4o0txixm01eg&nw=20&renderingType=javascript&namespace=d27f1f6733&subid=&uid=a95c0bc6e23691dc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdEY1eCwgZbCiDb-v1fAP-bGT-AyV8NqfaY7NnNG_D_AuEAEg0syBGmD9gpGE6BHIAQmpAgiHxTO1tLE-qAMByAObBKoEkgJP0Fw8H6uyo_2E3EqdM2clMqL6QUT4OGmZpU1HEJ_UZPHvTS3dkuVgMaOXvgMfu0F2Zbfqa-GM-6VcQGVewXCZxkIIH8_N3_d86HCK01k2ArCRbGbaGRe5shIoVmUmkFyMvO13oMCZWR-TKf557OmdbaB8acPoBuDNDWLYa6Jc7ys_DW6TNRd_GU9jzn_xDlvvH1_bQXebk2g0G7uuhqYUy0TAxJgXaIagN6Wj5QJQtDL4S8cGOPMlpyf3oGjxVKYJ1eMi3ZJ7mcadisromGcQeSqaW6yfKzjTa2bXKd-VJSsy2H5J3ZbE2gbbCGj5Sft3K965QFVBQMFXy2vI1IEAA9pdcMzL501I43Ha_OZXYpU-wASm3q_V-QPgBAOIBcT04f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CSVTIDQHiDRMIrtmz9OLhgQMVv1cVCB352ATPsBPTz80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsL619OLhgQMVv1cVCB352ATPEAEYASAAEgI7MvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB%26sig%3DAOD64_0Rm2y9t5lyT7k9ZZGqncYcDE9LLw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D-10ikC_NrTS_5bkvIkUtP9XsR9nC-1PgYvD_ueaL58Dh5U3RSjWzUUckiRbET33h1y8e_eTLArcJHAqyi04lNGpuXHtjWjL4otVNkDaJ3FgNDqmtLDKioYxKRraki5nGg-iWI7HTy8BUI9sDjYZyuuEIbzRAYnv96cEMD_lhcKGx9XG4%26cry%3D1%26dbm_d%3DAKAmf-CVsy_T8HvFpmlEvmGW7kaet0TjVtCKZVWB8a4M238Am1U3hsU6tc9tYhcX-g1SGS7iaLC3cTkXbVVu6dTnTYdp2vIGv6hFjQ9j9hMFjDLmcyVb5cQYGilFKEsVlguJ9xut7VA113xvv1HWCn4FpwsnFRBgHfXzqUlBY8yK6kjD7toDgv1Yo19YD5oVlMYZHXGV2Cnwoc4Zz8ynLkLql0rota_3IvaPctLs8X9QCLO2pqFoQfjVY8zAXGSCPqNNTD5at4Np4eguEvKg1X0aZYAXg5tdLP2MkxVcRauKIazVMliIH1HSFYy6knZClolWX6vU82d1LkeiKu2VafKp1AdfaIwojDd1JEUWDfOByNLR4SqypKadmJqy9LBuTkPwP80T8x8i_eeN_cJIa7EtIy3udYZkvUQhBUcRMDBm7bCEXF_h4av-akVypreAog-JaMcbo4eA7P_aS33cDWvecg_QnFIkfwuKYD-OWjZJPFKm9UjZGQvNfaxidAQlT49a961FPNca4ugN47RmAhslCbZ-uM978c7DB-lphZXCDs_xqBnTfhg%26adurl%3D&documentReferer=https%3A%2F%2Freurl.cc%2F&ancestorOrigins=https%3A%2F%2Freurl.cc&random=3566562286540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 06 Oct 2023 16:49:13 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE37 0
20 B 133ms
133ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8UGUeSwgZeftENus9u8P2ZGsuA4AAAAAOAHgBAI&bg=!vL-lv_DNAAYMG8UMLBs7ADQBe5WfOAtLXtuADHOjUifLVLAKxtWHOzNThlWNhRCiZRlfDejYeGgvm0ZwdYXlMY3jeoHyAgAAAFRSAAAAB2gBB5kDAATgbucqvm13dnWrJ7CW5PE8W8tnKFc9v91q5F1h5RoOZYG9UQUBMWU0NKj7BnvGXoAG4bABW7zxKYzkoKAXw69PfzXMnFGJk51nmM3rY6rsgBdN8EevzUWzJ0B1icyz3ZeDaYe2SGFDM3nzksxqQDHGVDNnVETvuToVPDNTjDzWanfEJaj8yj26xqMDcLMUvgWwtK4aMXWdOZ5QIMHa7WuF18AaFB82ej1alMJuWxriBrDCKjk_CAgogXfdDFfDlXFzx5XuRMQKTQ4JTAALGu6bGwqdSQ9n5Z69-8Mh2UgWbTQaY357FSFhWewQcQE-SI-K7o4uGglRCMnQvwSYSezFN1QXM5apYAPkcyF50GG6HWBI9F5ms6Tl5pS_QAwduDr9GUUc08twtC8DvS_HkRxQRgRvxPydbNszRwOPr5A112cqZGKfLmRJ39G3n5tChZnLn-zgr6NQFp177arAm-sfyWWYz2iqjIeyS9zZXDj85GyEYbEQT0GS4zp_bFEeG0wuOqZy9tqQpTfmlPqZsSDhnf2xjUGxMsEewmITDruOYe8DNyuARl8RFht3T_ZdUdwPLG7LhV7ND5dDKtI3lGKpg9fw_FdXeDECFO7GWSS5b43txXc5rFtMYJkk0qyE3ZWgF-_zyeLU9f8VkF0FEQCSCarssWQZilMdDYmPkyB4j2a_RpxrKF71aGuZWzQeCuw9xTgDJKkJArB4XdvRBptoxFhdL26stXHBZLRjVYLuR8kGuwtP23oKAlt86NtuOvorCfUBo0_b6hVEd4W9A1iAYfk67TFgQ7T7giWMdQdrl78YENEesiLK1ElihwtZEZ9BkIjcXVg0fvUFZ2zlCdtGyc36ptHxslxifu-Uf-fQhcOwjv6h4plR48G0L7kUSveg0IlFkK7_sNX7HC_7U19cxK-xtOW2dEFcj1viKEgT7_gZb72ss3ZHwZKxPhikvsTTBYZ_dGb7dpgh6v4Z6QBJDa7Kr3BgBgeSAkOW-65_1s4-YYXUhkTbvhUd_wJ0qw

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 57AB 37 B
409 B 1541ms
1541ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

6c1af145aeff01b51bc55acb6f534782418da05c3ae7eea4e3629477c615b9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ 30 B
271 B 1414ms
1413ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=bb43c703-d5a5-42c2-9b22-40f5af1fa409

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H/1.1 200
OK request_content.php Show response
hal900010.redintelligence.net/ Frame C7D3 4 KB
2 KB 102ms
34ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/request_content.php?s=34629700085227304444486012469010&a=b0777a47
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=4o0txixm01eg&nw=20&renderingType=javascript&namespace=d27f1f6733&subid=&uid=a95c0bc6e23691dc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCdEY1eCwgZbCiDb-v1fAP-bGT-AyV8NqfaY7NnNG_D_AuEAEg0syBGmD9gpGE6BHIAQmpAgiHxTO1tLE-qAMByAObBKoEkgJP0Fw8H6uyo_2E3EqdM2clMqL6QUT4OGmZpU1HEJ_UZPHvTS3dkuVgMaOXvgMfu0F2Zbfqa-GM-6VcQGVewXCZxkIIH8_N3_d86HCK01k2ArCRbGbaGRe5shIoVmUmkFyMvO13oMCZWR-TKf557OmdbaB8acPoBuDNDWLYa6Jc7ys_DW6TNRd_GU9jzn_xDlvvH1_bQXebk2g0G7uuhqYUy0TAxJgXaIagN6Wj5QJQtDL4S8cGOPMlpyf3oGjxVKYJ1eMi3ZJ7mcadisromGcQeSqaW6yfKzjTa2bXKd-VJSsy2H5J3ZbE2gbbCGj5Sft3K965QFVBQMFXy2vI1IEAA9pdcMzL501I43Ha_OZXYpU-wASm3q_V-QPgBAOIBcT04f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CSVTIDQHiDRMIrtmz9OLhgQMVv1cVCB352ATPsBPTz80O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIsL619OLhgQMVv1cVCB352ATPEAEYASAAEgI7MvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB%26sig%3DAOD64_0Rm2y9t5lyT7k9ZZGqncYcDE9LLw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-D-10ikC_NrTS_5bkvIkUtP9XsR9nC-1PgYvD_ueaL58Dh5U3RSjWzUUckiRbET33h1y8e_eTLArcJHAqyi04lNGpuXHtjWjL4otVNkDaJ3FgNDqmtLDKioYxKRraki5nGg-iWI7HTy8BUI9sDjYZyuuEIbzRAYnv96cEMD_lhcKGx9XG4%26cry%3D1%26dbm_d%3DAKAmf-CVsy_T8HvFpmlEvmGW7kaet0TjVtCKZVWB8a4M238Am1U3hsU6tc9tYhcX-g1SGS7iaLC3cTkXbVVu6dTnTYdp2vIGv6hFjQ9j9hMFjDLmcyVb5cQYGilFKEsVlguJ9xut7VA113xvv1HWCn4FpwsnFRBgHfXzqUlBY8yK6kjD7toDgv1Yo19YD5oVlMYZHXGV2Cnwoc4Zz8ynLkLql0rota_3IvaPctLs8X9QCLO2pqFoQfjVY8zAXGSCPqNNTD5at4Np4eguEvKg1X0aZYAXg5tdLP2MkxVcRauKIazVMliIH1HSFYy6knZClolWX6vU82d1LkeiKu2VafKp1AdfaIwojDd1JEUWDfOByNLR4SqypKadmJqy9LBuTkPwP80T8x8i_eeN_cJIa7EtIy3udYZkvUQhBUcRMDBm7bCEXF_h4av-akVypreAog-JaMcbo4eA7P_aS33cDWvecg_QnFIkfwuKYD-OWjZJPFKm9UjZGQvNfaxidAQlT49a961FPNca4ugN47RmAhslCbZ-uM978c7DB-lphZXCDs_xqBnTfhg%26adurl%3D&documentReferer=https%3A%2F%2Freurl.cc%2F&ancestorOrigins=https%3A%2F%2Freurl.cc&random=3566562286540&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 982d5e28507523b94dadd842692e0e62d37353234234639e01d178e888a18321

Request headers

Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1503
Content-Type: text/html; charset=utf-8
Date: Fri, 06 Oct 2023 15:49:13 GMT
Expires: Fri, 06 Oct 2023 16:49:13 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2656 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1db395ee915e065ad347843bff551896f143a3e8deacba8208912730ec886896

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ 0
187 B 1288ms
1288ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=bb43c703-d5a5-42c2-9b22-40f5af1fa409

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
bb43c703-d5a5-42c2-9b22-40f5af1fa409.t.ssp.hinet.net/ 0
79 B 3691ms
3202ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bb43c703-d5a5-42c2-9b22-40f5af1fa409.t.ssp.hinet.net/pixel?bd=bb43c703-d5a5-42c2-9b22-40f5af1fa409&t=a546ca&referrer=%25%25%20referrer%20%25%25

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H/1.1 200
OK S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/EN/ Frame C7D3 69 KB
70 KB 171ms
51ms Image
image/gif 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/EN/S-300x250.gif
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=34629700085227304444486012469010&a=b0777a47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: fb805ea8e0e2123c713b4613ec92e55d7c11db579417ab8bdbd070d5c18e5104

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://hal900010.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 15:49:13 GMT
Last-Modified: Mon, 23 Jul 2018 15:20:14 GMT
Server: nginx
ETag: "5b55f22e-115c6"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 71110

GET
H/1.1 200
OK viewability Show response
hal900010.redintelligence.net/ Frame C7D3 0
150 B 99ms
34ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900010.redintelligence.net/viewability?s=34629700085227304444486012469010&a=5e923668&vb=m
Requested by: Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=34629700085227304444486012469010&a=b0777a47
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://hal900010.redintelligence.net/request_content.php?s=34629700085227304444486012469010&a=b0777a47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 15:49:13 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C7D3 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 57AB 198 KB
52 KB 30ms
29ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 15:49:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: VHT4DGm5M6eBlWLAb4Vp33Hls/rCqmHzcb4RUG9133flBkeEWt13G93qCYxK7bJRRC/iHoThN8gOws4ujptTCA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 8FCB 3 KB
1 KB 290ms
283ms Script
text/html 54.150.88.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FzY14YV&n=246&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8738-AR1ZV7buDqbxuUocWcTPKFVX48F3kdhW&fp_uuid=8738-ee63eef92b968c0a871cad4d894b073e49cca51623aec188d266f584073933a9&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.88.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-88-244.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 96c56a471089debe587a4140586dc1b05709c9a9853e9ba5e5152e60c01b8cb4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 8FCB 3 KB
3 KB 33ms
32ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Fri, 06 Oct 2023 15:48:30 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 47
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: PLPRqbRhQSj3I5v2RNtcIvbHZkQquNFoj1oe6e_NRkUx5Terkefx7A==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 8FCB 128 KB
42 KB 44ms
43ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-1ffad"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 15:49:14 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 8FCB 3 KB
4 KB 35ms
34ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Fri, 06 Oct 2023 15:48:56 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 19
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: QAt-AabEu5LdBQySK5rak8kaJSvrg4PHhMzXxnC-7rOtBlnR8LvvuA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 8FCB 3 KB
4 KB 36ms
35ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Fri, 06 Oct 2023 15:49:00 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 18
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: Itrh1ZHP-Nw5cEG1CKk1T_0s9pA2pUHrv1VHOrhuG068DKdKHhVZzw==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 8FCB 3 KB
3 KB 38ms
37ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date: Fri, 06 Oct 2023 15:49:00 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:28:17 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 18
x-amz-server-side-encryption: AES256
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 28v684-0wTuSbOTyN3WuDvzKxVo6S1WFSNxOjPC4VIXe_bK1CO1wXw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 8FCB 6 KB
6 KB 40ms
39ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd0366660d2837d11ab498b4adbca774d02854cbb182aaba77f5bc96075df9fb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: YYuAhwhSx_GsTeUJoqJMc_2F0T8dyIho
date: Fri, 06 Oct 2023 15:49:07 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 09:16:38 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 11
x-amz-server-side-encryption: AES256
etag: "f06a16ff0c73f1550fb80377786b8f06"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6065
x-amz-cf-id: od0m0pCpX6aiVMawE0bjdESCi1NImXUhe89lF_HM1vcyepbp7yXS8w==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 8FCB 0
171 B 535ms
179ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 06 Oct 2023 15:49:14 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 8FCB 0
168 B 1288ms
424ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7985912391405607
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Fri, 06 Oct 2023 15:49:15 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 8FCB
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=isM5v8vMDGGkAr26eywgZQ

2 B
139 B

318ms
317ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=isM5v8vMDGGkAr26eywgZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 06 Oct 2023 15:49:15 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=isM5v8vMDGGkAr26eywgZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 8FCB
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=r-HLMHN3AMOmUANaeywgZQ

2 B
169 B

316ms
316ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=r-HLMHN3AMOmUANaeywgZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 06 Oct 2023 15:49:15 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=r-HLMHN3AMOmUANaeywgZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8FCB 0
187 B 149ms
39ms XHR
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=141&profileId=184&bundle=LSYtZ19IdFZzd0x6NWJvM1c0RXhFaEFabjJCYUFVOUtCV0owVElwUGpnM3o1OE9TNWNLWGVubEZMOHVPRTFsak5LSW5ReGdpQmVKTGZUNHh6ZWVVbjFjckN4dm9rTkhlTHpkJTJCVDhNa0o1Q1JmNmR1OXk3OHZOWHFzeXVPN2hiazNCYzRJM21HTmdlJTJGU3p4QnNCb1ptblN3TVpBJTNEJTNE&cb=88977793986

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 8FCB 5 KB
3 KB 881ms
881ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 06 Oct 2023 15:59:14 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 8FCB 0
186 B 35ms
34ms Ping
text/plain 178.250.7.10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 8FCB 43 B
365 B 37ms
36ms Image
image/gif 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 30 Sep 2024 15:49:14 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 8FCB 43 B
365 B 36ms
36ms Image
image/gif 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 30 Sep 2024 15:49:14 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 8FCB 13 KB
13 KB 36ms
36ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FzY14YV&n=246&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8738-AR1ZV7buDqbxuUocWcTPKFVX48F3kdhW&fp_uuid=8738-ee63eef92b968c0a871cad4d894b073e49cca51623aec188d266f584073933a9&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Fri, 06 Oct 2023 15:48:45 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 37
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: CYkZcyIswj-IMpdaR0SIVlEbTGsex14PrTX_KjX2sHeg0D3tiUYHTg==

GET
H2 200 oid Show response
onead.onevision.com.tw/v2/et/ 339 B
956 B 368ms
310ms Script
application/javascript 107.178.241.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onead.onevision.com.tw/v2/et/oid?cb=window.text_etag_callback_3tijq
Requested by: Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 176.241.178.107.bc.googleusercontent.com
Software: gws / OneAD
Resource Hash: 490e6b5f07cd19de639769d7a86a232b4c6c6dcb393aabb0f24bd7f0a90ada5c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
via: 1.1 google
age: 0
x-powered-by: OneAD
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-backend: onead-http-event-zn26-gohttp
content-length: 339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Fri, 06 Oct 2023 15:49:14 GMT
server: gws
etag: e6895742-645f-11ee-90e3-0242ac130002
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 153363405
cache-control: max-age=600
access-control-allow-credentials: true
x-onead-version: ca360c6a
accept-ranges: bytes
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9652 6 KB
3 KB 26ms
25ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:12 GMT
expires: Sat, 05 Oct 2024 15:49:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 089B 101 KB
29 KB 128ms
127ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Resource Hash

a021827ab4ce7e2b235ddf7089081e9298a5eeedca30a00526fd1ac1203564a9

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:14 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: YIIzeup6uXUjLUlfE0V1KbavGVjeSk57hq5Qx8TfzNlXdoFL+hP7m5f08MIJDUJuZxuZoj6xrRHqjTUhrsZ86w==
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 499ms
448ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 9e2da10d8009ec834f58d206a9e2c373a83a9341f243fa2f63eff5d854231545

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1c6b-C5Nkl/AWAPQYDD/RrYE8WNGIplE"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7275

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
25ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7172
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 06 Oct 2023 15:49:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1295 640 B
262 B 68ms
66ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPv6gEQiOC2AhjFiLf5ATAB&v=APEucNV9WepnwpWCcQV9OLI-3wn4a0mJzvkQapE7zf_zHG4_n8vTo8ZvhWRH55zdHoFGsLO_Bx1VMIN9sErscsbKo0tpb44D73s_nHTDpibUwEb91oADKISiLA4M82o4zueVZWFF_YOKRv6Y0Dthc0JCETK6TfpT0D3cKLwRl_nxe9rOKCOPRdU

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9652 89 KB
31 KB 126ms
124ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 15:49:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9652 42 B
63 B 128ms
126ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGnxxHtbEzoNzZcCbillZCo4XxbuQSLV8BMRWWWQA87s2SCkT5BhQ1BIt-1PmrjPU6-VIXuh-n6x1W2a50e8vzj_ADIc2cAXPzL1iyP5MtQOBkmeU

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9652 0
20 B 129ms
127ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7328668145016962282&x=1&ct=119

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9652 3 KB
1 KB 27ms
25ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9652 20 KB
8 KB 28ms
25ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:36:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9652 187 KB
59 KB 70ms
69ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 15:49:14 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5CE0 15 KB
6 KB 35ms
35ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 723673
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 Live_Streaming.js Show response
cdn.holmesmind.com/js/modle/ Frame 8FCB 40 KB
40 KB 38ms
37ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by: Host: t.co
URL: https://t.co/c9xmKrJo2H
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: X_aLocCqsmqPAx2U1E3_4JQDn3OISwiD
date: Fri, 06 Oct 2023 15:49:08 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 06:48:46 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 10
x-amz-server-side-encryption: AES256
etag: "d51f4efc881ddc4b5200ee509878d138"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 40584
x-amz-cf-id: IMYUEXBEsetLal8faPCJxK7DBQtBZ2i1WvfO9tPJzUZEcCOM4U7RBw==

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 5CE0 420 B
553 B 33ms
32ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=LSYtZ19IdFZzd0x6NWJvM1c0RXhFaEFabjJCYUFVOUtCV0owVElwUGpnM3o1OE9TNWNLWGVubEZMOHVPRTFsak5LSW5ReGdpQmVKTGZUNHh6ZWVVbjFjckN4dm9rTkhlTHpkJTJCVDhNa0o1Q1JmNmR1OXk3OHZOWHFzeXVPN2hiazNCYzRJM21HTmdlJTJGU3p4QnNCb1ptblN3TVpBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e180e654defb878fda7e9a575e3c0d11d001dfcde5e3551e69fcfe3729eb7027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 813316
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 260ms
260ms Fetch
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=752197553909234&correlator=4489263012180442&eid=44714449&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D634028d0389f03e2%3AT%3D1696607352%3ART%3D1696607352%3AS%3DALNI_MYKfI8MzcOKEmnCM1cU6U6LjiDzcg&gpic=UID%3D00000c8fa498e1d8%3AT%3D1696607352%3ART%3D1696607352%3AS%3DALNI_MbX7QoWViFViMWVrM_gESXWndedRQ&abxe=1&dt=1696607354665&lmt=1696600154&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Freurl.cc%2FzY14YV&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=195x-1&msz=195x-1&fws=1536&ohw=0&ga_vid=301216938.1696607352&ga_sid=1696607352&ga_hid=264347633&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyeq2rbAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjI6ratsDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YyOq2rbAxSABSAghkEhcKCHJ0YmhvdXNlGK7rtq2wMUgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lVbk5KYkZKb1puZFNaVk5CZDFZck0zVm9NbVJyUVQwOUluMD0Yge62rbAxSAA.&dlt=1696607351531&idt=579&cust_params=url%3D%252FzY14YV%26ref%3Dt.co&adks=3261691140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9dc55ea802b0b51a937b086506b48e72e21ffe2f875586a7abee1740d24075e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11982
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 1295
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1

43 B
61 B

40ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPv6gEQiOC2AhjFiLf5ATAB&v=APEucNV9WepnwpWCcQV9OLI-3wn4a0mJzvkQapE7zf_zHG4_n8vTo8ZvhWRH55zdHoFGsLO_Bx1VMIN9sErscsbKo0tpb44D73s_nHTDpibUwEb91oADKISiLA4M82o4zueVZWFF_YOKRv6Y0Dthc0JCETK6TfpT0D3cKLwRl_nxe9rOKCOPRdU
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENTjlK5Uwvjz8OOTnBE6wW4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1295
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPv6gEQiOC2AhjFiLf5ATAB&v=APEucNV9WepnwpWCcQV9OLI-3wn4a0mJzvkQapE7zf_zHG4_n8vTo8ZvhWRH55zdHoFGsLO_Bx1VMIN9sErscsbKo0tpb44D73s_nHTDpibUwEb91oADKISiLA4M82o4zueVZWFF_YOKRv6Y0Dthc0JCETK6TfpT0D3cKLwRl_nxe9rOKCOPRdU

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjkwMWM5ZDUtNzcwMC0yNGI3LWNmZjctY2RlNjE0ZDg2MDBk
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 1295
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEEMBjqUtMgEOcFTtJN1gq2Y&google_cver=1

23 B
163 B

100ms
56ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEEMBjqUtMgEOcFTtJN1gq2Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPv6gEQiOC2AhjFiLf5ATAB&v=APEucNV9WepnwpWCcQV9OLI-3wn4a0mJzvkQapE7zf_zHG4_n8vTo8ZvhWRH55zdHoFGsLO_Bx1VMIN9sErscsbKo0tpb44D73s_nHTDpibUwEb91oADKISiLA4M82o4zueVZWFF_YOKRv6Y0Dthc0JCETK6TfpT0D3cKLwRl_nxe9rOKCOPRdU
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 15:49:14 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEEMBjqUtMgEOcFTtJN1gq2Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 1295 23 B
163 B 156ms
58ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPv6gEQiOC2AhjFiLf5ATAB&v=APEucNV9WepnwpWCcQV9OLI-3wn4a0mJzvkQapE7zf_zHG4_n8vTo8ZvhWRH55zdHoFGsLO_Bx1VMIN9sErscsbKo0tpb44D73s_nHTDpibUwEb91oADKISiLA4M82o4zueVZWFF_YOKRv6Y0Dthc0JCETK6TfpT0D3cKLwRl_nxe9rOKCOPRdU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 15:49:14 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 N-V07cN8ji2.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/ Frame 089B 27 KB
7 KB 86ms
27ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/N-V07cN8ji2.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c2bf1f781a5e4c4fc4f38d5d8410d607b7e1876695f28c74ddd8221fa34b786c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rvrq3cD60eCd75SslVzg3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6766
x-fb-debug: Qklb5GiY6ahklz9OjAI0SeZ6ml6WNRuOAGJ79CcIa25Jf0abosij+7ZptrI1ACKY2hd/eIv2UHk4ojGS+yJrFQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:59:19 GMT

GET
H2 200 E78dBvrFp-J.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ Frame 089B 37 KB
8 KB 85ms
26ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/E78dBvrFp-J.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efba2776ce1c31fbe824fe82b567510e9c410127d03973eb52884fb90b56b80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CVr+E3TMW5Jze+U6BEDLfg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7164
x-fb-debug: m+py3AzhcGpi+CuCqCPjKRSlp9oWhzyh+i2STkNgvSzS5ydwFlDE5P5sJ/zhczg/wrP4WJzwqOgHdmar1irmOg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 03 Oct 2024 14:51:18 GMT

GET
H2 200 RBH7b7zeA6F.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 089B 317 KB
85 KB 100ms
41ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb09f381a7fd67f63466a1907cd29deca884217da40a7611da3db93cb49b6daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GV4dq3F6xNAvtSDystA10Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86391
x-fb-debug: qFA69kvoAgz2y9rvvN25EwILqt06Sfsdux+6NIamaOHUtad+X9s8KnkRp8dKm4aKILO0rnT4OAI3O4ZLqhXNCQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 03 Oct 2024 18:26:20 GMT

GET
H2 200 d7XVGQwpajN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 089B 95 KB
27 KB 126ms
67ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/d7XVGQwpajN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ae2612587ce55438457759fc19c5526b20e49bbabb074ae0f0514cd0ed71b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SPdHTKBZ07nlZ5555t6vpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27766
x-fb-debug: PEHCOl+KN9PKuOWxbFjmD6QAI4UoLbs54UDMWTgWzxCuemHHVLbvbjDCGK4uY480+QHJAVaReh6iuAvjBA5T9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 04 Oct 2024 22:16:46 GMT

GET
H2 200 hE7AGUevGQ0.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 089B 7 KB
2 KB 99ms
41ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/hE7AGUevGQ0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

810ca9b560f154784c1f1ba5851fd7f727c272d55c2522a3e8d1c627d6881b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TgV2gECEtJtr2Yof5YcksQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2209
x-fb-debug: IvnDkNI5jIn+oXNhPnRy5DMePwuHDgNuJJyKDnVEJQkiCitJrNIw7C7K8FKLgMEa/vOaYiVlWyMi+GWBUh0boQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 28 Sep 2024 17:50:52 GMT

GET
H2 200 W4_BvyDmvhJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/ Frame 089B 50 KB
14 KB 127ms
69ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yJ/r/W4_BvyDmvhJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6df0c4c67913ac25fa9e01d7a7dfd29a73dbc7e59b4642ad8eafc52b700f444c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BymUWkdR8wJ95C8Tnn47DA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14127
x-fb-debug: i+3/q0p09Ks9TeY1fVVaGq5Z/t+YcNKByxxOh+rUvPWejsVWaG++D+/89JQYa9e6Gz6xY4SytsezNioNBqzbAA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 02 Oct 2024 22:18:22 GMT

GET
H2 200 boyaF0f8rq_.js Show response
static.xx.fbcdn.net/rsrc.php/v3iajD4/yf/l/it_IT/ Frame 089B 233 KB
65 KB 128ms
70ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iajD4/yf/l/it_IT/boyaF0f8rq_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0103eff95accb9245ab636077d9997bd7ec9027ec0a818223c2e2e80a7db60ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mxP9mylvqLxylJJH+Ja8Yw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66834
x-fb-debug: ouXfoEKUjufAbMNj2Ub0Gi6mdvCExqXXgbgStzTm27LjTW89oAQXoCMEnMWDuEmwEnEOM+owkVwrVqn/FbsaTg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 05 Oct 2024 02:35:57 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 089B 507 B
488 B 126ms
68ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-debug: q2TEyZGR8+zHKHt3G/ng3H8hSB4fBhNpVKoTym98VTplsJrlwVEBRoYK+qumffIljLk7gFzPHROCZ4FoKnA7Dg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 04 Oct 2024 01:57:20 GMT

GET
H2 200 -zelArf0zwm.js Show response
static.xx.fbcdn.net/rsrc.php/v3ivWx4/yI/l/it_IT/ Frame 089B 102 KB
29 KB 127ms
70ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ivWx4/yI/l/it_IT/-zelArf0zwm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2824581e351147d4fbfea9cb17d3329adc6f2baa719719d76abe230a16e897f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: d888LgnR6KYl3KuNEsPCEA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 29977
x-fb-debug: Nf2vTJ7q4JmR7EWCpbL2eHNrAse7aoCS147wSVJQBJS6KUvfVnFGkxBmL6agDGB6OphoD4zPVjBqHJ4jMGLJ9g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 03 Oct 2024 21:40:22 GMT

GET
H2 200 jmVFZFr5e7R.js Show response
static.xx.fbcdn.net/rsrc.php/v3iSMK4/yo/l/it_IT/ Frame 089B 341 KB
81 KB 125ms
68ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iSMK4/yo/l/it_IT/jmVFZFr5e7R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd60da94448c2b76b874aca6116bf3a5d1696190c54c225e85560ccd23809db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: X5d9nMAhQ+PO0cmE/4uxqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 82431
x-fb-debug: rG9SxihvR7KuWIZ+vYiJD7KqCK+YMej94ueTbZBfINsqftR8iGx0XE0ojaUZ+OORY5PsN51CmouQ7V5wz4QQ3g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 03 Oct 2024 20:31:57 GMT

GET
H2 200 REOM7aJWVC_.js Show response
static.xx.fbcdn.net/rsrc.php/v3ix-24/yo/l/it_IT/ Frame 089B 392 KB
93 KB 126ms
68ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ix-24/yo/l/it_IT/REOM7aJWVC_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00d0d1dc3a3b2f47b6a4c335bd2c16e7070754a5f24c6a51771e8c93f464be00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Vibts7hAFTSMDND1AI8JHg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 94570
x-fb-debug: JZj+06slwIHKPEO1vA98eQkqY7/vrmSA6rOzyr/10M0YpuQ+7e5qduUpHz7pWjFaMqEaZP/CpChJfkVuWF7vtQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 04 Oct 2024 20:43:38 GMT

GET
H2 200 XsCxmYYui7J.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 089B 19 KB
7 KB 99ms
42ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/XsCxmYYui7J.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d705c583adbdd3f894f85889ec1ee8ad58c6dec025201c81ab0e73a0cce23806

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: E6/9/Pr5yCRV+itNJbAdFA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6532
x-fb-debug: KtX4LTBHVDdCYH/DVbxW8hKj19IXQvxdLwhe/7N74PSP826KPp0weHDQyWUzn5PZgF3NktzJ3aJXOcem0JWT9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 03 Oct 2024 16:05:03 GMT

GET
H2 200 wfuNCkIpYfk.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 089B 12 KB
4 KB 127ms
69ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/wfuNCkIpYfk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c37130a13512e9d39744a70173a65dfc229317c7678d9c5ab6d9c0bc798ebfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LskkhqSsyRzC71Rb7npkIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4124
x-fb-debug: YJUYVHBfw88vs3xi4cO+eGTa5VazHVzNULZL5y0MUjdHbsaqksQtXnPGhyssZ7Nsc5qg97hEGC3qDkCLCQQ85g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 04 Oct 2024 00:53:22 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 089B 55 KB
15 KB 126ms
69ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
x-fb-debug: UY1Hy7fNkYptBH/2XHC7hdQnooY6mZTyAMwJk61DcI7ga6t9XPhxgrOiTQDJRMbjppCiFPyybc3aP8emn3gksw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 27 Sep 2024 16:04:10 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 089B 16 KB
17 KB 36ms
35ms Image
image/jpeg 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=649c01&_nc_ohc=10dZMLTkYOkAX_C2iKD&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfCX7x0NeWWISUOyn4DVldEDpMDXKYDi1juIbkVqnB9cdw&oe=65247CC5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
thrift_fmhk: GBDs/rRORCBQ/XJmTH3aNfKsFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 089B 1 KB
2 KB 35ms
34ms Image
image/jpeg 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=5fac6f&_nc_ohc=97SLiHGzM40AX9S8FMC&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AfCGWxTbj2AS8ot1KjlpyC0ZujqUL8ohd2pqNoNCef7LbA&oe=65253695
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-fra5.fbcdn.net
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
thrift_fmhk: GBBZ52b+M4eAJ+Wwd3fQdrhMFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 33ms
32ms XHR
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=264347633&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FzY14YV&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=OnlyFans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1849214123&gjid=247125095&cid=301216938.1696607352&tid=UA-102456694-1&_gid=1501475827.1696607355&_r=1&_slc=1&z=1348532467

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 25ms
24ms Image
image/gif 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=264347633&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FzY14YV&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=OnlyFans&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=6&el=NDUuMTEuODIuMTM0&ev=1&_u=IADAAEABAAAAACAAI~&jid=&gjid=&cid=301216938.1696607352&tid=UA-102456694-1&_gid=1501475827.1696607355&z=1994139674

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 02:32:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 60682eeb59edbaf47e43b266e93d3727.jpg
cdn.holmesmind.com/image/21173/ Frame 094C 30 KB
31 KB 35ms
34ms Image
image/jpeg 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/21173/60682eeb59edbaf47e43b266e93d3727.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11a9f767d428ea9a5ba22afba518a7d18614d1e087ffeba0a43d70f6a8fca308

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 12:38:51 GMT
x-amz-version-id: _tLQfXoDFYpk9BSDTF9X9yxW7g1Wnjij
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Fri, 06 Oct 2023 09:29:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 11424
etag: "052eb99c774225b22f3064fc565dff79"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 31035
x-amz-cf-id: 41c0UycqXCpnUQNDyMA7Om0lNkehreYg0H-Dvp-1AWIynCFEBcHV3A==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame 094C 2 KB
2 KB 38ms
37ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date: Fri, 06 Oct 2023 15:48:45 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:15 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 34
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: QMsKJkJ6EL9gPfmDfY8fqyo_xrWXNIYN5-SSYduSXyw2KBwzk9Gutg==

GET
H2 200 v_sdk.js Show response
cdn.holmesmind.com/js/modle/v/ Frame 094C 192 B
592 B 39ms
38ms Script
application/javascript 18.239.36.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-62.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date: Fri, 06 Oct 2023 15:49:08 GMT
via: 1.1 24f924c22589fd0429b4463876b2c576.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:17 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 21
x-amz-server-side-encryption: AES256
etag: "8644272abfaa44219b2ed3d118b43dbc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 192
x-amz-cf-id: c9frRVpgXNXannA-0htFdQOUsv_WLIrchu-gHEA1tK6Z0kyjD7DrXg==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 094C 3 KB
2 KB 26ms
26ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2583223007bc4dce1a873e84a81bb35e442f4b58800f456443876aca6121249c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 15:49:14 GMT
content-md5: ardU8pcnAmOG3JNFmoCcAA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-debug: IZiOX5q02g0g9eiOXvgpG4Rg+p14dslJnXr99yL+VIMUhy+7mDJ5JgdK0niACI3rVFJ360IKmTkAe32a2Ynfug==
x-fb-content-md5: 03e0377c65d958f50002f5fb7b83c8e9
cross-origin-opener-policy: same-origin-allow-popups
etag: "1e06f854746c9ac1ccec0b2d4d8fc6c6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Oct 2023 15:58:47 GMT

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 8FCB 0
77 B 261ms
260ms Image
image/png 54.150.88.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1696607354&p=14210:98526:190021:f934709c109a9b62da1c83321865c262:21173
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.88.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-88-244.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/png
date: Fri, 06 Oct 2023 15:49:14 GMT
server: nginx/1.14.0 (Ubuntu)

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 38ms
36ms XHR
text/plain 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=301216938.1696607352&jid=1849214123&gjid=247125095&_gid=1501475827.1696607355&_u=IADAAEAAAAAAACAAI~&z=1673345030

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9652 0
20 B 126ms
126ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1874032478323&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9652 0
20 B 126ms
126ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1874032478323&version=m202309260101&ct=119&x=1&cor=7328668145016962000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9652 89 KB
37 KB 65ms
64ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgNrFKoUrFWeVsYE9TSKnnK-ZUjWxQPdK6MAOFi4d8gfmGPAr0pW0B2PK9wbYuebLCjRk2ffv2BPyApAWPHS5chVPq3pJ0-2D6XFAByzzkm13INLpt2BL3f0uA2GgjwtITEB2Mtwv5hZGW8B6ddV7-vBRYnxoYJZVsIeULhqwEytk8r1Q&cry=1&dbm_d=AKAmf-C1_z_Llk-1iHskFhPiNpg2Sr_CyF8Cs0dqduvA8vNQ09rLWqJc5DvlBkqXs_l5gm5eTfMyArG-n7VPXDTTzhjml7tRoV1wEcg2IHeV8HGlT80muSsM7F4xSFHBf7iiSyk86ieg_M9MG_ORmBJaBq-6dFqmjv_0pofuV-XLRhhp2aRDKtEzvTKxPNVMpYXrZJzYPxjKckMB98eWFemWFcP5bKVYpRxwuDI5cR1_V4sFDMaECZ6L8vsHlmmDlXhRIp_0kPLn0e6zO2CZiK4rwkctKxpPYQhdaLIR60Io1ONhsZARG-iuosS-441VZrrvXU1oM3sHNGx1N1fV4pqnhp1dKuTN2hRVYvwdEUD43UEHiMeh37YBwFOiu7FEnHdNt5S-iEFn17MJCFIgiyoMDzBZpoY6hmygl4t8wJiYZTapZajtlx57e0dBTK7-Khp5cK5-b8DecMMfz3ukSne9oddksp-VtRl38Mpcqgc2PJ7B6wxYrARHCvF0LtDLFKrheuieJSIFA9uH25AlFq_oGoVU4pMH6UF9Vg-7xUeAIHlbAAw2gqMLkqPT6jLBkmFIxQDxjE9z7gIfEMvtGH1V-XHiEyRfb1V_IddDkhkuIYP1NwVSldJStREoRZpIQL0aJG6DeFinbVhGTtCetEYrZ1dwYucnbHWEa68ARjGFtHC_E4q9tJuoVEmo-S8FhaWjeONfbLuFyzCTGsWoDazOVwYlMsYz69dGxptp9DNk76TDXxTBulnraStyif5LLtZSWuJEWZ8pM1ultuXJsZEM8uo76BI7SvKf4TmZ8UlGRDhAb2nArg5Zo5Xw6NhSJp6bebKQTI2FQgvpZF_1oKRqG3l1VnvowwbiUiPSiOuZDpCJKOyK-d8xScxBMmhhGxmPeN7m1Nv1I7U18FR8i3hl6ScGkti2Y1SnUdy1cHJtY6E8XYCvqFWlI_0R-jzuLoMVsevd8B4z6VKrfWKtAkoiD0GNA3aUEsljfF8X7jswL_Ei9coGRp4YewxhN-oC1MGN5bHnixA7-MYUTZDxIWdJ0ZP9ZOHvBgQ4dszOM81vBQsCKbP9Z7jz3INJek65RVcCxt_-bEp8F4sBvJFUWqyFP902Nw3LLDi2nKvqwDhXXGKCw17lQTJK6Q5AO60e6UdoVBt7KGy0b6-Khxv3N5LtyYxuNIIOvHdUQmxo49YGjdw9yZY6mJ6b00kuBCK2yAe6jkDWO66X3iMWMB3Vey4jy8WAY9dHl-Z01K_RI7NwEJP5ZYuajT0xTZPyQAGUT0qpLIDMbOEsA5ZRllpuuy1uUNGwBsjbS941dFIuHXBXrFpsV-GKKaeWnWLqEJpzRkkBBzRRxQZ6rQEAE4R-B7QzzrtGTXk9L8i70FHh8ekJfMHF06dM6uPQrntbdonmuuPwOtIbOeOrZUlDlXWbtic66r6hHHswrC07yukAlKi90AR4UAQ_S-OfKYQhVl4uIj91j7iOJGBP0D-9M1Ns_Ex59Yt4PmXA4LaMJShkpB41oltIxo0ThOYSXCIK2eM2nmg6TXMMjOM29bIh7Pz3P70JcV0F8Wt-aSnt59PosWpoii1iSyhACljqW8AO4gKKQgz0ULW0jXJSyracspU6t5ZlRrjIwOBLqHeofRRIPSeFSvvvSQ2QXjlLDS-4xC0gdasEpBLzWC8nxIuXlqiKxwIeW5_eiOfIfVKubfj9UOEBXp_cUTzNf_QmP_vZg5WhVN1nJMCUFi82_X1zIzk02uV0JYpIS0b_2E63ZvnCi5JO5MIJ02RZGsmf0y4-0m9Ui7M6cWdLN_bQ88k5ziN4P8Wve0RQ7scSmRPCdZe9iW34h8LF68DPC1ZjYCHhJpXXcaHmBVMAynRPhmVaanUeCG5d3kHdll-WXtl8YzMoAyzQF8USMav2MsPyZnP1GK1VBwaQI35UXIqNwMHF4oSSV6VahLFn5vbKT-h3uvfRYFr9ZEvggtNJCVg17OtzmDvM7rwoXc140KlJ9jnq-uD5FDLSpyph26E07BKo74NG2eXATIS6pMK03YRtrXdkGG5QBxk0zOIWZz1WwVj2DIZE8np5XfYQnYqWuTMb6QXkh2ACozJa9wQZ9loA3eltsVGc1rWgE637qJih6gi9KEYyqGlYm9zBWQnMDQaBDOc-Dc0DiJfbh__v2ZA-ZUHNnrjnKP6w0lSKR2J86ropO9n7UAvCQ_gWS9tkLsCMnyaCjy5pqCvRzBGuvhrXspt3-x2Y9FeSHEVHB8hEHabglP2WelXtLG1zS4zWQVXRSzX6rDbayVXnMmSoYi8NoWFPfDKt7aYPQVSZ-IydYndhVQwIhXKZlebJvG8h_gRHaniZaA12KOeUF5JqT5lTKXGO6_6lPXVkvHMAv0Lavetjf6fNSf5raUpl6k_Qn8DZ_t1lpkcASBGfhGZZdkzFzMkzxeq_SMb8v4fmyt2hJxJMFJ-WTOJj43oL034n_GDsufucFwxk3dDFI8U4MR_hsY3SFQPGqHRIsczJN1GNN9eD3yU4OrYhS32oq3vl27HFrgmsASvILjXh9JIPVNeCAewKe5AmDl7FRrkUYnQI5PZDzizNBBf-J6NXPMliyYGGv7SMm0Esm64OPoHkW4ugcHdmhhjzL6qC7driXUCG5rsf_bzSOP7L25-T1i7BjZ-mu4URlm99PaP_QKYhGtnNoaK_zqptfH6AbXDz2Len8GcV-7xCdfAprah7l9-Jb44E7Tq94g81JXKgpFS54aHPxVYTEUfod7zqAJzIowacejPmbQftdaPfmP-4gpfEB6WgTrN-WeaUqmudpJzmZPvlFw68Xqgelcb_YsT9A9tTwKu8ovjCRIPSwhwshhImowIv1LIYMJx_xEAg6emYY3DVLX7_EGaboDIYU9RcL90sKNGXryyTN-3nUaIErP9uhBS-CLL0w2cuNhRpenHSN3yxwBPktJbXofIsGXtTWW5lv5idix4rQ_wXHIzi0TGXKEXmVzPGeE8p5g2ALqyNmsFErIzEmxJZ5uFS1SCy3EE1dgJlW3q3ITA7gJZ705rYHMImtP61XQ8uKzzAaH9np43rQvo5SQQ5eJ_n0bCaT70FEOrfJAxTae_5aSL5T2FzOf7mGlaJxH7TrtUsf4x8-N6SWAnKo1XF106fhC9W3IkPX14x7GB2DZlTVPjTplP7-rL0eWSeG58Gq2dB5eu3puZbpzUxRWRnXS-rBTJKZXBlh9rM03uEf3kdRlFhaZ5tsYjkSoFGE3ER4dLbmNYILp08aXYBG3e-NPG-z809nF2F9IQhXE0tjYIZaNUmIgNCXhCG5syHTfCFGbwinqMMZET7Gl-d_3ydHwyD6xuwpeKfcUAOdKsqbbAW1cE9mC16difUzzz4K5rE9mN9l-AAGOw4ScdECs9Xg11kp4h7T4dny6NmH6Oz2GC-VjIrbD8fOEPiB9bei3tTpXZTuQsWjxYVW40ysONe6GGvKKOcPDfKJEs7fpYquCjWABDv79GqEe40pmzxUZkfw_5m6zuYLMUahnyE-gJPKhRqvSlrFIRp8Z7q6mjWWS-_w8UmLcHviVa4QD2cgM2QxZkjzQ4cb7A6OJvsfNFn1qC9JtLFJeAZ9ZJICJtVJ_zSqLraXhO0HZZCl44xjiN-wamtxQTaUE4AU4o_SGeshDqI_hQIxzeyCG2OJ-HGi5_XrgYhPbIUzk8hbktL_QnjMe6cY2V7CUlV3-jj0ZjHRc5UhNZsetkAmO2dcxcQ3DO00qeLjeVaBRJ3_EH7RgvueOsQld6yrsysua9wHgZfjflHX446N1P2sEdhgKsUVHGG4XZfSHlUvOuR1z0tkF8gP6taBTbko2fIrlUhvgw74oPwAAVfvJw-SiMozDuykX9KB6M8hPQa4rkLlVWR2dzQZ6mSH2PLAkxiqU_Rqzw9eAxLzjqSnh7y6pui0barJgZtMpiCIE0V08XMehTYQhszJzBR238lTNpaVhQSKlMiYspXj8ypdF3v&cid=CAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F&ds=l&xdt=1&iif=1&cor=7328668145016962000&adk=2228999115&idt=144&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be78a00ce5f2d04d471b3ca3a4a86d0104658b9af8910c183864c301c97dec2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38142
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 094C 299 KB
85 KB 62ms
32ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4e8f78bf66b40ecb5923be94fa629937

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091f1ec1e53a319457986f6ae4c74b09417240f175edc5b318b0ac7e532c4ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://reurl.cc/
Origin: https://reurl.cc
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 15:49:14 GMT
content-md5: NDPuWnIz2qRNYrCvJvR6hA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86666
x-fb-debug: cBLi5bt1aoxDwGPa4/VCwhRuvLD6X0KKj8mR8gvntXV+R3r/O7JjUQKmR92UERYLpbMkqFuuApSzh1Q4vRGslA==
x-fb-content-md5: 07bb94e38c7d96e4312d3773809ae8f3
cross-origin-opener-policy: same-origin-allow-popups
etag: "44f9d80b2578ce9cf10d6cca8a93fa0b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 05 Oct 2024 12:26:10 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 122ms
63ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=301216938.1696607352&jid=1849214123&_u=IADAAEAAAAAAACAAI~&z=1265217612

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
107 B 64ms
63ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=301216938.1696607352&jid=1849214123&_u=IADAAEAAAAAAACAAI~&z=1265217612

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9652 111 KB
39 KB 99ms
26ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: t.co
URL: https://t.co/c9xmKrJo2H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
Origin: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 20:02:15 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 9652 11 KB
4 KB 26ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgNrFKoUrFWeVsYE9TSKnnK-ZUjWxQPdK6MAOFi4d8gfmGPAr0pW0B2PK9wbYuebLCjRk2ffv2BPyApAWPHS5chVPq3pJ0-2D6XFAByzzkm13INLpt2BL3f0uA2GgjwtITEB2Mtwv5hZGW8B6ddV7-vBRYnxoYJZVsIeULhqwEytk8r1Q&cry=1&dbm_d=AKAmf-C1_z_Llk-1iHskFhPiNpg2Sr_CyF8Cs0dqduvA8vNQ09rLWqJc5DvlBkqXs_l5gm5eTfMyArG-n7VPXDTTzhjml7tRoV1wEcg2IHeV8HGlT80muSsM7F4xSFHBf7iiSyk86ieg_M9MG_ORmBJaBq-6dFqmjv_0pofuV-XLRhhp2aRDKtEzvTKxPNVMpYXrZJzYPxjKckMB98eWFemWFcP5bKVYpRxwuDI5cR1_V4sFDMaECZ6L8vsHlmmDlXhRIp_0kPLn0e6zO2CZiK4rwkctKxpPYQhdaLIR60Io1ONhsZARG-iuosS-441VZrrvXU1oM3sHNGx1N1fV4pqnhp1dKuTN2hRVYvwdEUD43UEHiMeh37YBwFOiu7FEnHdNt5S-iEFn17MJCFIgiyoMDzBZpoY6hmygl4t8wJiYZTapZajtlx57e0dBTK7-Khp5cK5-b8DecMMfz3ukSne9oddksp-VtRl38Mpcqgc2PJ7B6wxYrARHCvF0LtDLFKrheuieJSIFA9uH25AlFq_oGoVU4pMH6UF9Vg-7xUeAIHlbAAw2gqMLkqPT6jLBkmFIxQDxjE9z7gIfEMvtGH1V-XHiEyRfb1V_IddDkhkuIYP1NwVSldJStREoRZpIQL0aJG6DeFinbVhGTtCetEYrZ1dwYucnbHWEa68ARjGFtHC_E4q9tJuoVEmo-S8FhaWjeONfbLuFyzCTGsWoDazOVwYlMsYz69dGxptp9DNk76TDXxTBulnraStyif5LLtZSWuJEWZ8pM1ultuXJsZEM8uo76BI7SvKf4TmZ8UlGRDhAb2nArg5Zo5Xw6NhSJp6bebKQTI2FQgvpZF_1oKRqG3l1VnvowwbiUiPSiOuZDpCJKOyK-d8xScxBMmhhGxmPeN7m1Nv1I7U18FR8i3hl6ScGkti2Y1SnUdy1cHJtY6E8XYCvqFWlI_0R-jzuLoMVsevd8B4z6VKrfWKtAkoiD0GNA3aUEsljfF8X7jswL_Ei9coGRp4YewxhN-oC1MGN5bHnixA7-MYUTZDxIWdJ0ZP9ZOHvBgQ4dszOM81vBQsCKbP9Z7jz3INJek65RVcCxt_-bEp8F4sBvJFUWqyFP902Nw3LLDi2nKvqwDhXXGKCw17lQTJK6Q5AO60e6UdoVBt7KGy0b6-Khxv3N5LtyYxuNIIOvHdUQmxo49YGjdw9yZY6mJ6b00kuBCK2yAe6jkDWO66X3iMWMB3Vey4jy8WAY9dHl-Z01K_RI7NwEJP5ZYuajT0xTZPyQAGUT0qpLIDMbOEsA5ZRllpuuy1uUNGwBsjbS941dFIuHXBXrFpsV-GKKaeWnWLqEJpzRkkBBzRRxQZ6rQEAE4R-B7QzzrtGTXk9L8i70FHh8ekJfMHF06dM6uPQrntbdonmuuPwOtIbOeOrZUlDlXWbtic66r6hHHswrC07yukAlKi90AR4UAQ_S-OfKYQhVl4uIj91j7iOJGBP0D-9M1Ns_Ex59Yt4PmXA4LaMJShkpB41oltIxo0ThOYSXCIK2eM2nmg6TXMMjOM29bIh7Pz3P70JcV0F8Wt-aSnt59PosWpoii1iSyhACljqW8AO4gKKQgz0ULW0jXJSyracspU6t5ZlRrjIwOBLqHeofRRIPSeFSvvvSQ2QXjlLDS-4xC0gdasEpBLzWC8nxIuXlqiKxwIeW5_eiOfIfVKubfj9UOEBXp_cUTzNf_QmP_vZg5WhVN1nJMCUFi82_X1zIzk02uV0JYpIS0b_2E63ZvnCi5JO5MIJ02RZGsmf0y4-0m9Ui7M6cWdLN_bQ88k5ziN4P8Wve0RQ7scSmRPCdZe9iW34h8LF68DPC1ZjYCHhJpXXcaHmBVMAynRPhmVaanUeCG5d3kHdll-WXtl8YzMoAyzQF8USMav2MsPyZnP1GK1VBwaQI35UXIqNwMHF4oSSV6VahLFn5vbKT-h3uvfRYFr9ZEvggtNJCVg17OtzmDvM7rwoXc140KlJ9jnq-uD5FDLSpyph26E07BKo74NG2eXATIS6pMK03YRtrXdkGG5QBxk0zOIWZz1WwVj2DIZE8np5XfYQnYqWuTMb6QXkh2ACozJa9wQZ9loA3eltsVGc1rWgE637qJih6gi9KEYyqGlYm9zBWQnMDQaBDOc-Dc0DiJfbh__v2ZA-ZUHNnrjnKP6w0lSKR2J86ropO9n7UAvCQ_gWS9tkLsCMnyaCjy5pqCvRzBGuvhrXspt3-x2Y9FeSHEVHB8hEHabglP2WelXtLG1zS4zWQVXRSzX6rDbayVXnMmSoYi8NoWFPfDKt7aYPQVSZ-IydYndhVQwIhXKZlebJvG8h_gRHaniZaA12KOeUF5JqT5lTKXGO6_6lPXVkvHMAv0Lavetjf6fNSf5raUpl6k_Qn8DZ_t1lpkcASBGfhGZZdkzFzMkzxeq_SMb8v4fmyt2hJxJMFJ-WTOJj43oL034n_GDsufucFwxk3dDFI8U4MR_hsY3SFQPGqHRIsczJN1GNN9eD3yU4OrYhS32oq3vl27HFrgmsASvILjXh9JIPVNeCAewKe5AmDl7FRrkUYnQI5PZDzizNBBf-J6NXPMliyYGGv7SMm0Esm64OPoHkW4ugcHdmhhjzL6qC7driXUCG5rsf_bzSOP7L25-T1i7BjZ-mu4URlm99PaP_QKYhGtnNoaK_zqptfH6AbXDz2Len8GcV-7xCdfAprah7l9-Jb44E7Tq94g81JXKgpFS54aHPxVYTEUfod7zqAJzIowacejPmbQftdaPfmP-4gpfEB6WgTrN-WeaUqmudpJzmZPvlFw68Xqgelcb_YsT9A9tTwKu8ovjCRIPSwhwshhImowIv1LIYMJx_xEAg6emYY3DVLX7_EGaboDIYU9RcL90sKNGXryyTN-3nUaIErP9uhBS-CLL0w2cuNhRpenHSN3yxwBPktJbXofIsGXtTWW5lv5idix4rQ_wXHIzi0TGXKEXmVzPGeE8p5g2ALqyNmsFErIzEmxJZ5uFS1SCy3EE1dgJlW3q3ITA7gJZ705rYHMImtP61XQ8uKzzAaH9np43rQvo5SQQ5eJ_n0bCaT70FEOrfJAxTae_5aSL5T2FzOf7mGlaJxH7TrtUsf4x8-N6SWAnKo1XF106fhC9W3IkPX14x7GB2DZlTVPjTplP7-rL0eWSeG58Gq2dB5eu3puZbpzUxRWRnXS-rBTJKZXBlh9rM03uEf3kdRlFhaZ5tsYjkSoFGE3ER4dLbmNYILp08aXYBG3e-NPG-z809nF2F9IQhXE0tjYIZaNUmIgNCXhCG5syHTfCFGbwinqMMZET7Gl-d_3ydHwyD6xuwpeKfcUAOdKsqbbAW1cE9mC16difUzzz4K5rE9mN9l-AAGOw4ScdECs9Xg11kp4h7T4dny6NmH6Oz2GC-VjIrbD8fOEPiB9bei3tTpXZTuQsWjxYVW40ysONe6GGvKKOcPDfKJEs7fpYquCjWABDv79GqEe40pmzxUZkfw_5m6zuYLMUahnyE-gJPKhRqvSlrFIRp8Z7q6mjWWS-_w8UmLcHviVa4QD2cgM2QxZkjzQ4cb7A6OJvsfNFn1qC9JtLFJeAZ9ZJICJtVJ_zSqLraXhO0HZZCl44xjiN-wamtxQTaUE4AU4o_SGeshDqI_hQIxzeyCG2OJ-HGi5_XrgYhPbIUzk8hbktL_QnjMe6cY2V7CUlV3-jj0ZjHRc5UhNZsetkAmO2dcxcQ3DO00qeLjeVaBRJ3_EH7RgvueOsQld6yrsysua9wHgZfjflHX446N1P2sEdhgKsUVHGG4XZfSHlUvOuR1z0tkF8gP6taBTbko2fIrlUhvgw74oPwAAVfvJw-SiMozDuykX9KB6M8hPQa4rkLlVWR2dzQZ6mSH2PLAkxiqU_Rqzw9eAxLzjqSnh7y6pui0barJgZtMpiCIE0V08XMehTYQhszJzBR238lTNpaVhQSKlMiYspXj8ypdF3v&cid=CAQSSwDICaaNWGnPiiz4k0wNbyki__e2acU1-DCnxHtcnjCi99OqHebsj_BUQo2jiauSIlP6CIZt3bQ1m03RWShLcZS6Dx9mI8hsCRHohhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2F&ds=l&xdt=1&iif=1&cor=7328668145016962000&adk=2228999115&idt=144&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:38:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 9652 30 KB
11 KB 25ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 13:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11602
x-xss-protection: 0
server: cafe
etag: 2362517075893974484
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 13:38:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9652 41 KB
13 KB 28ms
28ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: t.co
URL: https://t.co/c9xmKrJo2H

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 12:26:28 GMT

GET
DATA 200
OK truncated
/ Frame 9652 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d15320432495d2ae202ec006a2ec6285610823fd3763b661f33e8287c046b1b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 089B 573 B
706 B 26ms
26ms Image
image/png 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/N-V07cN8ji2.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/N-V07cN8ji2.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-debug: I7wrPO1o7j88hPvdkW3o6oqfgSe62qs6xRrC2nZ1qVLMHQ6N8fL1wE8cnsAMg6nfxh0/USuAWsir0Oce3wSfTw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 Sep 2024 02:23:51 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 089B 0
0

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 089B 873 B
607 B 53ms
53ms XHR
application/x-javascript 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3ivWx4/yI/l/it_IT/-zelArf0zwm.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

631bcf2eb458dd54bfb8f620d2bff1cadbf68e82069e925468849b50ae78bf82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: yI5UNNLNy0I880hlUVteXZ
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 15:49:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: 2CdksF551cdQp8WJ4sazqyijTXpmmkIBFfM9X0tdZ2xrw0ZjZWKr8tyxWQB3t/u9QwqX9Qo0HoRk7C3ymCYQYw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 089B 873 B
602 B 53ms
52ms XHR
application/x-javascript 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3ivWx4/yI/l/it_IT/-zelArf0zwm.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec4500afb9249c756e2c8241809fd2ffad4d782b8565227b6708360a762aedf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: yI5UNNLNy0I880hlUVteXZ
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 15:49:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
x-fb-debug: amxtrpVP6wBqECa5VjrpV8cqcDRMBaxqzLrqjdMC69eBP0BMSIQ74WODDFdity1LXkEz4k4gNdqSu+wPfXOFpg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 089B 12 KB
12 KB 27ms
26ms Image
image/png 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/E78dBvrFp-J.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/E78dBvrFp-J.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
x-fb-debug: SbKrB5VE8LCpX/Y5jsM6RVjfyBomGM/Y7OxymH3O4QRqklL/x5uVWDiMssTelcMpGtzK0AWPEasZPEt5gSM/Gg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 Sep 2024 05:24:09 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 089B 1 KB
1 KB 27ms
27ms Image
image/png 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/N-V07cN8ji2.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/N-V07cN8ji2.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:14 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
x-fb-debug: Qj1Xy/ROmACa+3NOZTCvZGkdgrW0HROoXkrV9aLDaLmdRkg5ixmlAnqYyo7Av2+4F4jqmCjqkzLR18rnLUP30w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Sep 2024 05:24:55 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9A74 22 KB
8 KB 25ms
25ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 29427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 07:38:48 GMT
expires: Sat, 05 Oct 2024 07:38:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 video.php Show response
www.facebook.com/v3.2/plugins/ Frame 29A9 172 KB
46 KB 416ms
416ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df726579ea93c24%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff19513a2ed366bc%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FMARCROCOO%2Fvideos%2F3102455103383992&locale=en_US&sdk=joey&show_text=false&width=280

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4e8f78bf66b40ecb5923be94fa629937

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

feae15cc0c88832379f545c39730a21a2d9f34d835f103a564d08060cc5d3966

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:15 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 0IpR6AYMmCOQ8ZrkcuR+45V9kcJMYhqtQcNGQ7Mlpkb4yXL4tZox+oreAHsy5kPPKkV/fZaoGzvuXl9D/14Cow==
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CBEC 0
0 63ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRguTwBPoSwJCnFg3C_Ew_t3s4obORThykBKGw1R8pRkQNfECbz01ckJ1OqTeN9XgJMX3w0A7I4aGqgjK9879iPkVWVkb54UpdymDROxg9UpkMruozFf-c7BQwJU4eEZcDn8C4xckNmraqOavTb8eTo0ngpi43DxiL1jhN0Sj4UdfFhISCgttIJM5ziGPAD85HAUljVKBoONEW4SHR-b9jOTiNV94x1KeOaPmSE_ecaUC3LaGT3ovXM4npkD9SULaDXYOcOsp2RbW7b0NZAEXEoV5idZ1TQbwn3y1sf3ZTpwyQz_Yhq33zhj5dY8xL74Qdn4sA2-_lIeKQwg9qDwadeTNW_q-i&sai=AMfl-YS8TEF8YTlJYGBdONYcRXN2e-NEc2tT67H_qsaK6PnMiLE8EcI0NZ0ohzQzoIsJebx21z9MYtp2T3wGuS1qyXJEYkTSTvKg8qLzYhGnH4LchLASNwbgyC_cqBnjxQ&sig=Cg0ArKJSzIxTDTFEHANIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/c9xmKrJo2H

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame CBEC 535 B
890 B 101ms
29ms Script
application/javascript 65.9.66.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 09:15:02 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1060454
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: 0i3vNAQ7CfSKPupF7hxAxuhjDMMPWCddvPc_EA9ju8DzIbTYJdpa8A==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBEC 187 KB
59 KB 44ms
43ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 15:49:15 GMT

GET
H2 200 external.php Show response
onead.onevision.com.tw/ 176 B
482 B 347ms
346ms Script
application/javascript 107.178.241.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onead.onevision.com.tw/external.php?version=20130731&category=&cookie=true&uid=2000023&ad_id=&ip=&channel=0&volume=0.5&scope[]=speed&response_freq_multiple=text-drive.0&dedicated_pid=&web_location=https%3A%2F%2Freurl.cc%2FzY14YV&r=https%3A%2F%2Ft.co%2F&title=OnlyFans&guid=e6895750-645f-11ee-90e3-0242ac130002&fp=8afe93fa5efc2f42c4275d684a371a82&_t=1696607355025&bgid=0&cb=ONEAD_text_response_3tijq
Requested by: Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/ad-serv.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 176.241.178.107.bc.googleusercontent.com
Software: gws / OneAD
Resource Hash: 80f88eecd31ae58dfd256cc7a6183b034e057c21d5a5297c2e2a197e5af2ffff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
via: 1.1 google
age: 0
x-powered-by: OneAD
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-hit-counter: 1
x-onead-backend: onead-http-query-1l3z-gohttp
content-length: 176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: gws
x-onead-guid: e6895750-645f-11ee-90e3-0242ac130002
content-type: application/javascript
x-varnish: 1551605
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-onead-force-backend: false
x-onead-version: ca360c6a
accept-ranges: bytes
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Zj4GuFghQl4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 089B 12 KB
4 KB 29ms
29ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/Zj4GuFghQl4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8c52fe5bb662564ab7edf0abe01a2202dcc36eaa71ce6a465cd64210c4eb2c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dBSAisRg2e2k/EbKxbTt7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3450
x-fb-debug: NJzJYUSRKG3uciGUx7nTWsdJ8Lm+0ooIkYiRWsG28g1WucfZX4LFTwMmg0LvTR15vEgcLV+rqZ3bjUyKuds7MA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Thu, 03 Oct 2024 18:48:04 GMT

GET
H3 200 HH7WTxSejL4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 089B 340 KB
73 KB 30ms
29ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/HH7WTxSejL4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

788f340ce45f804572a2cb025854c637216b04931fbf86da85ea58dba72eb7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oh6EnP/wV3sTi5t53eCEKQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74801
x-fb-debug: 9T2vi+tJnd8IEvUNlWZI97bqYMP7Sf36l73jZi7BUMkZc60zql+XNp82gxD2YkoVx7c3tudg8J5ogKXJ8s7Vjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 00:49:46 GMT

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 089B 198 B
334 B 30ms
30ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-debug: rxIFbtnMpMMwmRDfwtSCt/SZjNVkZm3tWj6lobxbzukp8kk9BkS+rb6Gaj00XF6F+e+E8Mpc53XittjS1q3S2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sun, 29 Sep 2024 02:25:55 GMT

GET
H3 200 VIGNOLA_728x90_nero.html Show response
s0.2mdn.net/sadbundle/9655830173067336002/ Frame 29CC 6 KB
2 KB 78ms
26ms Document
text/html 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38117a18c10fa713f5d7099c4568e37a333ffc6fb90a34eee3b41fbb9c30f35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 255254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2443
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 16:55:01 GMT
expires: Wed, 02 Oct 2024 16:55:01 GMT
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9652 0
0 140ms
71ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueGtlcVTLJgQYmiLUrKhCANtwSXPtrFa487KE3fUBAd3Szuu1BK3oE_YdBelqWa-ox9AxqJv0YSnyZ4PGPv90ax-UppelvKyDZISzDrkJYoQafY1TIwlhfvbyfpEH8_q4BPYR4zlyLFR6200FPEztRIiJAVzdrlXTINnlb0jMKYRfyMJtIjaSa4t1LLKDvo-jF2YN-9UQnwy-FKvl_iawt6kH9HmgrAnCxlrjEaavwOYm5jfj4yQl7lo6tTyUYAgN9i_jdExqBZVI--ZUiVxoVgx5jUGqTzEjsVCH9_jepaY-G1e0tskjK8AvQlJsXPayTkjLo7EI3N607jB8KbWNPjn-LQ7a76hfTwjRvgEbSVMRWeNUjdAo84gksRc8yw7wwe3HrwR9dQTtGLUGcQQOqCKv7as1ewEIzCpSaBBopf34xX7F0TSTKymhflaubCm9dYLUqoViwAQIKCOXsEc7sa4aY2ogFa5BAxu7lUYDaYnV2vbx3H94TcM0H8vCiatDajCt3velMp6pfT5GwqAutJ_ruwCylLbXc1JZ2_ucWUHAyOeoqadvZZOPsfEu0cgAwQQN1kC3dSoHLlBSOf1_xyigl-9CZufSsGbctNLeUuSL2PVsI_chmyWUVNrz2YdlttfDIUuZhW_uL_qxnN-hC2Qr-XG5b5s5hUlhjJvRCaIJVDqBa3vC0u8keCigd91kB6C8vPLa6RY-jjDYHZ-nqPx_a373utSprmdpR-uL6zby0YsNZ_-lVIwSWVHvfIw1oNXmRv4r98zqphtyuBkNbtDkJkZmjnRY4OE1rpy1Q4DQn8gIareWXSDNqXqvteOwwTAaGcPe44YrqhXhNzZaVZ4RWvwqYnnwNFsO4zbJEMHKzpYKx2hTwHICfncvuh1C-kwW4GcETOe9vNati20rme-EMk4kB8jWStoxXVbfAajvVqHTTiiJ0s-EIVWP1khhyBUiII7K6HZVHFmjurbfPOUaJSWSXZl6YsO7kwvgsMglp6im3exZeSQR4N-cZIcygHxNH-cDhnngp8qMN37qbBtEZxGUXfaUP9JpdAh9AyAKZbwhA7LYWA9g0eYBXAAXX4smYF5HG4YdfuUzUTga6JaiLINlNbQin09g8CZ4cuzEz_fPVb6aTCf0WTXhHBx9VabxKpWEsYeG597jKK_HNBUxDafn4jt4VDO4Thjzzdq1ffNUU2SES4ykhZcLkzqeLwmGU1xxCjAN5qrA1s3nsMi9aG0EBKcWuAV3gEZAp9BA6yS3_acig-AgpSUQEriZrOBCJHj5RXlushasdRlvPgX7_FQYje5Hb5_oJFg7I6DwYk-xAducckNhowg&sai=AMfl-YRhSlUpGY9ibgITMBeDkebAAIgP433irZdyxsN50SbkAY6zwuWBDBgCS5pxkUEj1ArtLEubwmebeF009YZd4724pGbIKRIuI7ukoXEpyVbXQ-TyMuB2kslrMW1CwHDL_xuOcysUkRVWxStCqbJhOG9X3OkZsIKQ3eI8Q2YlCSAMWl1G5rWQVh-rMR4u7UPr5LEBMw3fsMir_1rUSo9XMifrTnRb6KopLD4kWl98tMkFAAlBYX41VawHja5KNPRPcf8gJbycdyS3r6jABeyOwLv3eVu-kjz9A9BbjWVBkVAz7W5wG_H0nmhhgQ&sig=Cg0ArKJSzGeoyG_REebHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=216&cbvp=1&cstd=213&cisv=r20231004.02974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: t.co
URL: https://t.co/c9xmKrJo2H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2656 0
20 B 126ms
126ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4789517468119&version=m202309260101&ct=77&x=1&cor=1051250500291595100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A74 37 KB
14 KB 26ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14584
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 05:53:08 GMT

GET
H2 200 CMCC_Global_Hong_Kong_based_Web3_and_blockchain_fintech_fund_lau.jpg
mma.prnasia.com/media2/2239078/ 28 KB
28 KB 80ms
26ms Image
image/jpeg 104.17.239.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/2239078/CMCC_Global_Hong_Kong_based_Web3_and_blockchain_fintech_fund_lau.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.239.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e6fd61d4063ef34a501c9a1d93aae604c68d9e28e1520fbe6a2a168dd7ab85fd

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
cf-cache-status: HIT
age: 878
x-powered-by: ASP.NET
server-timing: intid;desc=1beabb16d6f6ccca
content-length: 28551
cf-bgj: h2pri
last-modified: Fri, 06 Oct 2023 15:33:26 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 811f0da1baa23746-MXP
access-control-allow-headers: Content-Type
expires: Fri, 06 Oct 2023 15:33:27 GMT

GET
H2 200 2023100515061271.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 87 KB
88 KB 51ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023100515061271.jpg?resize=1024%2C535&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ccb36b628d5aa48ec18548ba70aafaa93a11f910bde23d4da36c841f54ef1353

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nc: HIT mxp 1
date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Oct 2023 08:24:42 GMT
server: nginx
etag: "10b0b19a1ec8e425"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/10/2023100515061271.jpg>; rel="canonical"
content-length: 89504
expires: Sun, 05 Oct 2025 20:24:42 GMT

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 809ms
217ms Image
image/png 35.185.136.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 1696382071-26cbdbab506c87a4f8882ec8d9079e60-840x525.jpg
img.gbyhn.com.tw/2023/10/ 139 KB
140 KB 333ms
26ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/10/1696382071-26cbdbab506c87a4f8882ec8d9079e60-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3a167422c37352adcbb8d7060a3d3c0efbeac4f3287631578be29119af9b41

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 222467
alt-svc: h3=":443"; ma=86400
content-length: 142668
last-modified: Wed, 04 Oct 2023 01:14:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28Vir%2FEjkTPEiwEdMYqRKmHsImqlZRg9OpXKcXrlV14mvaeWwGYtEsGghb60hYDhrhecBJApMX%2BoEISjgxenO5jzRZ70JTkX7%2FuOXchvfKxn1oiyvokw6PIFqFcSqAcbrdVC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 811f0da34c644c44-MXP
expires: Wed, 11 Oct 2023 01:30:50 GMT

GET
H2 200 %E4%B8%AD%E4%BF%A1-ALL-ME-%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-8-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/07/ 89 KB
90 KB 794ms
747ms Image
image/webp 192.0.78.25
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/07/%E4%B8%AD%E4%BF%A1-ALL-ME-%E4%BF%A1%E7%94%A8%E5%8D%A1%EF%BC%8C%E6%8C%87%E5%AE%9A%E9%80%9A%E8%B7%AF%E6%9C%80%E9%AB%98-8-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

625fbbdd3bef74ca82b5945161cf8fb136ce7a45c980eb050c6c452f1c1c1529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.mxp _atomic_ams BYPASS
content-length: 91488
x-nc: HIT bur 1
last-modified: Tue, 25 Jul 2023 12:04:15 GMT
server: nginx
etag: "8853832a7e382c0f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Fri, 25 Jul 2025 00:04:15 GMT

GET
H2 200 file.png
static.wixstatic.com/media/8d2acb_51f63b8616124e62b4c069bc7a8c3fe1~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 479 KB
480 KB 107ms
29ms Image
image/png 99.86.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/8d2acb_51f63b8616124e62b4c069bc7a8c3fe1~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-105.fra6.r.cloudfront.net
Software: openresty/1.21.4.1 /
Resource Hash: c31a9b057a3f5e978275994ece7fe58d64f0d2b9b4e88e51cfbb1c9ce636b40a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-seen-by: image-manipulator-6b469b496d-sfn57
date: Fri, 15 Sep 2023 06:20:41 GMT
via: 1.1 google, 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: FRA6-C1
age: 1848514
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: X6FXyfapZPCB59YjrDRgrKKtWbJP9shzPWb4w6ywejIY6fbE2sjOwQ==
content-length: 490952
wix-tracer: 2VQCJ6COfWlgezCsc08XFVJ69YB

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 633ms
590ms Image
image/jpeg 192.0.78.236
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
strict-transport-security: max-age=31536000
x-ac: 3.mxp _atomic_ams BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Fri, 13 Oct 2023 15:49:15 GMT

GET
H2 200 ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94...
www.rayskyinvest.com/wp-content/uploads/2023/03/ 31 KB
31 KB 130ms
27ms Image
image/webp 34.149.36.179
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/2023/03/ContiBit-%E4%BA%A4%E6%98%93%E6%89%80%E8%A8%BB%E5%86%8A%E6%95%99%E5%AD%B8%EF%BC%8C%E6%95%99%E4%BD%A0%E7%94%B3%E8%B3%BC-Richwell-DeFITs-%E5%9B%BA%E5%AE%9A%E6%94%B6%E7%9B%8A-8-%E7%90%86%E8%B2%A1%E7%94%A2%E5%93%81-750x375.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/zY14YV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.149.36.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 179.36.149.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4952d97c9013418be3e4b014391c113cfe60624487dcbd14e13c1d8fa10fb66b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 06 Oct 2023 15:49:15 GMT
expires: Sat, 05 Oct 2024 15:11:56 GMT
last-modified: Thu, 30 Mar 2023 16:44:53 GMT
server: nginx
etag: "6425bc85-7a08"
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 31240
x-cdn-c: all
x-sg-cdn: 1

GET /
www.facebook.com/login/ Frame 089B 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 089B 0
0 135ms
134ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 Oct 2023 15:49:15 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: W5ajauZfv7WTJcXEdncPNapMCs6FA+rCd5l/x/8XKjOvS8h/R2leGpphohHA2bFu10ts7M1fAwMRf6Oh/gQnQA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 8FCB 36 B
401 B 2381ms
2380ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

nginx /

Resource Hash

2a1663479f04b73d9d9e170ec19919d11aea369a98b517eec6c53f7e48f7b370

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 29CC 236 KB
63 KB 35ms
34ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 15:49:15 GMT

GET
H3 200 VIGNOLA_728x90_nero.js Show response
s0.2mdn.net/sadbundle/9655830173067336002/ Frame 29CC 44 KB
11 KB 29ms
28ms Script
application/x-javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04455ff6a37fc0a40535202e59ba35947cc4287667807ab735458022eae00a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11324
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Oct 2024 16:55:01 GMT

GET
H3 200 StandardAd.js Show response
s0.2mdn.net/sadbundle/9655830173067336002/scripts/ Frame 29CC 1 KB
527 B 27ms
27ms Script
application/x-javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/scripts/StandardAd.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

163fd50c60a44d102c8a120f7bda828d3ee4400a3548bf63e2c31fe6958af2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 498
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Oct 2024 16:55:01 GMT

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 123ms
34ms Script
binary/octet-stream 18.239.18.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-29.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 12:44:06 GMT
via: 1.1 65c7ccdbbbb8463f3d45d2d76098350e.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 6318310
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: MzKvDcl701xbJnPeZw5pKWiPT3QHOzD14988hP6qf9QRr4168hsNhQ==

GET
DATA 200
OK truncated
/ Frame CBEC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4cfc7b92a13ae64dba6010ed71003d543b09ab677d5a3368ac2edfd7260a37

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CBEC 0
0 119ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEKH9isScBy8tPkWg6QdOJ__AZYnn0dapCDCStBZUxUBLi5RJS_R2_mxgEF6_E-M7T7aw3YqTcG6qIfy1YfvBN8kR-1ZiyANgqwgpge_a0bMgQ6x1OY1mT_HflNaGuhikAy2dJ1kN_d3FNvta4zUsTzCS6IkX6BJhHTORZjLEcuQZB2ZQqZDRD3yehP4HCBoe5fP6rQioUYu2RJwEdvRDdaEu5mnG8Tp42NDuF26I90pHl3WOgfGjV79JpaRHfbOtMQ_m78RTECMMOMMp7wh84ZGksZxHPDSzxsC_DFkG9JJhvmjm2wDHBBaRQrK9EcvQLR9JLDXNQXlzsVdExbzYUp-PF574Mvfk&sai=AMfl-YSOVmM7cnHUyLJgLOPqAwq1nDABHawrdJKCtl4K3gWOKeTXt21IE6Tgqmk3PJtEjh__AOxJgLn1kALy90JQDWfwLdgd_kMsW-fcWcKvElpcksK19aM2jSsLFUW3hQ&sig=Cg0ArKJSzNLagPF-lGRuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 15:49:15 GMT

GET
H3 200 ingredientiNero90.jpg
s0.2mdn.net/sadbundle/9655830173067336002/images/ Frame 29CC 60 KB
60 KB 29ms
29ms Image
image/jpeg 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/images/ingredientiNero90.jpg

Requested by

Host: 3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com
URL: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcdc29ff00e1b19b329d88bc533259c8dccd0b8770c08f9b81136880ba71c3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:00:13 GMT
x-content-type-options: nosniff
age: 24542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61442
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Oct 2024 09:00:13 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9652 0
0 64ms
64ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueGtlcVTLJgQYmiLUrKhCANtwSXPtrFa487KE3fUBAd3Szuu1BK3oE_YdBelqWa-ox9AxqJv0YSnyZ4PGPv90ax-UppelvKyDZISzDrkJYoQafY1TIwlhfvbyfpEH8_q4BPYR4zlyLFR6200FPEztRIiJAVzdrlXTINnlb0jMKYRfyMJtIjaSa4t1LLKDvo-jF2YN-9UQnwy-FKvl_iawt6kH9HmgrAnCxlrjEaavwOYm5jfj4yQl7lo6tTyUYAgN9i_jdExqBZVI--ZUiVxoVgx5jUGqTzEjsVCH9_jepaY-G1e0tskjK8AvQlJsXPayTkjLo7EI3N607jB8KbWNPjn-LQ7a76hfTwjRvgEbSVMRWeNUjdAo84gksRc8yw7wwe3HrwR9dQTtGLUGcQQOqCKv7as1ewEIzCpSaBBopf34xX7F0TSTKymhflaubCm9dYLUqoViwAQIKCOXsEc7sa4aY2ogFa5BAxu7lUYDaYnV2vbx3H94TcM0H8vCiatDajCt3velMp6pfT5GwqAutJ_ruwCylLbXc1JZ2_ucWUHAyOeoqadvZZOPsfEu0cgAwQQN1kC3dSoHLlBSOf1_xyigl-9CZufSsGbctNLeUuSL2PVsI_chmyWUVNrz2YdlttfDIUuZhW_uL_qxnN-hC2Qr-XG5b5s5hUlhjJvRCaIJVDqBa3vC0u8keCigd91kB6C8vPLa6RY-jjDYHZ-nqPx_a373utSprmdpR-uL6zby0YsNZ_-lVIwSWVHvfIw1oNXmRv4r98zqphtyuBkNbtDkJkZmjnRY4OE1rpy1Q4DQn8gIareWXSDNqXqvteOwwTAaGcPe44YrqhXhNzZaVZ4RWvwqYnnwNFsO4zbJEMHKzpYKx2hTwHICfncvuh1C-kwW4GcETOe9vNati20rme-EMk4kB8jWStoxXVbfAajvVqHTTiiJ0s-EIVWP1khhyBUiII7K6HZVHFmjurbfPOUaJSWSXZl6YsO7kwvgsMglp6im3exZeSQR4N-cZIcygHxNH-cDhnngp8qMN37qbBtEZxGUXfaUP9JpdAh9AyAKZbwhA7LYWA9g0eYBXAAXX4smYF5HG4YdfuUzUTga6JaiLINlNbQin09g8CZ4cuzEz_fPVb6aTCf0WTXhHBx9VabxKpWEsYeG597jKK_HNBUxDafn4jt4VDO4Thjzzdq1ffNUU2SES4ykhZcLkzqeLwmGU1xxCjAN5qrA1s3nsMi9aG0EBKcWuAV3gEZAp9BA6yS3_acig-AgpSUQEriZrOBCJHj5RXlushasdRlvPgX7_FQYje5Hb5_oJFg7I6DwYk-xAducckNhowg&sai=AMfl-YRhSlUpGY9ibgITMBeDkebAAIgP433irZdyxsN50SbkAY6zwuWBDBgCS5pxkUEj1ArtLEubwmebeF009YZd4724pGbIKRIuI7ukoXEpyVbXQ-TyMuB2kslrMW1CwHDL_xuOcysUkRVWxStCqbJhOG9X3OkZsIKQ3eI8Q2YlCSAMWl1G5rWQVh-rMR4u7UPr5LEBMw3fsMir_1rUSo9XMifrTnRb6KopLD4kWl98tMkFAAlBYX41VawHja5KNPRPcf8gJbycdyS3r6jABeyOwLv3eVu-kjz9A9BbjWVBkVAz7W5wG_H0nmhhgQ&sig=Cg0ArKJSzGeoyG_REebHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=417&vt=11&dtpt=201&dett=3&cstd=213&cisv=r20231004.02974&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: t.co
URL: https://t.co/c9xmKrJo2H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST bz
www.facebook.com/ajax/ Frame 089B 0
0

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 203ms
130ms XHR
application/json 143.204.215.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=8744.688704939525&pid=5434&url=https%3A%2F%2Freurl.cc%2FzY14YV
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-16.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: c6d48b56ce002efafde8e3013ff65c259ce70d3b7bb21ef84434e45f03a0f35c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 3iA1W9yoY_dpbuxy0uL-YIgpGNbhEjGLEdENp-JA-8nOHsUnlIQmOQ==

GET
H3 200 ingredientiNero90_1.png
s0.2mdn.net/sadbundle/9655830173067336002/images/ Frame 29CC 17 KB
17 KB 28ms
28ms Image
image/png 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/images/ingredientiNero90_1.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a56c10e62bad58c61047ea628eadd062b1a18c506b59da4ed1fa60987e1a738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:55:02 GMT
x-content-type-options: nosniff
age: 255253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17245
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Oct 2024 16:55:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A74 0
20 B 135ms
135ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bsx2veiwgZf6bL9nj3wOhmL7YBwAAAAA4AeAEAg&bg=!KCulK2TNAAYMG8UMLBs7ADQBe5WfOIweWvE37lKFATPA8Vd6D2tZbJbt3qhDALlWR4-FKiWdK7GiKQcESZU8J3A1kh27AgAAAKRSAAAAB2gBB5kDC3YEmRREFivGI9c_2MjuaaRnvFgm_dp3UYsE50BuzF3ZY_hzAlyAMJNWdYFT3oJdAsxc67ivI34JG1yUIIG_iTGOjiOzHTlLlVwyxtcz4bjiFQaY1M9k0mo1r5WIfYxya8VFMqw3hxDWsK__cwK7lFuLQN92blk8ThPL_A1_jYY-eLThJGXe6_f0w0mma7DN-FqboHIWrmOUiOltFqscuTaaI4wm5ZE4W2CUN_bk4scQiNkmKxZGU7xXJ79aw7JIjFHeXgjpwKqM2YnBgdAVpa_repPN-WfYEXia0A4xkSkQtbNtH2auf8azTrgfGzNW1ozzdrCsRlHuNeGQg4Drn5_ma9EN5TWwfmoWCxGfvQvs_JuRN_duwhilrn95fUDNasUNTeIzPOFN5YbGY_vN3ONSMSjJEFjpjpDzPwfxL3LnBefIdly7IBatJKNAD37YuGEpK1Q3qC22LQXhBg8Ho4dM3yRk0mPvX7_ismZ0Yn_kaXIaql3iGR2PGHCu8f4u4WMJ799ncrCK6y7j86YckK8Bo5SVXVrEl1IRn17iYIS0bQssn9CHeJtCajpDgcGcG2GooYLs5oGXTyJ5ErqMPE2gknmOVYyN3S-4l71i_4Mfaw-sXah-lDi0Oj2IxpTMAO4yPKKThN7NoSZu0J80HHqufTKauDHQ5h-Fm_MFJB9BaLPummqjkvzjlbMKaVKzrIkHCBhFQtFEGmQOp3b9VITm77Sh36YSdon0C2FHCN316yNMtubaTcKgCJ_jN3GQ_Jnf4klrDxFYCmmnB3jJSPhYU7YakGaLlJLnW_W_F7yQ5GR84UjBZALiTLplKiuFgpLqf6gjYkZuVUOyHCz4KQjat8brWDWUr3m2LCjuYULmFLdCfGuLsTPi6EoqEQdml3WfvQ5jRuamEzrp4X4hDKEq9dSgI27W5j_z6LAqBAMc9MARGuV4ayuN-h2ytXtI3_m5IalF35_TzzqJgFfGYqFiVFXipPDm0dPfGaGHH5C068M5N3m9trHLaVcVDBNgZPjk9gMIlmn08U0n

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Nero90.jpg
s0.2mdn.net/sadbundle/9655830173067336002/images/ Frame 29CC 13 KB
13 KB 27ms
26ms Image
image/jpeg 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/images/Nero90.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5765af0c3e880192665bb949f5677cc106753a2a4b49a2668fc2fbfab113bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:45:39 GMT
x-content-type-options: nosniff
age: 65016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13304
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 21:45:39 GMT

GET
H3 200 Nero90_1.png
s0.2mdn.net/sadbundle/9655830173067336002/images/ Frame 29CC 11 KB
11 KB 27ms
27ms Image
image/png 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/images/Nero90_1.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3b75e8858a66cd4e80656d27b7ece4f016908390261489f7b63e347398e045e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 01:29:44 GMT
x-content-type-options: nosniff
age: 137971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10966
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Oct 2024 01:29:44 GMT

GET
H3 200 pack.jpg
s0.2mdn.net/sadbundle/9655830173067336002/images/ Frame 29CC 13 KB
13 KB 26ms
26ms Image
image/jpeg 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/images/pack.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd38546bd84a232fb53777ca46ccb2b155f0b2b26c60df0b6ccee6e6b43eb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:55:03 GMT
x-content-type-options: nosniff
age: 255252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13574
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Oct 2024 16:55:03 GMT

GET
H3 200 pack_1.png
s0.2mdn.net/sadbundle/9655830173067336002/images/ Frame 29CC 4 KB
4 KB 34ms
33ms Image
image/png 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9655830173067336002/images/pack_1.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/zY14YV

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34dac43dd35039cd354d882d030bf769a172a37df5c586a0febe2dc3dfa2d0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9655830173067336002/VIGNOLA_728x90_nero.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:55:03 GMT
x-content-type-options: nosniff
age: 255252
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4264
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 08:24:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Oct 2024 16:55:03 GMT

GET
H3 200 hJcAi1-uuqW.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame 29A9 595 KB
144 KB 47ms
34ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/hJcAi1-uuqW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df726579ea93c24%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff19513a2ed366bc%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FMARCROCOO%2Fvideos%2F3102455103383992&locale=en_US&sdk=joey&show_text=false&width=280

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b849d65813fdcb5d3a935ef76804f4d70a70c9c3f8df03c8f6baea51e72eef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cMp8pYTmFMXK3VgLkZYNbw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 146895
x-fb-debug: P0LZfj2zjVQgGMuM9PByL/mR/Mgae9RoO5SQwoEHrPP1TU4l3RYd5ubtkQQS+aDXmhnZYf/E6GnPIrpWnhuwdA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Sat, 05 Oct 2024 03:41:39 GMT

GET
H3 200 7XCLBEijNRi.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame 29A9 29 KB
7 KB 64ms
52ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/7XCLBEijNRi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0171ab6c781c1e4f9cc2ba124b278ce8be3a2729e61730bd9a0f301de7c8d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dSCXzua7umx1k414xAe+Qg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7222
x-fb-debug: 1YmGSXKrDoW9lnkShH4jKErGycUS4i8JZis1ERczJLMoGeOv66s1VHNxcHBXXzBRBvUyLzWDRyZm4g5GaQSj4Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Sat, 05 Oct 2024 02:22:34 GMT

GET
H3 200 5S7KQiQvk9C.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ Frame 29A9 7 KB
2 KB 43ms
31ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/5S7KQiQvk9C.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

063683ee5d5852f139f9ec95c65fb57db4135b90ab4380625be1827197a9dfe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GU2c3pXZezm5gphtiJy7Zw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1459
x-fb-debug: VNFDOVEkvXlwId/SASienewql79YkDZN5CqudwM4jQj+iVHUKmWOnopMwN8rRzC5N1MUxp6dKPPtrzbTmE/wuQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Sat, 05 Oct 2024 02:43:32 GMT

GET
H3 200 RBH7b7zeA6F.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 29A9 317 KB
85 KB 65ms
53ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb09f381a7fd67f63466a1907cd29deca884217da40a7611da3db93cb49b6daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GV4dq3F6xNAvtSDystA10Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86391
x-fb-debug: O/4mErZeApnH0A6D1hknlb/LEHp0S4P5fWS7dpjFMtEpEzKhb1POjGbNuQzzsXVB/l0BM268JojwwkBGIlmUww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 00:54:30 GMT

GET
H3 200 EbPZ0WyDavM.js Show response
static.xx.fbcdn.net/rsrc.php/v3iv1q4/yS/l/en_US/ Frame 29A9 285 KB
73 KB 84ms
72ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iv1q4/yS/l/en_US/EbPZ0WyDavM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4ba12fb495221a76eb6fb8f2e92b6597457c9537bc9b3b2593808047edb705b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +kSRmJDqGOsH8W9+qRTbTA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74423
x-fb-debug: pBcQKJEGLFbmwrLI3tV8Jh+OfddbSuRf0br71QtlFZp1mPrSZjcVnp0fp9MOv8/P+819pl59PwMxakyheKLV3w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 04:20:07 GMT

GET
H3 200 C7hKNqgUFIo.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yU/l/en_US/ Frame 29A9 806 KB
194 KB 90ms
79ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yU/l/en_US/C7hKNqgUFIo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a11e3e4bb43077e1da603a270cae54a314883c591de46227595a2bb8b291e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MHc+o07bxk6KCP2qMApl6Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198932
x-fb-debug: cNsOUqIgIc4hPxqY/BdVYbjV51tZeasG9FFyJwyDT2CancygugkfcHLw/JN8LWVzIvaPHpI+uxQmNqL9gdb6MA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 02:08:05 GMT

GET
H3 200 4r8pcxnOs4K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 29A9 3 KB
1 KB 115ms
104ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/4r8pcxnOs4K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GBf95XiiHK2guhZn2p/rAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1277
x-fb-debug: /b6XyIuN4a8SN+ZcWIoWhs7Mcd25nmSL5kByaJnoiouMSzmObGTY99adw+T7/uhRHS9XlYVZTAQ3GGyFSH2BSA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Thu, 03 Oct 2024 22:14:10 GMT

GET
H3 200 biEVhwqLO-l.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 29A9 27 KB
9 KB 116ms
104ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/biEVhwqLO-l.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5eb882adcdf975b0217af0014adec65c0ba6b282ff9cef57c5cc7fbe10bb92b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JrXGB20n1usMD6xEOftwIg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8818
x-fb-debug: /C8du4tuyKXirUSNdxcG1SXg2Of08wDSqzV8qSJNjbUS1vHayBMzVeaP/t7a5YqfdIb/Lfv5W7n9Hg4jWXl5gw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 04:34:21 GMT

GET
H3 200 SBj9Mt6tmpp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 29A9 387 KB
84 KB 118ms
106ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/SBj9Mt6tmpp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

102b1eca2242774b8cac3d3fc4099817d8e6abe2264808d99fa91e351115a458

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MIfHcza3Esbcx2u9NfkWKA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86158
x-fb-debug: HiGbVpnVwgCGClUpJIbqLskQPRlV8DNZ/fqs78xkS4Oq1gp25cCBfABmpu5fM9IBTknCdL+LKSrL13DDaWzu5w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 04:23:17 GMT

GET
H3 200 JuOmdTCqXID.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 29A9 1 KB
834 B 122ms
111ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/JuOmdTCqXID.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1d9efdc2145137ddc944b0b60c62c52cfa4078563e577089bf54efacdfa7ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RJ5fgwc+6C911RqEZNCZ2g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 696
x-fb-debug: cRIJd+FbFnIXf6mzmbrP2ij7M+dPog/2qVy31ycX4/MLsCSwWXoQOeQXEye6gp4mRFY8DdTHX4BuhZk1xQjbsA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Mon, 30 Sep 2024 16:06:46 GMT

GET
H3 200 1kQrYX3tFDM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 29A9 32 KB
10 KB 121ms
110ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/1kQrYX3tFDM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acab4e4469e1eb057d5650beb950201236f2224c4fc4b34228a6fc1134b3d182

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: V0kAm8SZ5B6vTiLUW5vlOQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10357
x-fb-debug: CIrR9E+IMCbOdxOZDEomXyif4XGf3OTJ+M49X2Ao3A6YuVek9BJ1fS5yls56JAwVUhuGLf/TJhDbdXakER25+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 02:41:22 GMT

GET
H2 200 386453688_1006394700796915_5552164771044479900_n.jpg
scontent-mxp2-1.xx.fbcdn.net/v/t15.5256-10/ Frame 29A9 30 KB
30 KB 58ms
18ms Image
image/jpeg 157.240.203.2
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mxp2-1.xx.fbcdn.net/v/t15.5256-10/386453688_1006394700796915_5552164771044479900_n.jpg?stp=dst-jpg_p280x280&_nc_cat=1&ccb=1-7&_nc_sid=08861d&_nc_ohc=FEi46SAXmm8AX8nYj6M&_nc_ht=scontent-mxp2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfBMISBZxUyJ4wNCrdqRQJSJ4jp15-PdQNO2KNa6mbQq7A&oe=6525989F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df726579ea93c24%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff19513a2ed366bc%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FMARCROCOO%2Fvideos%2F3102455103383992&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.203.2 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: bbd86b61291ac4db9522a303bb691982f4ba5c372964268eb4c8081ccf1ccebe

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-haystack-needlechecksum: 2668154540
date: Fri, 06 Oct 2023 15:49:15 GMT
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 06 Oct 2023 12:30:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4052431601
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2452623838
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 30973

GET
H2 200 351477904_557582763234246_6423616462895260774_n.jpg
scontent-mxp2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 29A9 2 KB
2 KB 43ms
17ms Image
image/jpeg 157.240.203.2
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mxp2-1.xx.fbcdn.net/v/t39.30808-1/351477904_557582763234246_6423616462895260774_n.jpg?stp=cp0_dst-jpg_p74x74&_nc_cat=1&ccb=1-7&_nc_sid=5fac6f&_nc_ohc=Fs_yUHZzjSAAX9p_n6V&_nc_ht=scontent-mxp2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfBsiFjMkKX9z9TzKsTVPbL1bUzthibomBXuJVY2mYvu8Q&oe=6525FCF5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df726579ea93c24%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff19513a2ed366bc%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FMARCROCOO%2Fvideos%2F3102455103383992&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.203.2 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: cd8a889bfcdd71be4308bc0d741066962106cda173af38d279d8d1464928f048

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 14 Jun 2023 11:58:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3402570992
thrift_fmhk: GBAuXnzCbEKbSnbvDwWhi1tmFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3288705673
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1602

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.827/ 469 KB
129 KB 114ms
34ms Script
application/javascript 13.32.99.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.827/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:19:40 GMT
content-encoding: br
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jul 2023 12:00:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2082576
etag: W/"6d4b82c5e77085c209494ce7e5eca2fa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8hbpT87KxNnzhWpzZk2fzigD7ksF700_i44rRYFAR8KbsAIfsCa-vg==

GET
H3 200 vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 29A9 4 KB
4 KB 28ms
28ms Image
image/png 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/hJcAi1-uuqW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/hJcAi1-uuqW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
content-md5: 9RIU8QDS6FQcM7h01mnrGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4152
x-fb-debug: hz7PFYgRekodE0mT7niDErJuUWjIb7y+v3I8KeD+fXOwrLWCZy4/ooScGR42zKWn0O/uNuPcvtV9ELJEZGt4Fg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Sep 2024 02:35:36 GMT

GET
H2 200 351477904_557582763234246_6423616462895260774_n.jpg
scontent-mxp2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 29A9 1 KB
1 KB 20ms
19ms Image
image/jpeg 157.240.203.2
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-mxp2-1.xx.fbcdn.net/v/t39.30808-1/351477904_557582763234246_6423616462895260774_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=1&ccb=1-7&_nc_sid=5fac6f&_nc_ohc=Fs_yUHZzjSAAX9p_n6V&_nc_ht=scontent-mxp2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfDwK0Kh8yV4pCrFwi8c2SGAu6q2dIjDBfH--oacwPJnqA&oe=6525FCF5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df726579ea93c24%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff19513a2ed366bc%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2FMARCROCOO%2Fvideos%2F3102455103383992&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.203.2 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 0a463de58231af9b10faa4cedb784ac776b885edf53f7f07ecc98d2ceb02238e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 14 Jun 2023 11:58:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3312321608
thrift_fmhk: GBAuXnzCbEKbSnbvDwWhi1tmFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3288705673
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1034

GET
H3 200 49WqQftGh3E.js Show response
static.xx.fbcdn.net/rsrc.php/v3iyB-4/ya/l/en_US/ Frame 29A9 712 KB
156 KB 37ms
36ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iyB-4/ya/l/en_US/49WqQftGh3E.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5b41d851aa93593af0f63230cbb62f37ddf4244d728e643ad6653adcd92ec38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: N9xbpCHYo5BwBnCdc9u/Qw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 159881
x-fb-debug: L7q/J3c8VUt5OKWOO1c/UE1xb1lCMH6Xhe2XNfwROQyVTV5SgpFdQiKsU4pomnmMPoOFqggISUexhkc/I2ii2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 02:23:18 GMT

GET
H3 200 HQACvx2w7Bv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 29A9 11 KB
3 KB 33ms
32ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/HQACvx2w7Bv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7937932b29af399dac1cfe1bd5efb3898e4d1a77351fef37f5c0be3d24d83e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: OsCUCKMOAXrsLWUcXhsbmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2748
x-fb-debug: RtkWKGrsFzlGh4bcq2XoELXVi4j0Rnq9OGJvSsI0loV0yoStf9hk5tFhUKFcVRaIjoAAcPQXcEEV8chAR9WKqQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 02:43:41 GMT

GET
H3 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 29A9 55 KB
15 KB 32ms
31ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
x-fb-debug: Ny/9Gso2Zt/ehE4sRl23t/n4d9U5ezOJ3SViN3qrL1hQxSrvomMCEnXYd5sgkEhpsCWF0jZK0X/VgXYVh0AuxQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Sat, 05 Oct 2024 02:31:05 GMT

GET
H3 200 1q-rk-wmv-W.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 29A9 341 KB
67 KB 33ms
33ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76ebac6d01f5f1082c785e59cf3ba1dd8a9f1d0d1a22dbe5589ba9161c36ab0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xR/nAuM5kAFCimaJvttegQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 68522
x-fb-debug: HAAmeWyJ/3sOd4P5l69OJMxNqsaIveoSBr855q5zQg2keTtrq1x2cl1j+jikajJENBAUBmrJnr3q/xKcxG8kWw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=1
expires: Fri, 04 Oct 2024 22:52:50 GMT

GET
H3 200 VwT8XFUPIlj.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ Frame 29A9 28 KB
6 KB 35ms
34ms Stylesheet
text/css 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/VwT8XFUPIlj.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/RBH7b7zeA6F.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7403c4009d748449b8c03d682b16a0af2824f4faf530cd2614e050dd9f59ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: npq1oPsJRt+3DPdaNvIRkw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6060
x-fb-debug: CNWei6K00ldo+wLKjQ4d4Bg//5DGMMNiP6Ywa1vyUMKYRAV6E74d6FwJSzS0pPw0+Bvn3zJ8P1WdyYnFZqbkyA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=0
expires: Thu, 03 Oct 2024 16:53:14 GMT

GET
H2 200 617293687263153.mpd Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-abr3/ Frame 29A9 11 KB
2 KB 58ms
17ms Fetch
application/dash+xml 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-abr3/617293687263153.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AfDcX96_xiLUSf2JR9KolVpVeOxTm-CyJzVRFA9KHC1w6w&oe=6522215A
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 638d59c7090d9dde786ef695f59be2cbacae011a8648d97879c3d200a3c323ab

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1696607354
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 11898136
alt-svc: h3=":443"; ma=86400
content-length: 1577
x-fb-origin-hit: 1
etag: 5660116267b7778627e9c5b6dc20ebe8
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
595 B 632ms
156ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=IT&l4=desktop&l5=5.827&cb=0.3880182977672011
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.827/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 15:49:16 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B1A 0
0 62ms
62ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJS-zfvUTX4eOyJrJtcZLexZ9Au6TmWjqviwiJVCuINqz-JNedN0LlS8eJfiwcNizbjPRqQ6h2L7H-pAVGF-kvg0WTbkGhQCe8Mzr6hUTZ3raR4FvQY8d7cbD_NTi9U6UY-jTslavOU61aGnWuAQeumzUwNXdPP9BS566earivFKODaeqz6jGTaihkT9pBrrH4hmabSPWIywosXaZ428FnB08XD7CWVYvuXJMNO4d_OBiat0ZJhbDAyfrPaiM7UAdEdDA9RK5Mz5-zhrhATcZlprUeu69KqshLi6Zzz0fBufH7meyJmFxgzF3yZIhBgEV403INwC36eit7RYKanOXTp-XaL4Uq0r-Fqf-k&sai=AMfl-YRtOpNWVuDCR5Nccab6lPQ25MiuMhtb0r1iui5kvYByWgyhq3ICt3Akj5EXMefhj7HoTUIHgr5yA9-WAg7rPwX2HQKtEtq_Qb8tpUQBvp_eRK3RsszyOp-nLcTnYLzEvmMUgeuVwMVjYwIjhow&sig=Cg0ArKJSzCf-OZfWEMQ3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 15:49:15 GMT

GET
H2 200 617293687263153_0-init.m4v Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-lp-qd-v/ Frame 29A9 657 B
1 KB 20ms
19ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-lp-qd-v/617293687263153_0-init.m4v?ms=m_C&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 4d5814d56998e79b1e45795f1f23c9d73c5174109bfed2c57bd42102e6f415f2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 657
x-fb-origin-hit: 1
etag: 212d577c5a18c970d25a3270dc5d394a
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:mxp2c01:dash-lp-qd:0644

GET
H2 200 617293687263153_0-init.m4a Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-lp-md-a/ Frame 29A9 598 B
701 B 20ms
19ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-lp-md-a/617293687263153_0-init.m4a?ms=m_C&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 650c5f605c2706575823936c7fa0ee6026089b324d5fcd2d873b96d40f5307e6

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:15 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 598
x-fb-origin-hit: 1
etag: c4cbb22b91958f0a3695597185e58514
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:mxp2c01:dash-lp-md:0636

GET
H3 200 617293687263153_0-5651.m4v Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/ Frame 29A9 41 KB
41 KB 244ms
244ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/617293687263153_0-5651.m4v?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: b95a2b69599a872727ec912f09017bdcbdba2c9bb611305ee6734e5724c2da20

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:16 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 41969
x-fb-ull-ssbwe-v3: conservative:1341548;mean:1341548;aggressive:5645504
x-fb-first-keyframe-offset: 12127
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11883137
x-fb-ull-ssbwe-v3alt: conservative:528792;conservative_median:528792;aggressive:5645504
etag: ef603a4bc8064ff9f56f06b70b0658f0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 226
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-qd:6116

GET
H3 200 617293687263153_0-5651.m4a Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/ Frame 29A9 18 KB
18 KB 127ms
126ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/617293687263153_0-5651.m4a?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 6c745b89d41d425faa0501ac8483a0f94c909dca2c42c952a6d54cdeb22caadb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:16 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 18400
x-fb-ull-ssbwe-v3: conservative:185212;mean:185212;aggressive:227784
x-fb-first-keyframe-offset: 387
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11883137
x-fb-ull-ssbwe-v3alt: conservative:142640;conservative_median:142640;aggressive:227784
etag: e2260eef22c1b29dab6d60a439c5d5b7
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 110
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-md:6001

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 8FCB 0
152 B 263ms
262ms Script
text/html 54.150.88.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=14210:98526:190021:f934709c109a9b62da1c83321865c262:21173&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.88.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-88-244.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:16 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 617293687263153_0-5652.m4a Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/ Frame 29A9 17 KB
17 KB 124ms
124ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/617293687263153_0-5652.m4a?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 4bff8c92eb694cd428b65dfea10550cd9c9301cf7f15d8cc761786048ef0be1b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:16 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17554
x-fb-ull-ssbwe-v3: conservative:1213181;mean:1213181;aggressive:5645504
x-fb-first-keyframe-offset: 352
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11885337
x-fb-ull-ssbwe-v3alt: conservative:636496;conservative_median:636496;aggressive:5645504
etag: 33f89b407a115de64cffe3b15968709a
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 107
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-md:6145

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBEC 42 B
64 B 185ms
132ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuC8DjPidX6hMMi2KHhgRaIoZqlyNA01nfNGzA0Mmxry8s9sncjieyLI7mI06ZlzR4bIWwE60khee1jSerukW1TmuNzSxk270wnfH8WIkp_bk9_4zlI9Gj3JVeR8CaN&sig=Cg0ArKJSzLMz0kgouif_EAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696607355013&rpt=173&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9652 0
20 B 126ms
126ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1874032478323&version=m202309260101&ct=119&x=1&cor=7328668145016962000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://3cba75c723be1bc3d26287bf46aad79e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 15:49:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 617293687263153_0-5652.m4v Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/ Frame 29A9 43 KB
43 KB 135ms
135ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/617293687263153_0-5652.m4v?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 9a399d139ca3baed5e9bb803aecde0d1a217e277ca727d13e386f005b145690c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:16 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 44466
x-fb-ull-ssbwe-v3: conservative:2060673;mean:2060673;aggressive:7198128
x-fb-first-keyframe-offset: 13652
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11885337
x-fb-ull-ssbwe-v3alt: conservative:1119392;conservative_median:1119392;aggressive:7198128
etag: 57f79be40a0749cf3b2837f2a1022b5d
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 118
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-qd:6465

GET
H3 200 617293687263153.mpd Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-abr3/ Frame 29A9 11 KB
2 KB 17ms
16ms Fetch
application/dash+xml 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/dash-abr3/617293687263153.mpd?ccb=2-4&ms=m_CTPA&sc_t=1&oh=00_AfDcX96_xiLUSf2JR9KolVpVeOxTm-CyJzVRFA9KHC1w6w&oe=6522215A
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 638d59c7090d9dde786ef695f59be2cbacae011a8648d97879c3d200a3c323ab

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:16 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1696607354
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 11898136
alt-svc: h3=":443"; ma=86400
content-length: 1577
x-fb-origin-hit: 1
etag: 5660116267b7778627e9c5b6dc20ebe8
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 617293687263153_0-5653.m4a Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/ Frame 29A9 18 KB
18 KB 133ms
133ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/617293687263153_0-5653.m4a?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 8050843990601d99308da7a73130edc2a088ba82bf44992c13ff39d0fc46219a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:17 GMT
x-fb-ull-ssbwe-v4: p25:12873280;p50:12873280;p75:13934320
x-fb-ull-ssbwe-v4alt: p25:12873280;p25bis:12873280;p50:12873280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17932
x-fb-ull-ssbwe-v3: conservative:2488258;mean:2488258;aggressive:13677512
x-fb-first-keyframe-offset: 427
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11887468
x-fb-ull-ssbwe-v3alt: conservative:1119392;conservative_median:1119392;aggressive:13677512
x-fb-ull-ssbwe-v4scaled: p25:9654960;p50:9654960;p75:13934320
etag: f413574d4fd760d7f9bc1d7289128d3e
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 115
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-md:7347

GET
H3 200 617293687263153_0-5654.m4a Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/ Frame 29A9 16 KB
16 KB 135ms
134ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/617293687263153_0-5654.m4a?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: 0cb0f758d95d17f17c2e8d3ace8a56223a48aacf96045868f72c8a065c69d495

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:17 GMT
x-fb-ull-ssbwe-v4: p25:12873280;p50:12873280;p75:13934320
x-fb-ull-ssbwe-v4alt: p25:12873280;p25bis:12873280;p50:12873280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 16809
x-fb-ull-ssbwe-v3: conservative:2452685;mean:2452685;aggressive:13677512
x-fb-first-keyframe-offset: 349
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11889602
x-fb-ull-ssbwe-v3alt: conservative:1034984;conservative_median:1034984;aggressive:13677512
x-fb-ull-ssbwe-v4scaled: p25:9654960;p50:9654960;p75:13934320
etag: 3fb21af7c48698b50b47c34107d40137
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 116
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-md:7505

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 79ms
78ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

781720d70848e5494c4fc57aa97c3b1854ae87c8b817ae1a6ce9105197dcecc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12055
x-xss-protection: 0

GET
H3 200 617293687263153_0-5653.m4v Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/ Frame 29A9 37 KB
37 KB 132ms
131ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/617293687263153_0-5653.m4v?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: d00d59ed7c05e4e1757c10f4e992ee39d00589db74d02c296b96ac45faa4414f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:17 GMT
x-fb-ull-ssbwe-v4: p25:12873280;p50:12873280;p75:13934320
x-fb-ull-ssbwe-v4alt: p25:12873280;p25bis:12873280;p50:12873280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 37448
x-fb-ull-ssbwe-v3: conservative:2301235;mean:2301235;aggressive:13677512
x-fb-first-keyframe-offset: 10311
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11887468
x-fb-ull-ssbwe-v3alt: conservative:920888;conservative_median:920888;aggressive:13677512
x-fb-ull-ssbwe-v4scaled: p25:9654960;p50:9654960;p75:13934320
etag: d487d0ad10c6cfbb9386c32e0ffb8564
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 115
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-qd:7640

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
46ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 15:49:17 GMT

GET
H3 200 617293687263153_0-5655.m4a Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/ Frame 29A9 17 KB
17 KB 242ms
241ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-md-a/617293687263153_0-5655.m4a?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: d9ddd14878f32b0f55718667d65b2f30d0bd872880521f8a8059f34433393e97

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:17 GMT
x-fb-ull-ssbwe-v4: p25:13934320;p50:59768200;p75:86855048
x-fb-ull-ssbwe-v4alt: p25:13934320;p25bis:13934320;p50:59768200
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17605
x-fb-ull-ssbwe-v3: conservative:2405321;mean:2405321;aggressive:13677512
x-fb-first-keyframe-offset: 318
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11891670
x-fb-ull-ssbwe-v3alt: conservative:1027704;conservative_median:1027704;aggressive:13677512
x-fb-ull-ssbwe-v4scaled: p25:10450740;p50:44826150;p75:86855048
etag: f3a14971ce52c920e1f2c73f98d2b841
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 225
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-md:7837

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8B55 13 KB
5 KB 26ms
25ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 115932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B8A 829 B
998 B 38ms
37ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

02229704df1f9cdbb03f5d2153b9f658a69f61e5ca5d824d61c18b57cc91d5b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_Vc8kNIXfizYiBeuehBsIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_Vc8kNIXfizYiBeuehBsIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 15:49:17 GMT
expires: Fri, 06 Oct 2023 15:49:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 617293687263153_0-5654.m4v Show response
video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/ Frame 29A9 41 KB
41 KB 126ms
126ms Fetch
video/mp4 157.240.203.3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-mxp2-1.xx.fbcdn.net/hvideo-nao-ldc/_nc_cat-1/_nc_sr_t-4/v/rASeO3YZdGnlDfRWjtrX6lqpurdO74yiI4vNtcCqyJ5JAmw/_nc_ohc-M5MhNBukBF4AX-W0yS1/live-dash/ID/dash-lp-qd-v/617293687263153_0-5654.m4v?ms=m_C&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1q-rk-wmv-W.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.240.203.3 Cornaredo, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-01-mxp2.fbcdn.net
Software: /
Resource Hash: e7f1f2724879c13c7554190374ae8d39089b5f2ae84ff38d88d70418d38c6083

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 15:49:17 GMT
x-fb-ull-ssbwe-v4: p25:12873280;p50:13934320;p75:86855048
x-fb-ull-ssbwe-v4alt: p25:12873280;p25bis:12873280;p50:13934320
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 42226
x-fb-ull-ssbwe-v3: conservative:2483486;mean:2483486;aggressive:13677512
x-fb-first-keyframe-offset: 9075
x-fb-origin-hit: 1
x-fb-segment-pts-start: 11889602
x-fb-ull-ssbwe-v3alt: conservative:1027704;conservative_median:1027704;aggressive:13677512
x-fb-ull-ssbwe-v4scaled: p25:9654960;p50:10450740;p75:86855048
etag: 166c6c4d8ba68ef0c8cb65ba606f8cc4
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 109
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:mxp2c01:dash-lp-qd:7773

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B55 37 KB
14 KB 26ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS